298 matches found
Memory corruption
IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption and application crash via a malformed plist...
Integer overflow
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls...
CVE-2015-3776
CVE-2015-3776 is an IOKit plist memory-corruption vulnerability in Apple iOS < 8.4.1 and OS X
CVE-2015-3776
IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption and application crash via a malformed plist...
Apple iOS < 8.4.1 Multiple Vulnerabilities
Binary data appleios841check.nbin...
CVE-2015-1086
Apple iOS vulnerability CVE-2015-1086 affects the Audio Drivers subsystem due to improper validation of IOKit object metadata, allowing a crafted app to execute arbitrary code with system privileges. Affected products include iOS prior to 8.3 and Apple TV prior to 7.2. Root cause: metadata valida...
Apple TV < 7.2 Multiple Vulnerabilities
According to its banner, the remote Apple TV device is a version prior to 7.2. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption vulnerabilities exist in WebKit due to improperly validated user-supplied input. A remote attacker, using a specially crafted...
Apple OS X IOKit IOHIDSecurePromptClient Heap Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within IOKit IOHIDSecurePromptClien...
Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)
The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. This update contains several security-related fixes for the following components : - bash - Bluetooth - CFNetwork Cache - CommerceKit Framework - CoreGraphics - CoreSymbolication - CPU Software - FontParser...
Google reveals 3 Apple OS X Zero-day Vulnerabilities
After exposing three critical zero-day vulnerabilities in Microsoft's Windows operating systems, Google's Project Zero vulnerability research program has revealed the existence of three more zero-day vulnerabilities, but this time, on Apple's OS X platform. The team has published three zero-day...
OS X 10.9.5 IOKit IntelAccelerator NULL Pointer Dereference
// clang -o ig23exploit ig23exploit.c -framework IOKit -framework CoreFoundation -m32 -DFORTIFYSOURCE=0 // ianbeer include include include include include include include include uint64t kernelsymbolchar sym char cmd1024; strcpycmd, "nm -g /machkernel | grep "; strcatcmd, sym; strcatcmd, " | cut...
OS X 10.10 IOKit IntelAccelerator NULL Pointer Dereference
include include include include include int main kernreturnt err; CFMutableDictionaryRef matching = IOServiceMatching"IntelAccelerator"; if!matching printf"unable to create service matching dictionary\n"; return 0; ioiteratort iterator; err = IOServiceGetMatchingServiceskIOMasterPortDefault,...
Apple Mac OSX 10.10 - IOKit IntelAccelerator Null Pointer Dereference
Apple Mac OSX 10.10 - IOKit IntelAccelerator Null Pointer Dereference include include include include include int main kernreturnt err; CFMutableDictionaryRef matching = IOServiceMatching"IntelAccelerator"; if!matching printf"unable to create service matching dictionary\n"; return 0; ioiteratort...
OS X 10.9.5 IOKit IntelAccelerator NULL Pointer Dereference
Exploit for iOS platform in category local exploits // clang -o ig23exploit ig23exploit.c -framework IOKit -framework CoreFoundation -m32 -DFORTIFYSOURCE=0 // ianbeer include include include include include include include include uint64t kernelsymbolchar sym char cmd1024; strcpycmd, "nm -g...
OS X 10.10 IOKit IntelAccelerator NULL Pointer Dereference Exploit
Exploit for macOS platform in category dos / poc include include include include include int main kernreturnt err; CFMutableDictionaryRef matching = IOServiceMatching"IntelAccelerator"; if!matching printf"unable to create service matching dictionary\n"; return 0; ioiteratort iterator; err =...
Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference
Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference // clang -o ig23exploit ig23exploit.c -framework IOKit -framework CoreFoundation -m32 -DFORTIFYSOURCE=0 // ianbeer include include include include include include include include uint64t kernelsymbolchar sym char cmd1024;...
Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference
// clang -o ig23exploit ig23exploit.c -framework IOKit -framework CoreFoundation -m32 -DFORTIFYSOURCE=0 // ianbeer include include include include include include include include uint64t kernelsymbolchar sym char cmd1024; strcpycmd, "nm -g /machkernel | grep "; strcatcmd, sym; strcatcmd, " | cut...
Apple Mac OSX 10.10 - IOKit IntelAccelerator Null Pointer Dereference
include include include include include int main kernreturnt err; CFMutableDictionaryRef matching = IOServiceMatching"IntelAccelerator"; if!matching printf"unable to create service matching dictionary\n"; return 0; ioiteratort iterator; err = IOServiceGetMatchingServiceskIOMasterPortDefault,...
Apple Mac OSX 10.10 - BlueTooth TransferACLPacketToHW Crash (PoC)
/ crash-issue3.c: Written for Mac OS X Yosemite 10.10 by @rpaleari and @joystick. Exploits a missing check in IOBluetoothHCIController::TransferACLPacketToHW to trigger a panic. gcc -Wall -o crash-issue3,.c -framework IOKit / include include include include include include struct BluetoothCall...
Apple Mac OSX 10.10 - BlueTooth BlueToothHCIChangeLocalName Crash (PoC)
Apple Mac OSX 10.10 - BlueTooth BlueToothHCIChangeLocalName Crash PoC / crash-issue2.c: Written for Mac OS X Yosemite 10.10 by @rpaleari and @joystick. Triggers a panic overwriting a stackcanary. gcc -Wall -o crash-issue2,.c -framework IOKit / include include include include include include struc...