CVE-2018-4478
https://notcve.org/view.php?id=CVE-2018-4478
A validation issue was addressed with improved logic. This issue is fixed in macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan. An attacker with physical access to a device may be able to elevate privileges. Se abordó un problema de comprobación con una lógica mejorada. Este problema es corregido en macOS High Sierra versión 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan. • https://support.apple.com/en-us/HT208849 • CWE-269: Improper Privilege Management •
CVE-2017-13909
https://notcve.org/view.php?id=CVE-2017-13909
An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens. Se presentó un problema en el almacenamiento de tokens confidenciales. • https://support.apple.com/en-us/HT208144 • CWE-922: Insecure Storage of Sensitive Information •
CVE-2017-13892
https://notcve.org/view.php?id=CVE-2017-13892
An issue existed in the handling of Contact sharing. This issue was addressed with improved handling of user information. This issue is fixed in macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan. Sharing contact information may lead to unexpected data sharing. Se presentó un problema en el manejo del uso Compartido de Contactos. • https://support.apple.com/en-us/HT208331 •
CVE-2017-13835
https://notcve.org/view.php?id=CVE-2017-13835
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13. An application may be able to execute arbitrary code with elevated privileges. Se abordó un problema de corrupción de memoria con un manejo de la memoria mejorada. Este problema es corregido en macOS High Sierra versión 10.13. • https://support.apple.com/en-us/HT208144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-13905
https://notcve.org/view.php?id=CVE-2017-13905
A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges. Se abordó una condición de carrera con una comprobación adicional. Este problema es corregido en tvOS versión 11.2, iOS versión 11.2, macOS High Sierra versión 10.13.2, Security Update 2017-002 Sierra y Security Update 2017-005 El Capitan, watchOS versión 4.2. • https://support.apple.com/en-us/HT208325 https://support.apple.com/en-us/HT208327 https://support.apple.com/en-us/HT208331 https://support.apple.com/en-us/HT208334 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •