About the security content of watchOS 11.5

About the security content of watchOS 11.5 This document describes the security content of watchOS 11.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are availabl...

SUSE CVE-2009-0155

Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file that triggers a heap-based...

Oracle VirtualBox < 5.1.30 / < 5.2-rc1 - Guest to Host Escape

SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities Source: https://blogs.securiteam.com/index.php/archives/3649 Vulnerabilities summary The following advisory describes two 2 guest to host escape found in Oracle VirtualBox version 5.1.30, and VirtualBox version 5.2-rc1...

CVE-2016-7627

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreGraphics" component. It allows attackers to cause a denial of service NULL pointer dereference and application crash via ...

Denial of Service Vulnerability in CoreGraphics Component of Multiple Apple Products

Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; watchOS is a smartwatch operating system. coreGraphics is a component of iOS that is a built-in graphics framework. A security vulnerability exists in the CoreGraphics component in...

Apple OS X CoreGraphics Information Disclosure Vulnerability

Apple OS X is a specialized operating system developed by Apple for Mac computers.CoreGraphics is a built-in graphics framework for iOS. A security vulnerability exists in CoreGraphics in Apple OS X versions prior to 10.11.6. A local attacker could exploit this vulnerability to obtain sensitive...

Apple Core Graphics BMP Framework img_decode_read Remote Code Execution Vulnerability

Apple's CoreGraphics library is an API for users to create and manipulate graphic elements. A remote code execution vulnerability exists in Apple OS X and iOS when working with BMP images. An attacker could use this vulnerability to embed malicious exploit code in a BMP image resulting in an...

Apple Core Graphics BMP Framework img_decode_read Remote Code Execution Vulnerability

SUMMARY An exploitable out of bounds write exists in the handling of BMP images on Apple OS X and iOS. A crafted BMP document can lead to an out of bounds write resulting in remote code execution. Vulnerability can be triggered via a saved BMP file delivered by other means when opened in any...

freetype: FT_Bitmap_New integer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation

FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted font, a different vulnerability than CVE-2011-0226...

Apple Mac OS X memory corruption

Memory corruption in Core Graphics on PDf files parsing...