5 matches found
Design/Logic Flaw
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofi...
Apple MacOS High Sierra disabled account authentication bypass
Overview Apple MacOS High Sierra fails to properly require authentication for disabled accounts, such as root account, which can allow an authenticated user to obtain root privileges. Description Apple MacOS High Sierra 10.13 contains a flaw in how it authenticates disabled accounts. When a...
MacOS 10.13 root Authentication Bypass (Security Update 2017-001)
The remote host is running a version of MacOS 10.13 or 10.13.1 that is missing a security update. It is, therefore, affected by a root authentication bypass vulnerability. A local attacker or a remote attacker with credentials for a standard user account has the ability to blank out the root...
Apple Mac OS X Multiple Arbitrary Code Execution Vulnerabilities - 01 - (HT208221)
Apple Mac OS X is prone to multiple arbitrary code execution vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite
About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite This document describes the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite. About Apple security...