CVE-2016-1745
https://notcve.org/view.php?id=CVE-2016-1745
IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. IOFireWireFamily in Apple OS X en versiones anteriores a 10.11.4 permite a usuarios locales causar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://www.securitytracker.com/id/1035363 https://support.apple.com/HT206167 •
CVE-2016-1759
https://notcve.org/view.php?id=CVE-2016-1759
The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El kernel en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://www.securitytracker.com/id/1035363 https://support.apple.com/HT206167 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-1764
https://notcve.org/view.php?id=CVE-2016-1764
The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL. La implementación de Content Security Policy (CSP) en Mensajes en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes remotos obtener información sensibles a través de una URL javascript:. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://www.securitytracker.com/id/1035363 https://support.apple.com/HT206167 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-1743 – Apple Intel HD 3000 Graphics Driver 10.0.0 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-1743
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1744. El controlador Intel en el subsistema Graphics Drivers en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada, una vulnerabilidad diferente a CVE-2016-1744. Apple Intel HD 3000 graphics driver version 10.0.0 suffers from a local privilege escalation vulnerability. • https://www.exploit-db.com/exploits/39675 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://www.securitytracker.com/id/1035363 https://support.apple.com/HT206167 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-1770
https://notcve.org/view.php?id=CVE-2016-1770
The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user-confirmation requirement and trigger a dialing action via a tel: URL. El componente Reminders en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes eludir un requisito destinado a la confirmación de usuario y desencadenar una acción de llamada a través de una URL tel:. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://www.securitytracker.com/id/1035363 https://support.apple.com/HT206167 • CWE-284: Improper Access Control •