Apple macOS CoreSymbolication Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreSymbolication framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists...

Heap-based Buffer Overflow

Description Heap-based buffer overflow in coresymbolication:272 Environment radare2 5.6.9 0 @ linux-x86-64 git. commit: 5.6.9 build: 2022-04-1923:49:49 Build export CC=gcc CXX=g++ CFLAGS="-fsanitize=address -static-libasan" CXXFLAGS="-fsanitize=address -static-libasan" LDFLAGS="-fsanitize=address...

CVE-2014-8817

coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpcdictionarygetvalue A...

Command injection

coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpcdictionarygetvalue A...

CVE-2014-8817

CVE-2014-8817 affects CoreSymbolicationd in CoreSymbolication on macOS up to OS X 10.10.1. The flaw is improper verification of data types in XPC messages, specifically during handling of commands (match_mmap_archives, delete_mmap_archives, write_mmap_archive, read_mmap_archive), due to missing v...

CVE-2014-8817

coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpcdictionarygetvalue A...

Mac OS X Multiple Vulnerabilities (Security Update 2015-001) (POODLE)

The remote host is running a version of Mac OS X 10.8 or 10.9 that does not have Security Update 2015-001 applied. This update contains several security-related fixes for the following components : - AFP Server - Bluetooth - CoreGraphics - CoreSymbolication - FontParser - Foundation - Intel...

Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)

The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. This update contains several security-related fixes for the following components : - bash - Bluetooth - CFNetwork Cache - CommerceKit Framework - CoreGraphics - CoreSymbolication - CPU Software - FontParser...