CVE-2015-1142

CVE-2015-1142 affects Apple OS X LaunchServices prior to 10.10.3, where crafted localization data can trigger a local denial-of-service (Finder crash). The NVD entry lists the impact as Denial of Service with partial availability impact, and the recommended remediation is to update to the latest ...

CVE-2015-1142

LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service Finder crash via crafted localization data...

CVE-2015-1143

LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue...

Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)

The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.3. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - Apache - ATS - Certificate Trust Policy - CFNetwork HTTPProtocol - CFNetwork Session - CFURL - CoreAnimation -...

Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)

The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-004. It is, therefore, affected multiple vulnerabilities in the following components : - Apache - ATS - Certificate Trust Policy - CoreAnimation - FontParser - Graphics Driver - ImageIO -...

Apple Mac OS X LaunchServices Denial of Service Vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. An input validation vulnerability in Apple Mac OS X LaunchServices handling application localization data allows local attackers to exploit the vulnerability to crash the detector...

Apple Mac OS X LaunchServices Arbitrary Code Execution Vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. A type confusion vulnerability in the handling of localized strings by Apple Mac OS X LaunchServices allows local attackers to execute arbitrary code...

CVE-2014-8826

LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive...

Design/Logic Flaw

LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive...

CVE-2014-8826

CVE-2014-8826 affects macOS/OS X prior to 10.10.2. The issue is that Gatekeeper quarantine checks are not applied to JAR files executed by Java, enabling bypass of Gatekeeper protections via a crafted JAR archive. The connected documents corroborate this as a Gatekeeper bypass scenario tied to qu...

CVE-2014-8826

LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive...

Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)

The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. This update contains several security-related fixes for the following components : - bash - Bluetooth - CFNetwork Cache - CommerceKit Framework - CoreGraphics - CoreSymbolication - CPU Software - FontParser...

Mac OS X Multiple Vulnerabilities (Security Update 2015-001) (POODLE)

The remote host is running a version of Mac OS X 10.8 or 10.9 that does not have Security Update 2015-001 applied. This update contains several security-related fixes for the following components : - AFP Server - Bluetooth - CoreGraphics - CoreSymbolication - FontParser - Foundation - Intel...

Mac OS X < 10.10 Multiple Vulnerabilities (APPLE-SA-2014-10-16-1 OS X Yosemite v10.10)

Binary data 8555.prm...

CVE-2014-4437

LaunchServices in Apple OS X before 10.10 allows attackers to bypass intended sandbox restrictions via an application that specifies a crafted handler for the Content-Type field of an object...

Design/Logic Flaw

LaunchServices in Apple OS X before 10.10 allows attackers to bypass intended sandbox restrictions via an application that specifies a crafted handler for the Content-Type field of an object...

CVE-2014-4437

CVE-2014-4437 affects Apple OS X LaunchServices (pre-10.10). The flaw allows a sandboxed application to bypass restrictions by registering a crafted Content-Type handler for an object. Root cause: the LaunchServices interface allowed sandboxed apps to set content-type handlers, enabling sandbox b...

CVE-2014-4437

LaunchServices in Apple OS X before 10.10 allows attackers to bypass intended sandbox restrictions via an application that specifies a crafted handler for the Content-Type field of an object...

Mac OS X < 10.10 Multiple Vulnerabilities (POODLE) (Shellshock)

The remote host is running a version of Mac OS X is prior to version 10.10. This update contains several security-related fixes for the following components : - 802.1X - AFP File Server - apache - App Sandbox - Bash - Bluetooth - Certificate Trust Policy - CFPreferences - CoreStorage - CUPS - Doc...

Apple Mac OS X Multiple Vulnerabilities -08 (Sep 2014)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...