CVE-2016-0801 – Google Android Broadcom Wi-Fi Driver - Memory Corruption
https://notcve.org/view.php?id=CVE-2016-0801
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029. El controlador Broadcom Wi-Fi en el kernel en Android 4.x en versiones anteriores a 4.4.4, 5.x en versiones anteriores a 5.1.1 LMY49G y 6.x en versiones anteriores a 2016-02-01 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un paquete de mensajes de control inalámbricos manipulado, también conocido como error interno 25662029. • https://www.exploit-db.com/exploits/39801 https://github.com/abdsec/CVE-2016-0801 https://github.com/zsaurus/CVE-2016-0801-test http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://source.android.com/security/bulletin/2016-02-01.html http • CWE-20: Improper Input Validation •
CVE-2016-1729
https://notcve.org/view.php?id=CVE-2016-1729
Untrusted search path vulnerability in OSA Scripts in Apple OS X before 10.11.3 allows attackers to load arbitrary script libraries via a quarantined application. Vulnerabilidad en la búsqueda de ruta no confiable en OSA Scripts en Apple OS X en versiones anteriores a 10.11.3 permite a atacantes cargar librerías de secuencias de comandos arbitrarias a través de una aplicación en cuarentena. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html http://www.securitytracker.com/id/1034736 https://support.apple.com/HT205731 •
CVE-2016-1718 – Apple OS X IOAcceleratorFamily2 Out-Of-Bounds Indexing Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1718
The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. La interfaz IOAcceleratorFamily2 en IOAcceleratorFamily en Apple OS X en versiones anteriores a 10.11.3 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. This vulnerability allows local attackers to elevate privileges on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the IOAcceleratorFamily2 interface. The issue lies in the failure to properly test a user-supplied index to ensure it is within the bounds of an array. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html http://www.securitytracker.com/id/1034736 http://zerodayinitiative.com/advisories/ZDI-16-020 https://support.apple.com/HT205731 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-1716
https://notcve.org/view.php?id=CVE-2016-1716
AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. AppleGraphicsPowerManagement en Apple OS X en versiones anteriores a 10.11.3 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html http://www.securitytracker.com/id/1034736 https://support.apple.com/HT205731 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-1717
https://notcve.org/view.php?id=CVE-2016-1717
The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. El componente Disk Images en Apple iOS en versiones anteriores a 9.2.1, OS X en versiones anteriores a 10.11.3 y tvOS en versiones anteriores a 9.1.1 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://www.securitytracker.com/id/1034736 https://support.apple.com/HT205729 https://support.apple.com/HT205731 https://support.apple.com/HT205732 https://support.apple.com/HT206168 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •