![]() Impact: Processing a maliciously crafted webpage may result in the mounting of a disk imageĭescription: A logic issue was addressed with improved restrictions.ĬVE-2017-13890: Apple, Theodor Ragnar Gislason of Syndis Impact: Processing a maliciously crafted font file may lead to arbitrary code executionĭescription: A memory consumption issue was addressed with improved memory handling.ĬVE-2017-13825: Australian Cyber Security Centre – Australian Signals DirectorateĮntry added October 31, 2017, updated November 16, 2018 ![]() Impact: An application may be able to read restricted memoryĬVE-2017-13821: Australian Cyber Security Centre – Australian Signals Directorateĭescription: An out-of-bounds read was addressed by updating to Opus version 1.1.4.ĬVE-2017-0381: V.E.O of Mobile Threat Research Team, Trend Micro Impact: An attacker in a privileged network position may be able to cause a denial of serviceĬVE-2017-7083: Abhinav Bansal of Zscaler Inc. Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2017-13829: Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day InitiativeĬVE-2017-13833: Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day Initiative This issue was addressed with improved visibility of the captive portal browser security state.ĬVE-2017-7143: Matthew Green of Johns Hopkins University Impact: A local user may unknowingly send a password unencrypted over the networkĭescription: The security state of the captive portal browser was not obvious. ![]() Impact: Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code executionĭescription: A memory consumption issue was addressed through improved memory handling.ĬVE-2017-13807: Yangkang of Qihoo 360 Qex Team Impact: Processing a maliciously crafted font may result in the disclosure of process memoryĭescription: A memory corruption issue was addressed with improved input validation. Impact: An application may be able to cause a denial of serviceĭescription: Multiple denial of service issues were addressed through improved memory handling.ĬVE-2017-7074: Daniel Jalkut of Red Sweater Software This issue was addressed through improved handling of firewall settings during upgrades.Īvailable for: OS X Mountain Lion 10.8 and later Impact: A previously denied application firewall setting may take effect after upgradingĭescription: An upgrade issue existed in the handling of firewall settings. Impact: Decompiling an AppleScript with osadecompile may lead to arbitrary code executionĭescription: A validation issue was addressed with improved input sanitization. This issue was addressed by placing the tokens in Keychain. ![]() Impact: A local attacker may gain access to iCloud authentication tokensĭescription: An issue existed in the storage of sensitive tokens. These were addressed by updating Apache to version 2.4.25.Įntry added October 31, 2017, updated December 14, 2018 Impact: An attacker may be able to exploit weaknesses in TLS 1.0ĭescription: A protocol security issue was addressed by enabling TLS 1.1 and TLS 1.2.ĬVE-2017-13832: Doug Wussler of Florida State UniversityĮntry added October 31, 2017, updated November 10, 2017ĭescription: Multiple issues existed in Apache. Available for: OS X Mountain Lion 10.8 and later
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |