6 matches found
Race condition
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "Security" component. A race condition allows attackers to bypass intended entitlement restrictions for sending XPC messages via a crafted app...
CVE-2017-7004
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "Security" component. A race condition allows attackers to bypass intended entitlement restrictions for sending XPC messages via a crafted app...
CVE-2017-7004
CVE-2017-7004 describes a race condition in userspace entitlement checks that could allow a local attacker to bypass entitlement restrictions and send privileged XPC messages. Affected products are Apple iOS prior to 10.3.2 and macOS prior to 10.12.5. The root cause is a race in how entitlements ...
Code injection
The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app...
CVE-2015-7016
The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app...
CVE-2015-7016
The CVE-2015-7016 issue affects Apple Mac OS X (MCX Application Restrictions) prior to OS X 10.11.1 where Managed Configuration mishandles provisioning profiles. This enables a crafted developer-signed app to bypass entitlement restrictions and gain privileges, due to a flaw in how provisioning p...