Lucene search
K

4 matches found

Exploit DB
Exploit DB
added 2019/01/25 12:0 a.m.282 views

iOS/macOS - 'task_swap_mach_voucher()' Use-After-Free

/ voucherswap-poc.c Brandon Azad / if 0 iOS/macOS: taskswapmachvoucher does not respect MIG semantics leading to use-after-free The dangers of not obeying MIG semantics have been well documented: see issues 926 CVE-2016-7612, 954 CVE-2016-7633, 1417 CVE-2017-13861, asyncwake, 1520 CVE-2018-4139,...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2017/12/11 12:0 a.m.119 views

Apple macOS/iOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG Ownership Rules

I have previously detailed the lifetime management paradigms in MIG in the writeups for: CVE-2016-7612 https://bugs.chromium.org/p/project-zero/issues/detail?id=926 and CVE-2016-7633 https://bugs.chromium.org/p/project-zero/issues/detail?id=954 If a MIG method returns KERNSUCCESS it means that th...

9.3CVSS7.1AI score0.04229EPSS
Exploits7
CVE
CVE
added 2017/02/20 8:35 a.m.123 views

CVE-2016-7633

CVE-2016-7633 affects macOS Sierra with Directory Services. The bug is a use-after-free that can be triggered locally to escalate privileges or cause a denial of service. Affected product: macOS Sierra 10.12.x (pre-10.12.2). Root cause details are not fully disclosed in the provided documents, bu...

7.8CVSS6.2AI score0.01275EPSS
Exploits6References4Affected Software1
Circl
Circl
added 2016/12/22 12:0 a.m.15 views

CVE-2016-7633

creationtimestamp| type| source ---|---|--- 2016-12-22 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40954...

7.8CVSS6.8AI score0.01275EPSS
Exploits6References1
Rows per page
Query Builder