55 matches found
Apple Mac OS X Multiple Vulnerabilities-01 (Dec 2015)
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple OS X Keychain Entry Access Vulnerability
Apple OS X is an operating system developed by Apple Inc. Apple OS X has a security vulnerability that allows an attacker to exploit the vulnerability to access the target user's Keychain entries and obtain sensitive information...
CVE-2015-7045
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors...
Design/Logic Flaw
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors...
CVE-2015-7045
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors...
CVE-2015-7045
The CVE-2015-7045 entry describes a vulnerability in Keychain Access on Apple OS X before 10.11.2 and tvOS before 9.1, where Keychain Access interacts with Keychain Agent in a way that allows an attacker to spoof the Keychain Server via unspecified vectors. Affected software is Apple OS X prior t...
Mac OS X Multiple Vulnerabilities (Security Updates 2015-005 / 2015-008)
The remote host is running a version of Mac OS X 10.9.5 or 10.10.5 that is missing Security Update 2015-005 or 2015-008. It is, therefore, affected by multiple vulnerabilities in the following components : - apachemodphp - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression -...
Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities
The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.2. It is, therefore, affected by multiple vulnerabilities in the following components : - apachemodphp - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression - Configuration Profiles - CoreGraphics - CoreMedi...
iBackDoor: High-Risk Code Hits iOS Apps
Introduction FireEye mobile researchers recently discovered potentially “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded functionality in iOS apps that used the library to display...
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 OS X El Capitan 10.11 is now available and addresses the following: Address Book Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to inject arbitrary code to processes loading the Address Book framework Description: An issu...
Apple Mac OSX Keychain - EXC_BAD_ACCESS Denial of Service
Exploit Title: OSX Keychain - EXCBADACCESS Date: 22/07/2015 Exploit Author: Juan Sacco Vendor Homepage: https://www.apple.com Software Link: https://www.apple.com/en/downloads/ Version: 9.0 55161 Tested on: OSX Yosemite 10.10.4 CVE : None History - Reported to [email protected] 20 Jul 20...
Multiple Vulnerabilities in Apple OS X Keychain/WebSocket/Sandbox ACLs
Apple Mac OS X is an operating system for Apple devices. Multiple vulnerabilities exist in the Apple OS X Keychain/WebSocket/Sandbox ACL. 1 A remote user can create an application that, when installed by the target user, can access the target application's keychain entries, delete the keychain...
Apple MAC OS X Yosemite Access Control Vulnerability
Apple MAC OS X Yosemite is the latest operating system developed by Apple. An access control vulnerability exists in Apple MAC OS X Yosemite Keychain, which allows remote attackers to exploit the vulnerability to obtain sensitive information...
Apple XCode 4.x 信息泄露漏洞
BUGTRAQ ID: 54679 CVE ID: CVE-2012-3698,CVE-2011-3389 Xcode是苹果机器上所使用的开发工具。 Apple Xcode 4.4之前版本在实现上存在安全漏洞,可被恶意用户利用泄露敏感信息,劫持用户会话,绕过某些安全限制。 1) SSL 3.0和TLS 1.0协议的实现中存在设计错误。 2) DR实现中的错误可允许App Store应用访问用Xcode构建的Helper工具中的密钥链项目。 0 Apple XCode 4.x 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2005-2739
CVE-2005-2739 affects Keychain Access on Mac OS X 10.4.2 and earlier, where a password may remain visible if a keychain times out during viewing. This could allow someone with physical access to see the password. The issue is addressed by Apple in the Mac OS X 10.4.3 update (and related 10.4.x pa...