5 matches found
Exception-oriented exploitation on iOS
Posted by Ian Beer, Project Zero This post covers the discovery and exploitation of CVE-2017-2370, a heap buffer overflow in the machvoucherextractattrrecipetrap mach trap. It covers the bug, the development of an exploitation technique which involves repeatedly and deliberately crashing and how ...
Apple Mac OS X Multiple Vulnerabilities-02 (Feb 2017)
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-2370
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or...
CVE-2017-2370
CVE-2017-2370 is a kernel vulnerability affecting iOS (pre-10.2.1), macOS (pre-10.12.3), tvOS (pre-10.1.1) and watchOS (pre-3.1.3). It stems from a linear heap buffer overflow in the kernel, triggered via an attacker-controlled length argument in a copyin-like path within mach_voucher_extract_att...
CVE-2017-2370
creationtimestamp| type| source ---|---|--- 2017-01-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41163...