About the security content of iCloud for Windows 7.19 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

ImageIO component buffer overflow vulnerability in multiple Apple products (CNVD-2020-34935)

Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple macOS Catalina is a specialized operating system developed for Mac computers. imageIO is one of the components that reads and writes image data. ImageIO is a component that reads...

About the security content of iTunes 12.10.7 for Windows - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

About the security content of iCloud for Windows 11.2

About the security content of iCloud for Windows 11.2 This document describes the security content of iCloud for Windows 11.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

About the security content of iCloud for Windows 7.19

About the security content of iCloud for Windows 7.19 This document describes the security content of iCloud for Windows 7.19. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

KLA11790 Multiple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, execute arbitrary code, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. A logic vulnerability in...

About the security content of iTunes 12.10.7 for Windows

About the security content of iTunes 12.10.7 for Windows This document describes the security content of iTunes 12.10.7 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

KLA11791 Multiple vulnerabilities in Apple iTunes

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. A logic vulnerability in...

Fuzzing ImageIO

Posted by Samuel Groß, Project Zero This blog post discusses an old type of issue, vulnerabilities in image format parsers, in a newer context: on interactionless code paths in popular messenger apps. This research was focused on the Apple ecosystem and the image parsing API provided by it: the...

About the security content of iCloud for Windows 10.9.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

macOS/iOS ImageIO - Heap Corruption when Processing Malformed TIFF Image

The attached tiff image causes a crash in ImageIO on the latest macOS and iOS. To reproduce the issue, the attached code tester.m can be used. I've attached another code snippet to reproduce the issue on iOS as well. With tester.m compiled with ASAN, processing the attached tiff image should cras...

macOS / iOS ImageIO - Heap Corruption when Processing Malformed TIFF Image Exploit

The attached tiff image causes a crash in ImageIO on the latest macOS and iOS. To reproduce the issue, the attached code tester.m can be used. I've attached another code snippet to reproduce the issue on iOS as well. With tester.m compiled with ASAN, processing the attached tiff image should cras...

macOSiOS ImageIO - Heap Corruption when Processing Malformed TIFF Image

macOSiOS ImageIO - Heap Corruption when Processing Malformed TIFF Image The attached tiff image causes a crash in ImageIO on the latest macOS and iOS. To reproduce the issue, the attached code tester.m can be used. I've attached another code snippet to reproduce the issue on iOS as well. With...

About the security content of iOS 13.3.1 and iPadOS 13.3.1

About the security content of iOS 13.3.1 and iPadOS 13.3.1 This document describes the security content of iOS 13.3.1 and iPadOS 13.3.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

About the security content of iCloud for Windows 7.17

About the security content of iCloud for Windows 7.17 This document describes the security content of iCloud for Windows 7.17. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

KLA11651 Multiple vulnerabilities in Apple iTunes

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, perform cross-site scripting attack, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Multiple memory corruption...

KLA11650 Multiple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, perform cross-site scripting attack, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Multiple memory corruption...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2017-1151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1207)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1208)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...