18 matches found
EUVD-2015-1278
Malware in sbrugna...
EUVD-2015-1281
Malware in sbrugna...
VulnCheck KEV: CVE-2015-1130
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges...
Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow
Source: https://code.google.com/p/google-security-research/issues/detail?id=467 There is a heap overflow in daeElement::setElementName. The vulnerable method uses a fixed size 128 bytes heap-allocated buffer to copy the name of an arbitrary element. By setting the name of the element to something...
Immunity Canvas: OSX_DYLD_PRINT_TO_FILE
Name| osxdyldprinttofile ---|--- CVE| CVE-2015-3760 Exploit Pack| CANVAS Description| OS X DYLDPRINTTOFILE local privilege escalation Notes| Repeatability: Multiple Times Notes: Tested on: - 10.10.3 VENDOR: Apple CVE Url: https://vulners.com/cve/CVE-2015-3760 CVE Name: CVE-2015-3760...
Apple OS X Entitlements Rootpipe Privilege Escalation
This module exploits the rootpipe vulnerability and bypasses Apple's initial fix for the issue by injecting code into a process with the 'admin.writeconfig' entitlement. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
Apple Mac OSX 10.10.3 (Yosemite) Safari 8.0.x - Crash (PoC)
!/usr/bin/php ?php Title : Safari 8.0.X / OS X Yosemite 10.10.3 Crash Proof Of Concept Product Website: https://www.apple.com/safari/ Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Website : www.reza.es Twitter :...
Apple Mac OS X Multiple Vulnerabilities-01 (Apr 2015)
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple OS X present in the system can enhance the root access API Backdoor-vulnerability warning-the black bar safety net
0x00 summary Apple OS X system Admin framework presence can elevate the root permissions of the API to the back door, and has been in existence for many years, at least from the 2 0 1 1 years. I was in 2 0 1 4 years 1 0 months to discover he can be used to have any user permissions elevated to ro...
CVE-2015-1141
The machvmread functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service system crash via unspecified vectors...
CVE-2015-1136
Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex...
Buffer overflow
Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors...
Design/Logic Flaw
fontd in Apple Type Services ATS in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135...
Design/Logic Flaw
fontd in Apple Type Services ATS in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1135...
CVE-2015-1139
CVE-2015-1139 affects Apple OS X ImageIO prior to 10.10.3. A crafted SGI image can cause remote code execution or memory corruption, leading to arbitrary code or DoS. Affected: ImageIO component on macOS prior to 10.10.3. Root cause: memory corruption in SGI parsing. Remediation: update to macOS ...
CVE-2015-1105
CVE-2015-1105 affects Apple’s kernel TCP handling: the Urgent (out-of-band) data mechanism is not properly implemented in iOS before 8.3, OS X before 10.10.3, and Apple TV before 7.2. This results in a remote denial-of-service via crafted packets. The available description states the vulnerabilit...
Apple Yosemite 10.10.3 OS Security Patches
Apple on Wednesday released close to 80 security updates for OS X, including remote code execution vulnerabilities in a dozen components that were patched in Yosemite 10.10.3. The OS X update was released the same day as an extensive update in iOS 8.3 that patched three dozen code execution and...
APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004 OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address the following: Admin Framework Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A process may gain...