Code injection

The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library...

CVE-2015-3715

The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library...

CVE-2015-3715

The CVE-2015-3715 entry describes a code-signing bypass in Apple OS X before 10.10.4, where libraries loaded outside an application bundle are not properly vetted, allowing bypass of launch restrictions. Affected product: macOS OS X prior to 10.10.4. Root cause: code-signing checks do not verify ...

Apple MAC OS X Code Signing Check Bypass Vulnerability

Apple Mac OS X is a commercial operating system. Apple Mac OS X code signing fails to verify libraries loaded outside of the application bundle, allowing attackers to exploit vulnerabilities to run malicious applications and bypass code signing...

Bypassing OSX Security Tools is Trivial, Researcher Says

SAN FRANCISCO–For years, Apple has enjoyed a pretty good reputation among users for the security of its products. That halo has been enhanced by the addition of new security features such as Gatekeeper and XProtect to OS X recently, but one researcher said that all of those protections are simple...

CVE-2015-1146

The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145...

CVE-2015-1145

The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146...

Code injection

The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146...

Code injection

The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145...

CVE-2015-1146

The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145...

CVE-2015-1146

The CVE-2015-1146 entry concerns Apple OS X before 10.10.3 where the Code Signing implementation does not properly validate signatures, enabling a local attacker to bypass access restrictions via a crafted bundle. Impact is local privilege escalation through signature bypass. The connected NVD en...

CVE-2015-1145

The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146...

CVE-2015-1145

CVE-2015-1145 affects Apple OS X before 10.10.3. The vulnerability lies in the Code Signing implementation, which does not properly validate signatures, allowing a local user to bypass intended access restrictions via a crafted bundle. This is a local-privilege-impact scenario described in the co...

Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)

The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.3. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - Apache - ATS - Certificate Trust Policy - CFNetwork HTTPProtocol - CFNetwork Session - CFURL - CoreAnimation -...

Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)

The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-004. It is, therefore, affected multiple vulnerabilities in the following components : - Apache - ATS - Certificate Trust Policy - CoreAnimation - FontParser - Graphics Driver - ImageIO -...

Apple TV < 7.0.2 Multiple Vulnerabilities

Binary data 8939.prm...

MS KB3033929: Availability of SHA-2 Code Signing Support for Windows 7 and Windows Server 2008 R2

The remote host is missing Microsoft KB3033929, an update that improves cryptography and digital certificate handling in Windows 7 and Windows Server 2008 R2. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid81731; scriptversion"1.3"; scriptcvsdate"Date: 2018/11/15...

Apple iOS 8.x < 8.1.1 Multiple Vulnerabilities.

Binary data 8940.prm...

CVE-2014-4455

dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file...

Code injection

dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file...