4 matches found
About the security content of macOS Sierra 10.12.5, Security Update 2017-002 El Capitan, and Security Update 2017-002 Yosemite - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
Apple MacOS NSUnarchiver Heap Corruption(CVE-2017-2523)
Via NSUnarchiver we can read NSBuiltinCharacterSet with a controlled serialized state. It reads a controlled int using decodeValueOfObjCType:"i" then either passes it to CFCharacterSetGetPredefined or uses it directly to manipulate NSBuiltinSetTable. Neither path has any bounds checking and the...
CVE-2017-2523
creationtimestamp| type| source ---|---|--- 2017-05-23 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42050...
CVE-2017-2523
CVE-2017-2523 is a memory-corruption vulnerability in Apple’s Foundation framework that affects multiple platforms. Affected software versions: iOS prior to 10.3.2, macOS prior to 10.12.5, tvOS prior to 10.2.1, and watchOS prior to 3.2.2. The issue allows remote attackers to execute arbitrary cod...