More Mac OS X and iPhone sandbox escapes and kernel bugs

Posted by Ian Beer A couple of weeks ago Apple released OS X 10.9.5 and iOS 8 which fixed a number of sandbox escapes and privilege escalation bugs found by Project Zero. All-bar-one of these bugs were found via manual source code auditing where there was source and binary analysis where there...

Joomla! -- Core - Remote File Execution/Denial of Service vulnerabilities

The JSST and the Joomla! Security Center report: 20140903 - Core - Remote File Inclusion Inadequate checking allowed the potential for remote files to be executed. 20140904 - Core - Denial of Service Inadequate checking allowed the potential for a denial of service attack...

[20140903] - Core - Remote File Inclusion

Inadequate checking allowed the potential for remote files to be executed...

[20140904] - Core - Denial of Service

Inadequate checking allowed the potential for a denial of service attack...

Joomla! -- Core - Unauthorized Login vulnerability

The JSST and the Joomla! Security Center report: 20140902 - Core - Unauthorized Logins Inadequate checking allowed unauthorized logins via LDAP authentication...

Panda Internet Security Heap Based Buffer Overflow (Sep 2014)

Panda Internet Security is prone to heap based buffer overflow vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

libvncserver -- multiple security vulnerabilities

Nicolas Ruff reports: Integer overflow in MallocFrameBuffer on client side. Lack of malloc return value checking on client side. Server crash on a very large ClientCutText message. Server crash when scaling factor is set to zero. Multiple stack overflows in File Transfer feature...

Design/Logic Flaw

An unspecified IOAcceleratorFamily function in Apple OS X before 10.9.5 lacks proper bounds checking on read operations, which allows attackers to execute arbitrary code in a privileged context via a crafted application...

CVE-2014-4402

CVE-2014-4402 is an Apple OS X vulnerability affecting OS X versions prior to 10.9.5. It concerns an unspecified IOAcceleratorFamily function that lacks proper bounds checking on read operations, allowing an attacker to execute arbitrary code in a privileged context via a crafted application. The...

CVE-2014-4402

An unspecified IOAcceleratorFamily function in Apple OS X before 10.9.5 lacks proper bounds checking on read operations, which allows attackers to execute arbitrary code in a privileged context via a crafted application...

CVE-2014-4380

The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application...

CVE-2014-4381

Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application...

Design/Logic Flaw

An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application...

Design/Logic Flaw

Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application...

Design/Logic Flaw

The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application...

CVE-2014-4379

An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application...

CVE-2014-4381

CVE-2014-4381 (Libnotify) affects Apple TV 3rd generation and later (before TV OS 7). The vulnerability is an out-of-bounds write in Libnotify, enabling a crafted application to execute arbitrary code with root privileges. Public docs mention this CVE among Apple TV 7 updates; remediation is to i...

CVE-2014-4380

Concretely, CVE-2014-4380 is tied to IOHIDFamily in macOS (OS X Yosemite 10.10.x up to 10.10.2). The issue is a heap buffer overflow in IOHIDFamily's handling of key-mapping properties that could allow a local user to execute arbitrary code with system privileges. Mitigation in the connected doc ...

CVE-2014-4381

Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application...

CVE-2014-4380

The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application...