Apple iOS Code Signature Bypass Vulnerability (CNVD-2015-05539)

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability exists in Apple iOS that allows a local attacker to execute unsigned code by exploiting a code signing flaw...

[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability

OS X Gatekeeper Bypass Vulnerability Amplia Security - Amplia Security Research Advisory AMPLIA-ARA100614 Advisory ID: AMPLIA-ARA100614 Advisory URL: http://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html, http://www.ampliasecurity.com/advisories/AMPLIA-ARA100614.txt...

Apple Mac OSX 10.10.x - GateKeeper Bypass

Apple Mac OSX 10.10.x - GateKeeper Bypass Exploit Title: OS X Gatekeeper bypass Vulnerability Date: 01-27-2015 Exploit Author: Amplia Security Research Vendor Homepage: www.apple.com Version: OS X Lion, OS X Mountain Lion, OS X Mavericks, OS X Yosemite Tested on: OS X Lion, OS X Mountain Lion, OS...

OS X Gatekeeper Bypass

OS X Gatekeeper Bypass Vulnerability Amplia Security - Amplia Security Research Advisory AMPLIA-ARA100614 Advisory ID: AMPLIA-ARA100614 Advisory URL: http://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html, http://www.ampliasecurity.com/advisories/AMPLIA-ARA100614.txt...

OS X < 10.10.x - Gatekeeper bypass Vulnerability

A malicious Jar file can bypass all OS X Gatekeeper warnings and protections, allowing a remote attacker to execute arbitrary unsigned code downloaded by the user. Java must be installed on the victim's machine. Exploit Title: OS X Gatekeeper bypass Vulnerability Date: 01-27-2015 Exploit Author:...

Apple Mac OSX &lt; 10.10.x - GateKeeper Bypass

Exploit Title: OS X Gatekeeper bypass Vulnerability Date: 01-27-2015 Exploit Author: Amplia Security Research Vendor Homepage: www.apple.com Version: OS X Lion, OS X Mountain Lion, OS X Mavericks, OS X Yosemite Tested on: OS X Lion, OS X Mountain Lion, OS X Mavericks, OS X Yosemite CVE :...

Apple iOS multiple security vulnerabilities

Information leakage, unsigned code execution, code execution, restrictions bypass, memory corruption...

Apple TV multiple security vulnerabilities

Memory corruptions, unsigned code execution, privilege escalation...

APPLE-SA-2013-03-19-2 Apple TV 5.2.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-19-2 Apple TV 5.2.1 Apple TV 5.2.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: A local user may be able to execute unsigned code Description: A state management issue...

7: bypass of the security level setting in browser plugin (Deployment, SE-2012-01 Issue 53)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...

Security feature bypass

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...

CVE-2013-1489

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...

CVE-2013-1489

Technical details for CVE-2013-1489 are not provided in the supplied documents. Monitor for updates.

Absinthe Jailbreak for iPhone 4S Released

Less than three weeks after releasing a new jailbreak for iPhones running iOS 5.01, a team of researchers has now published a similar tool for jailbreaking the iPhone 4S and iPad2. The Absinthe jailbreak tool will allow users to run unsigned code on their devices and load apps from places other...

CVE-2011-3442

The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app...

Demo of Charlie Miller's iOS Code-Signing Bug

Security researcher Charlie Miller of Accuvant discovered a vulnerability in the Apple iOS software that enables him to use an app he placed in the iTunes App Store to download unsigned code from a remote Web server and run it on any iOS device. In this video, he demonstrates the app and the way...

Apple Drops Researcher From Dev Program Over iOS Bug Demo App

Just a few hours after it became public the security researcher Charlie Miller had inserted a proof-of-concept app into the Apple App Store to demonstrate a serious vulnerability in iOS, Apple informed Miller that it was removing him from its developer program. Miller had created the app, which i...

New iOS Bug Lets Apps Run Unsigned Code

There is a bug in Apple iOS that enables an attacker to run unsigned code on a user’s device, circumventing the company’s checks on apps in the iTunes App Store. The bug, which researcher Charlie Miller identified, can be exploited by an app to take actions on the device without the user’s...

Oracle Java Applet2ClassLoader Vulnerability

Added: 05/05/2011 CVE: CVE-2010-4452 BID: 46388 OSVDB: 71193 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1252)

The XML signature checker did not impose limits on the minimum length of HMAC signatures in XML documentes. Attackers could therefore specify a length of e.g. 1 to make the signature appear valid and therefore effectively bypass verification of XML documents. CVE-2009-0217 The WebStart component...