EUVD-2009-2802

Malware in sbrugna...

The vulnerability of the Launch Services interface for operating systems such as MacOS, iOS, iPadOS, watchOS, and visionOS allows attackers to gain unauthorized access to protected information.

The vulnerability of the Launch Services interface for operating systems such as MacOS, iOS, iPadOS, watchOS, and visionOS is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of the Launch Services interface for macOS operating systems allows attackers to circumvent security restrictions.

The vulnerability of the Launch Services interface for macOS operating systems is related to deficiencies in access control. Exploiting this vulnerability could allow a perpetrator to circumvent security restrictions...

PT-2025-5291 · Apple · Macos Sonoma +3

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.7.3 macOS Sequoia versions prior to 15.3 macOS Sonoma versions prior to 14.7.3 Description: An access issue was addressed with additional sandbox restrictions. This issue allows an app to bypass Privacy...

PT-2025-5292 · Apple · Ipados +5

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.4 visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS versions prior to 11.3 Description: This issue is related to insufficient...

The vulnerability of the Launch Services interface for macOS operating systems allows attackers to bypass the sandbox protection mechanism.

The vulnerability of the Launch Services interface for MacOS systems is related to synchronization errors when using a shared resource “Race Condition”. Exploiting this vulnerability can allow an attacker to bypass the sandbox’s security mechanisms...

PT-2024-10231

Name of the Vulnerable Software and Affected Versions MacOS affected versions not specified Description The issue is related to a synchronization error in the Launch Services interface of MacOS operating systems, which is a "race condition" scenario. This could allow an attacker to bypass the...

Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices

Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple's operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. "An attacker could take advantage of this sandbox escape vulnerability to gain...

Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple through Coordinated Vulnerability Disclosure CVD via Microsoft Security Vulnerability Research MSVR in October...

Apple tvOS 权限许可和访问控制问题漏洞

Apple tvOS is a set of smart TV operating systems from Apple, Inc. A vulnerability exists in Apple tvOS versions 15.0 19J346 - 15.4.1 19L452 with privilege permission and access control issues, which stems from a sandbox bypass in LaunchServices. An attacker can exploit this vulnerability to bypa...

The vulnerability of the Launch Services service for iOS, iPadOS, tvOS, watchOS, and macOS allows a hacker to escape from the isolated software environment.

The vulnerability of the Launch Services service for iOS, iPadOS, tvOS, watchOS, and macOS is related to security configuration errors. Exploiting this vulnerability can allow a perpetrator to escape from a isolated software environment...

PT-2021-18924 · Apple +1 · Apple Macos +1

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.0.1 macOS Big Sur versions prior to 11.6.6 Description: A logic issue was addressed with improved state management. This issue allows a sandboxed process to potentially circumvent sandbox restrictions. The...

The vulnerability of the iOS operating system allows attackers to bypass event handlers and modify events of arbitrary applications.

The vulnerability of the XPC Services software interface in the LaunchServices component of the iOS operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass event handler restrictions and modify events of arbitrary application...

CVE-2016-1760

The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app...

The vulnerability of the iOS operating system allows a perpetrator to execute arbitrary code with elevated privileges or cause a service failure.

The vulnerability of the LaunchServices component in the iOS operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges or cause a service failure using a specially crafted plist object...

Apple Mac OS X 10.5.x Mail Arbitrary Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26510/info Apple Mac OS X is prone to a vulnerability that can allow arbitrary code to run. This issue affects the Mail application when handling email attachments. Attackers can exploit this issue to execute arbitrary co...

Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004

The remote host is missing Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004. One or more of the following components are affected: Alias Manager CoreTypes c++filt Dock Launch Services Net-SNMP Ruby SMB File Server System Configuration Tomcat VPN WebKit OpenVAS Vulnerability Test Mac OS ...

Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002

The remote host is missing Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Mac OS X Security Update 2009-005

The remote host is missing Security Update 2009-005. One or more of the following components are affected: Alias Manager CarbonCore ClamAV ColorSync CoreGraphics CUPS Flash Player plug-in ImageIO Launch Services MySQL PHP SMB Wiki Server OpenVAS Vulnerability Test Mac OS X Security Update 2009-00...

Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002

The remote host is missing Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002. One or more of the following components are affected: Apache ATS BIND CFNetwork CoreGraphics Cscope CUPS Disk Images enscript Flash Player plug-in Help Viewer iChat International Components for Unicode IPSec...