CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1800
https://notcve.org/view.php?id=CVE-2016-1800
Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. Captive Network Assistant en Apple OS X en versiones anteriores a 10.11.5 no maneja correctamente un esquema de URL personalizado, lo que permite a atacantes remotos asistidos por un usuario ejecutar código arbitrario a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1806 – Apple OS X SubmitDiagInfo Arbitrary Directory Creation Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1806
Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app. Crash Reporter en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una app manipulada. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the com.apple.SubmitDiagInfo service. The issue lies in the failure to validate a user-supplied path prior to creating a directory. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 http://www.zerodayinitiative.com/advisories/ZDI-16-346 https://support.apple.com/HT206567 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1809
https://notcve.org/view.php?id=CVE-2016-1809
Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors. Disk Utility en Apple OS X en versiones anteriores a 10.11.5 utiliza claves de cifrado incorrectas para las imágenes de disco, lo que tiene un impacto y vectores de ataque no especificados. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1842
https://notcve.org/view.php?id=CVE-2016-1842
MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. MapKit en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5 y watchOS en versiones anteriores a 2.2.1 no utiliza HTTPS para los enlaces compartidos, lo que permite a atacantes remotos obtener información sensible husmeando la red en busca de tráfico HTTP. • http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securitytracker.com/id/1035890 https://support.apple.com/HT206566 https://support.apple.com/HT206567 https://support.apple.com/HT206568 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 0CVE-2016-1835 – libxml2: Heap use-after-free in xmlSAX2AttributeNs
https://notcve.org/view.php?id=CVE-2016-1835
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document. Vulnerabilidad de uso después de liberación de memoria en la función xmlSAX2AttributeNs en libxml2 en versiones anteriores a 2.9.4, como se utiliza en Apple iOS en versiones anteriores a 9.3.2 y OS X en versiones anteriores a 10.11.5, permite a atacantes remotos provocar una denegación de servicio a través de un documento XML manipulado. • http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •