Mac OS X 10.x < 10.12.4 Multiple Vulnerabilities

Binary data 700032.prm...

Apple macOS ImageIO JPEG Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JPEG...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the ImageIO component in the Mac OS X operating system arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure e.g., termination of the...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the ImageIO component in the Mac OS X operating system arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure termination of the application by using a...

The vulnerability of the Mac OS X and iOS operating systems allows a perpetrator to trigger a service failure or obtain confidential information from the process memory.

The vulnerability of the ImageIO component in the Mac OS X and iOS operating systems relates to the ability to read data beyond the specified buffer. Exploiting this vulnerability can allow an attacker to obtain confidential information from the process’s memory or cause a service failure data...

The vulnerability of the ImageIO component in the Mac OS X operating system allows a hacker to trigger a service failure or obtain confidential information.

The vulnerability of the ImageIO component in the Mac OS X operating system is related to a buffer overflow error in memory. Exploiting this vulnerability can allow an attacker to obtain confidential information or cause a service failure buffer overflow, application termination by using a...

OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)

It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory...

CVE-2016-7643

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of servi...

CVE-2016-7643

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of servi...

Out-of-bounds

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds memory access and application crash via a crafted SGI file...

Out-of-bounds

An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and application crash via a...

Out-of-bounds

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write and application crash via a crafted PDF file...

Out-of-bounds

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of servi...

CVE-2016-4683

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds memory access and application crash via a crafted SGI file...

CVE-2016-4671

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write and application crash via a crafted PDF file...

CVE-2016-4671

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write and application crash via a crafted PDF file...

CVE-2016-4682

An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and application crash via a...

CVE-2016-4683

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds memory access and application crash via a crafted SGI file...

CVE-2016-4682

An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and application crash via a...

CVE-2016-4671

CVE-2016-4671 affects ImageIO in macOS before 10.12.1. A crafted PDF file can trigger an out-of-bounds write, allowing remote code execution or a denial of service (application crash) when processed by ImageIO. The vulnerability is mitigated in macOS Sierra 10.12.1 via Security Update 2016-002/20...