713 matches found
Apple iOS Code Signature Bypass Vulnerability (CNVD-2015-05539)
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability exists in Apple iOS that allows a local attacker to execute unsigned code by exploiting a code signing flaw...
CVE-2015-3806
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file...
CVE-2015-3805
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802...
CVE-2015-3803
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file...
CVE-2015-3802
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805...
Design/Logic Flaw
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805...
Design/Logic Flaw
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802...
Design/Logic Flaw
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file...
Design/Logic Flaw
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file...
APPLE-SA-2015-08-13-3 iOS 8.4.1
APPLE-SA-2015-08-13-3 iOS 8.4.1 iOS 8.4.1 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem...
CVE-2015-3806
CVE-2015-3806 affects Apple iOS before 8.4.1 and OS X before 10.10.5. It describes a code-signing bypass where unsigned or tampered code could be appended to a crafted executable, enabling bypass of protection and potentially executing code. The Apple security content indicates this was addressed...
CVE-2015-3805
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802...
CVE-2015-3803
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file...
CVE-2015-3806
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file...
CVE-2015-3802
CVE-2015-3802 affects Apple iOS before 8.4.1 and OS X before 10.10.5, where a crafted Mach-O file could bypass the code-signing protection mechanism. The vulnerability is local (no user interaction required per CVSS data) and historically part of Apple’s TV/Apple ecosystem bundle of fixes. The co...
CVE-2015-3805
CVE-2015-3805 is a local code-signing bypass in Apple products where a crafted Mach‑O file could allow unsigned code execution. The initial description cites iOS < 8.4.1 and OS X
CVE-2015-3802
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805...
CVE-2015-3803
The CVE-2015-3803 entry concerns Apple iOS pre-8.4.1 and OS X pre-10.10.5, where a local user could bypass code-signing protections via a crafted multi-architecture Mach-O executable. The root cause is a validation issue in how Mach-O files were handled, allowing unsigned or improperly signed cod...
Apple iOS < 8.4.1 Multiple Vulnerabilities
Binary data appleios841check.nbin...
CVE-2015-3715
The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library...