CVE-2016-4697

Apple HSSPI Support in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2016-4697

Apple HSSPI Support in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2016-4697

The connected ZDI advisory CVE-2016-4697 details a local privilege-escalation in Apple OS X via the AppleHSSPIHIDDriver (kernel extension). The root cause is a buffer-overflow-like flaw caused by insufficient validation of the length of user-supplied data before copying it to a buffer, permitting...