21 matches found
EUVD-2016-8465
Malware in sbrugna...
Apple iOS 10.2 (14C92) - Remote Code Execution Exploit
Exploit for iOS platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1317c3 The exploit achieves R/W access to the host's physical memory. This exploit has been tested on the iPhone 7, iOS 10.2 14C92. To run the exploit against different devices o...
Apple iOS 10.2 (14C92) - Remote Code Execution
Apple iOS 10.2 14C92 - Remote Code Execution Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1317c3 The exploit achieves R/W access to the host's physical memory. This exploit has been tested on the iPhone 7, iOS 10.2 14C92. To run the exploit against different devices or...
Apple iOS 10.2 (14C92) - Remote Code Execution
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1317c3 The exploit achieves R/W access to the host's physical memory. This exploit has been tested on the iPhone 7, iOS 10.2 14C92. To run the exploit against different devices or versions, the symbols must be adjusted. The attache...
Remote Wi-Fi Attack Backdoors iPhone 7
Google on Tuesday disclosed details and a proof-of-concept exploit for a Wi-Fi firmware vulnerability in Broadcom chipsets patched this week in iOS 11. The attack enables code execution and persistent presence on a compromised device. “The exploit gains code execution on the Wi-Fi firmware on the...
Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response
Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1289 The exploit gains code execution on the Wi-Fi firmware on the iPhone 7. The exploit has been tested against the Wi-Fi firmware as...
Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1289 The exploit gains code execution on the Wi-Fi firmware on the iPhone 7. The exploit has been tested against the Wi-Fi firmware as present on iOS 10.2 14C92, but should work on all versions of iOS up to 10.3.3 included. However...
CVE-2016-7643
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of servi...
Memory corruption
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of...
Code injection
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Graphics Driver" component, which allows remote attackers to cause a denial of service via a crafted video...
Memory corruption
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of...
Out-of-bounds
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of servi...
CVE-2016-7594
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ICU" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...
CVE-2016-7610
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2016-7638
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Find My iPhone" component, which allows physically proximate attackers to disable this component by bypassing authentication...
Apple macOS 10.12.1 / iOS 10.2 - Kernel Userspace Pointer Memory Corruption
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1004 machvoucherextractattrrecipetrap is a mach trap which can be called from any context Here's the code: kernreturnt machvoucherextractattrrecipetrapstruct machvoucherextractattrrecipeargs args ipcvouchert voucher = IVNULL;...
Apple macOS 10.12.1 iOS 10.2 - Kernel Userspace Pointer Memory Corruption
Apple macOS 10.12.1 iOS 10.2 - Kernel Userspace Pointer Memory Corruption Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1004 machvoucherextractattrrecipetrap is a mach trap which can be called from any context Here's the code: kernreturnt machvoucherextractattrrecipetrapstruct...
macOS 10.12.1 / iOS 10.2 - Kernel Userspace Pointer Memory Corruption Vulnerability
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1004 machvoucherextractattrrecipetrap is a mach trap which can be called from any context Here's the code: kernreturnt machvoucherextractattrrecipetrapstruct...
CVE-2016-7586
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted we...
Apple macOS 10.12.1 iOS 10.2 - powerd Arbitrary Port Replacement
Apple macOS 10.12.1 iOS 10.2 - powerd Arbitrary Port Replacement / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=976 powerd running as root hosts the com.apple.PowerManagement.control mach service. It checks in with launchd to get a server port and then wraps that in a CFPort:...