CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2016-1813 – Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource
https://notcve.org/view.php?id=CVE-2016-1813
The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. El método IOAccelSharedUserClient2::page_off_resource en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a 2.2.1 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (referencia a puntero NULL) a través de una app manipulada. • https://www.exploit-db.com/exploits/39924 http://lists.apple.com/archives/security-announce/2016/May/msg00001.html http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://packetstormsecurity.com/files/137400/OS-X-IOAccelSharedUserClient2-page_off_resource-NULL-Pointer-Dereference.html http://www.securityfocus.com/bid/90694 http:// • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2016-1819 – Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
https://notcve.org/view.php?id=CVE-2016-1819
Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1817 and CVE-2016-1818. Vulnerabilidad de uso después de liberación de memoria en el método IOAccelContext2::clientMemoryForType en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a 2.2.1 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada, una vulnerabilidad diferente a CVE-2016-1817 y CVE-2016-1818. The OS X kernel suffers from a use-after-free vulnerability due to bad locking in IOAcceleratorFamily2. • https://www.exploit-db.com/exploits/39928 http://lists.apple.com/archives/security-announce/2016/May/msg00001.html http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://packetstormsecurity.com/files/137396/OS-X-Kernel-Use-After-Free-From-IOAcceleratorFamily2-Bad-Locking.html http://www.securityfocus.com/bid/90694 http://www • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2016-1823 – Apple Mac OSX Kernel - Out-of-Bounds Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
https://notcve.org/view.php?id=CVE-2016-1823
The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDReportType enum, which triggers an incorrect cast, a different vulnerability than CVE-2016-1824. La función IOHIDDevice::handleReportWithTime en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a 2.2.1 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (lectura fuera de rango y corrupción de memoria) a través de una enumeración IOHIDReportType manipulada, lo que desencadena una proyección incorrecta, una vulnerabilidad diferente a CVE-2016-1824. • https://www.exploit-db.com/exploits/39927 http://lists.apple.com/archives/security-announce/2016/May/msg00001.html http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html http://www.securityfocus.com/bid/90698 http://www.securitytracker.com& • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 1CVE-2016-1840 – libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup
https://notcve.org/view.php?id=CVE-2016-1840
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. Desbordamiento del buffer basado en memoria dinámica en la función xmlFAParsePosCharGroup en libxml2 en versiones anteriores a 2.9.4, como se utiliza en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a 2.2.1, permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un documento XML manipulado. • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1847
https://notcve.org/view.php?id=CVE-2016-1847
OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. OpenGL, como se utiliza en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a 2.2.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90691 http://www.securitytracker.com/id/1035890 https://support.apple.com/HT206564 https://support.apple.com/HT206566 https://support.apple.com/HT206567 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •