CVE-2015-7082

Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases...

CVE-2015-7057

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service memory corruption via a crafted mach-o file, a different vulnerability than CVE-2015-7049...

CVE-2015-7056

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern...

CVE-2015-7049

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service memory corruption via a crafted mach-o file, a different vulnerability than CVE-2015-7057...

Information disclosure

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern...

Code injection

Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases...

Memory corruption

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service memory corruption via a crafted mach-o file, a different vulnerability than CVE-2015-7057...

Memory corruption

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service memory corruption via a crafted mach-o file, a different vulnerability than CVE-2015-7049...

CVE-2015-7057

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service memory corruption via a crafted mach-o file, a different vulnerability than CVE-2015-7049...

CVE-2015-7049

CVE-2015-7049 affects Apple Xcode before 7.2, via the otools component’s handling of Mach-O files. The underlying issue allows local users to gain privileges or cause a denial of service (memory corruption). This is a separate vulnerability from CVE-2015-7057, which also targets otools Mach-O pro...

CVE-2015-7082

CVE-2015-7082 refers to multiple unspecified vulnerabilities in Git prior to 2.5.4, as used by Apple Xcode prior to 7.2. The connected document details a concrete root cause: a flaw in the git-remote-ext component that can be triggered by handling a specially crafted URL, enabling a remote attack...

CVE-2015-7057

Apple Xcode before 7.2 is affected by CVE-2015-7057 due to otools handling Mach-O files, enabling local privilege escalation or denial of service via a crafted Mach-O file. The vulnerability is tied to memory corruption in otools when processing Mach-O inputs. Affected product is Xcode (Mac OS X)...

CVE-2015-7056

Apple Xcode prior to 7.2 is affected by CVE-2015-7056 due to a failure of the IDE SCM to honor .gitignore directives. This allows remote attackers to disclose sensitive information by exploiting the presence of a file that matches an ignore pattern. The issue is corroborated by multiple sources i...

CVE-2015-7082

Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases...

CVE-2015-7056

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern...

CVE-2015-7049

otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service memory corruption via a crafted mach-o file, a different vulnerability than CVE-2015-7057...

Apple Patches 50+ Vulnerabilities in iOS, OS X, Safari

Apple has piled on the patches already released by Adobe and Microsoft today, and pushed out updates for iOS, OS X, Apple TV, Safari, and it’s watch-based operating system watchOS this afternoon. Fifty-four vulnerabilities across OS X were patched Tuesday, including fixes for Mavericks v10.9.5, O...

Apple Releases Multiple Security Updates

Apple has released security updates for iOS, tvOS, OS X, watchOS, Safari, and Xcode to address multiple vulnerabilities, one of which could allow a remote attacker to take control of an affected system. Updates available include: iOS 9.2 for iPhone 4s and later, iPod touch 5th generation and late...

XcodeGhost Malware Supports iOS9

New samples of XcodeGhost, malware targeting iOS devices, have surfaced beyond the borders of China with new support for iOS9 and obfuscation techniques making it that much harder to detect. iOS9 is only a few weeks old and included new security measures that allowed for only secure HTTPS...

Apple Xcode Swift Information Disclosure Vulnerability

Xcode is the development tool used on Apple machines. Versions of Apple Xcode prior to 7.1 have mishandled type conversions in the Swift implementation, allowing attackers to obtain sensitive information...