CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-7610 – Apple Safari RenderObject Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7610
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. • http://www.securityfocus.com/bid/94907 http://www.securitytracker.com/id/1037459 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207421 https://support.apple.com/HT207422 https://support.apple.com/HT207424 https://support.apple.com/HT207427 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-7611 – Apple Safari HTMLLabelElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7611
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. • http://www.securityfocus.com/bid/94907 http://www.securitytracker.com/id/1037459 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207421 https://support.apple.com/HT207422 https://support.apple.com/HT207424 https://support.apple.com/HT207427 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7616 – Apple OS X IOKit Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-7616
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Disk Images" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra al componente "Disk Images". • http://www.securityfocus.com/bid/94905 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207422 https://support.apple.com/HT207423 https://support.apple.com/HT207487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7634
https://notcve.org/view.php?id=CVE-2016-7634
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Accessibility" component, which accepts spoken passwords without considering that they are locally audible. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Accessibility", que acepta contraseñas habladas sin considerar que son localmente audibles. • http://www.securityfocus.com/bid/94850 http://www.securitytracker.com/id/1037429 https://support.apple.com/HT207422 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7651
https://notcve.org/view.php?id=CVE-2016-7651
An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3.1.1 is affected. The issue involves the "Accounts" component, which allows local users to bypass intended authorization restrictions by leveraging the mishandling of an app uninstall. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. watchOS en versiones anteriores a 3.1.1 está afectado. El problema involucra al componente "Accounts", que permite a usuarios locales eludir las restricciones destinadas a autorización aprovechando el manejo incorrecto de una app de desinstalación. • http://www.securityfocus.com/bid/94851 http://www.securitytracker.com/id/1037429 https://lists.apple.com/archives/security-announce/2016/Dec/msg00001.html https://support.apple.com/HT207422 https://support.apple.com/HT207487 • CWE-285: Improper Authorization •