Page 329 of 2413 results (0.011 seconds)

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app. Las APIs de extensiónTen el kernel en Apple iOS anterior a 8.1.3, Apple OS X anterior a 10.10.2, y Apple TV anterior a 7.0.3 no previene la presencia de direcciones dentro de una clave OSBundleMachOHeaders en una respuesta, lo que facilita a atacantes evadir el mecanismo de protección ASLR a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://www.securitytracker.com/id/1031650 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app. IOAcceleratorFamily en Apple iOS anterior a 8.1.3, Apple OS X anterior a 10.10.2, y Apple TV anterior a 7.0.3 no maneja correctamente las listas de recursos y los tipos de cliente usuario de IOService, lo que permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (referencia a puntero nulo) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://support.apple.com/HT204245 http://support.apple.com/HT204246 •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows attackers to execute arbitrary code in a privileged context via a crafted app. Desbordamiento de buffer en IOHIDFamily en Apple iOS anterior a 8.1.3, Apple OS X anterior a 10.10.2, y Apple TV anterior a 7.0.3 permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://www.securitytracker.com/id/1031650 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0

IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly validate resource-queue metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app. IOHIDFamily en Apple iOS anterior a 8.1.3, Apple OS X anterior a 10.10.2, y Apple TV anterior a 7.0.3 no valida correctamente los metadatos de la cola de recursos, lo que permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://www.securitytracker.com/id/1031650 • CWE-19: Data Processing Errors •

CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0

IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly initialize event queues, which allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. IOHIDFamily en Apple iOS anterior a 8.1.3, Apple OS X anterior a 10.10.2, y Apple TV anterior a 7.0.3 no inicializa correctamente las colas de eventos, lo que permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (referencia a puntero nulo) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://www.securitytracker.com/id/1031650 •