CVE-2015-5915

Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors...

CVE-2015-5854

CVE-2015-5854 : Time Machine backup functionality in Apple OS X prior to 10.11 can allow local users to obtain access to keychain items via unspecified vectors. According to the sources, the vulnerability is associated with OS X Time Machine backups and is addressed by OS X 10.11 El Capitan. Reme...

APPLE-SA-2015-09-30-3 OS X El Capitan 10.11

APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 OS X El Capitan 10.11 is now available and addresses the following: Address Book Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to inject arbitrary code to processes loading the Address Book framework Description: An issu...

Apple OS X keychain lock state tracking vulnerability

Apple OS X is an operating system developed by Apple Inc. Apple OS X keychain lock state has a state management issue that fails to properly restrict it to the user. An attacker can exploit the vulnerability to obtain keychain lock state information...

Apple OS X Time Machine Architecture Backup Vulnerability

Apple OS X is an operating system developed by Apple Inc. Apple OS X has a problem with backups through the time machine architecture, allowing local attackers to exploit vulnerabilities to obtain keychain item information...

Apple OS X keychain information disclosure vulnerability

Apple OS X is an operating system developed by Apple Inc. A security vulnerability in the Apple OS X iCloud keychain item checksum access control list allows an attacker to exploit the vulnerability to access a targeted user's keychain item...

Apple Patches 100+ Vulnerabilities in OS X, Safari, iOS

UPDATE Apple pushed out its latest operating system, El Capitan, yesterday, and while it boasts many security fixes, the update fails to address the outstanding vulnerability in Gatekeeper that came to light this week. The issue with Gatekeeper, as described yesterday by Patrick Wardle, the...

Apple iOS keychain information disclosure vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A vulnerability exists in Apple iOS keychain removal that allows an attacker to exploit a vulnerability to obtain Apple ID verification credentials after logging out of the iTunes Store...

CVE-2015-5832

The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from the keychain upon a signout action, which might allow physically proximate attackers to obtain sensitive information via unspecified vectors...

CVE-2015-5832

The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from the keychain upon a signout action, which might allow physically proximate attackers to obtain sensitive information via unspecified vectors...

CVE-2015-5832

CVE-2015-5832 affects the iTunes Store component in Apple iOS prior to 9.0, where AppleID credentials may persist in the keychain after signout due to incomplete deletion. This is a local issue that could enable a physically proximate attacker to access sensitive information via unspecified vecto...

Advertising software use the Apple OS X system vulnerabilities to steal data-vulnerability warning-the black bar safety net

! Malwarebytes security researchers found an advertisement software installation program is accessing MAC OS X's password management system Keychain to. In July, researchers have identified the Mac OS X operating system of a local elevation of Privilege（LPF）vulnerabilities. Experts have found tha...

Critical OS X Flaw Grants Mac Keychain Access to Malware

Back in July, a security researcher disclosed a zero-day vulnerability in Mac OS X that allowed attackers to obtain unrestricted root user privileges with the help of code that even fits in a tweet. The same vulnerability has now been upgraded to again infect Mac OS X machines even after Apple...

OSX Keychain - EXC_BAD_ACCESS Denial of Service Vulnerability

Exploit for macOS platform in category dos / poc Exploit Title: OSX Keychain - EXCBADACCESS Date: 22/07/2015 Exploit Author: Juan Sacco Vendor Homepage: https://www.apple.com Software Link: https://www.apple.com/en/downloads/ Version: 9.0 55161 Tested on: OSX Yosemite 10.10.4 CVE : None History -...

Apple Mac OSX Keychain - EXC_BAD_ACCESS Denial of Service

Apple Mac OSX Keychain - EXCBADACCESS Denial of Service Exploit Title: OSX Keychain - EXCBADACCESS Date: 22/07/2015 Exploit Author: Juan Sacco Vendor Homepage: https://www.apple.com Software Link: https://www.apple.com/en/downloads/ Version: 9.0 55161 Tested on: OSX Yosemite 10.10.4 CVE : None...

Apple Mac OSX Keychain - EXC_BAD_ACCESS Denial of Service

Exploit Title: OSX Keychain - EXCBADACCESS Date: 22/07/2015 Exploit Author: Juan Sacco Vendor Homepage: https://www.apple.com Software Link: https://www.apple.com/en/downloads/ Version: 9.0 55161 Tested on: OSX Yosemite 10.10.4 CVE : None History - Reported to [email protected] 20 Jul 20...

OS X Keychain EXC_BAD_ACCESS Denial Of Service

Exploit Title: OSX Keychain - EXCBADACCESS Date: 22/07/2015 Exploit Author: Juan Sacco Vendor Homepage: https://www.apple.com Software Link: https://www.apple.com/en/downloads/ Version: 9.0 55161 Tested on: OSX Yosemite 10.10.4 CVE : None History - Reported to [email protected] 20 Jul 20...

Facebook Helps Combat Apple XARA Vulnerabilities With Osquery

Apple may still be in the process of patching XARA, the series of weaknesses that surfaced in its authentication infrastructure last week, but Facebook has stepped up and made it easier for organizations to detect whether their system is being exploited by the vulnerabilities. Engineers with the...

Multiple Vulnerabilities in Apple OS X Keychain/WebSocket/Sandbox ACLs

Apple Mac OS X is an operating system for Apple devices. Multiple vulnerabilities exist in the Apple OS X Keychain/WebSocket/Sandbox ACL. 1 A remote user can create an application that, when installed by the target user, can access the target application's keychain entries, delete the keychain...

Zero-Day Exploits for Stealing OS X and iOS Passwords

I think you'll agree with me when I say: Apple devices are often considered to be more safe and secure than other devices that run on platforms like Windows and Android, but a recent study will make you think twice before making this statement. A group of security researchers have uncovered...