APPLE-SA-2015-03-09-1 iOS 8.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-09-1 iOS 8.2 iOS 8.2 is now available and addresses the following: CoreTelephony Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A remote attacker can cause a device to unexpectedly...

APPLE-SA-2015-03-09-3 Security Update 2015-002

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-09-3 Security Update 2015-002 Security Update 2015-002 is now available and addresses the following: iCloud Keychain Available for: OS X Yosemite v10.10.2 Impact: An attacker with a privileged network position may be able to execute...

CVE-2015-1065

Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery...

Buffer overflow

Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery...

CVE-2015-1065

Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery...

CVE-2015-1065

CVE-2015-1065 affects iCloud Keychain handling in Apple iOS before 8.2 and OS X up to 10.10.2. Multiple buffer overflows in the data handling during keychain recovery allow a man‑in‑the‑middle attacker to execute arbitrary code by modifying the client–server data stream. Apple Security Update 201...

Apple iOS iCloud Keychain Buffer Overflow Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS suffers from a buffer overflow in processing data during iCloud Keychain recovery processing, which allows users who can conduct man-in-the-middle attacks to execute arbitrary code...

Apple Fixes FREAK Bug, iCloud Flaw in iOS 8.2

Apple has patched the FREAK SSL vulnerability, along with a nasty bug that could’ve allowed a remote attacker to restart a user’s iPhone via SMS, with the release of iOS 8.2. The new version of Apple’s mobile operating system contains a number of vulnerability fixes, with the FREAK patch being th...

Mac OS X Multiple Vulnerabilities (Security Update 2015-002)

The remote host is running a version of Mac OS X 10.8, 10.9, or 10.10 that does not have Security Update 2015-002 applied. This update contains several security-related fixes for the following components : - iCloud Keychain - IOAcceleratorFamily - IOSurface - machportkobject kernel interface -...

CVE-2014-8831

securitytaskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a 1 self-signed certificate or 2 Developer ID certificate...

Code injection

securitytaskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a 1 self-signed certificate or 2 Developer ID certificate...

CVE-2014-8831

securitytaskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a 1 self-signed certificate or 2 Developer ID certificate...

CVE-2014-8831

CVE-2014-8831 affects Apple OS X prior to 10.10.2. The issue in security_taskgate allows reading group-ACL–restricted keychain items of arbitrary apps when a crafted app signs with a self-signed certificate or a Developer ID certificate. Impact is partial confidentiality. The vulnerability is add...

Apple MAC OS X Yosemite Access Control Vulnerability

Apple MAC OS X Yosemite is the latest operating system developed by Apple. An access control vulnerability exists in Apple MAC OS X Yosemite Keychain, which allows remote attackers to exploit the vulnerability to obtain sensitive information...

Input validation

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input...

CVE-2014-1380

CVE-2014-1380 concerns the Security - Keychain component in Apple OS X prior to 10.9.4. The root issue is improper keystroke observer handling, which can permit physically proximate attackers to bypass the screen lock and type into a window under the lock screen via keyboard input. The impact des...

Mac OS X 10.9.x < 10.9.4 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.9.x that is prior to 10.9.4. This update contains several security-related fixes for the following components : - Certificate Trust Policy - copyfile - curl - Dock - Graphics Driver - iBooks Commerce - Intel Graphics Driver - Intel Compute -...

Volafox - Mac OS X & BSD Memory Analysis Toolkit

Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this...

Apple Updates iOS Security Guide

Apple rarely offers anyone a glimpse inside its walled-off security garden. The last time it did was in the spring of 2012 when it released a detailed paper on the security of its iOS operating system for iPhones and iPads. The company also presented a much-anticipated if not anticlimactic...

[Pac4Mac] Forensics Framework for Mac OS X

Pac4Mac Plug And Check for Mac OS X is a portable Forensics framework to launch from USB storage allowing extraction and analysis session informations in highlighting the real risks in term of information leak history, passwords, technical secrets, business secrets, .... Pac4Mac can be used to...