This issue was addressed through additional bounds checking. Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code executionĭescription: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. Impact: A malicious application may be able to execute arbitrary code with kernel privilegesĬVE-2016-4633 : Marco Grassi of KeenLab TencentĬVE-2016-4626 : Stefan Esser of SektionEinsĭescription: A use-after-free was addressed through improved memory management.ĬVE-2016-4625 : Ian Beer of Google Project ZeroĬVE-2016-1863 : Ian Beer of Google Project ZeroĬVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan TeamĬVE-2016-1865 : Marco Grassi of KeenLab Tencent, CESG Impact: Processing a maliciously crafted image may lead to arbitrary code executionĬVE-2016-7705 : Craig Young of Tripwire VERT Impact: A remote attacker may be able to cause a denial of serviceĭescription: A memory consumption issue was addressed through improved memory handling.ĬVE-2016-4631 : Tyler Bohan of Cisco Talos (/vulnerability-reports) These issues were addressed through improved FaceTime display logic.ĭescription: A memory corruption issue was addressed through improved input validation.ĬVE-2016-4634 : Stefan Esser of SektionEinsĭescription: Multiple memory corruption issues were addressed through improved memory handling.ĬVE-2016-4629 : Tyler Bohan of Cisco Talos (/vulnerability-reports)ĬVE-2016-4630 : Tyler Bohan of Cisco Talos (/vulnerability-reports) Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminatedĭescription: User interface inconsistencies existed in the handling of relayed calls. This was addressed through improved input validation.ĬVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day InitiativeĪvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and laterĬVE-2016-4637 : Tyler Bohan of Cisco Talos (/vulnerability-reports) Impact: A local user may be able to elevate privilegesĭescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This issue was addressed through improved warnings.ĬVE-2016-4642 : Jerry Decime coordinated via CERT ![]() Impact: An application may unknowingly send a password unencrypted over the networkĭescription: Proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved response validation.ĬVE-2016-4643 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University Jerry Decime coordinated via CERT This issue was addressed by storing the authentication types with the credentials.ĬVE-2016-4644 : Jerry Decime coordinated via CERTĭescription: A validation issue existed in the parsing of 407 responses. Impact: An attacker in a privileged network position may be able to leak sensitive user informationĭescription: A downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed through improved restrictions.ĬVE-2016-4645 : Abhinav Bansal of Zscaler Inc.Īvailable for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user informationĭescription: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved bounds checking. Impact: A local attacker may be able to cause unexpected application termination or arbitrary code executionĭescription: An integer overflow existed in bspatch. Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user informationĭescription: An out-of-bounds read was addressed through improved bounds checking.ĬVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative Impact: A local user may be able to determine kernel memory layoutĭescription: An out-of-bounds read was addressed through improved input validation.ĬVE-2016-4648 : Juwei of Trend Micro Jack Tang and Moony Li of Trend Micro working with Trend Micro's Zero Day Initiative Impact: A local user may be able to execute arbitrary code with kernel privilegesĭescription: A memory corruption issue was addressed through improved memory handling. Impact: A local user may be able to cause a system denial of serviceĭescription: A null pointer dereference was addressed through improved input validation. These were addressed by updating PHP to version 5.5.36.Īvailable for: OS X El Capitan v10.11 and later ![]() Impact: A remote attacker may be able to execute arbitrary codeĭescription: Multiple issues existed in PHP versions prior to 5.5.36. Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |