Sign-up

VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201512-0124 CVE-2015-7098 Apple iOS Used in etc. WebKit Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious web page. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit of several Apple products. The following products and versions are affected: Apple iOS 9.1 and earlier, Safari 9.0.1 and earlier, tvOS 9.0 and earlier. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWa0HxAAoJEBcWfLTuOo7tL3sP/3IMYdGz6mTS98t6/aMJx8Ew okyR8nBT2M3ALNVxTJeVxRbHc11f75x9DVJMV4Q291MRqeX3b7wHBcvoizmOM66c bWNIqRdIYVub+WWwljBuzdsPIT0d9NlY8Htz9dbwtWmTPACYNKYr9ZUO1T9ntSer WCEBRql2VlpOpr12FfpRc2I52BisIF1pVm24QmsVfgJM156lWxFAjC+i6ESOeBnd waL4T5aw7+mZuoIbUSQvVsjEo2ay5wglAvPhYDlwpEMEY+w0U0E077qr/6LiLf9B MtxIz6i/rtPD4Ak+rKLdAbAGah0nWvVPomo4KI+xS+kxlmxEQY2Q7dUzDpCmviho ZMEgjoEFAouUa+mQC0w+CSxMyO5MS5ZDoZo14DHfkB978DDBjW88xAky4Row5gjX 97ZJ/+933eYqrcNLjc74CNoTDHw22YQ9bys05qJ2FovoTu0s+qsVWhx5tEehxJLr RTvBfc/49JNTracvb/uK7ShbUc9u6qj9g5tHCgLqU6KwFj/vafF5d/lQph4gz6NQ 2xAxKCQjzS6Hqalj0xjmw51b2rxZXjXW2Q4itRa+BVbG8Eb8Frp5yzj5h/m/pS5/ 5/yMR9vYDYXN8psVrSSPhFtpCz0jloeAWsSJk5nM+ReH4sUwRyS3dV7ONfyDxtvo jIfn9cPnOmCwLLCZl2E9 =eKwE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201706-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple vulnerabilities Date: June 07, 2017 Bugs: #543650, #573656, #577068, #608958, #614876, #619788 ID: 201706-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which allows remote attackers to execute arbitrary code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4" References ========== [ 1 ] CVE-2015-2330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330 [ 2 ] CVE-2015-7096 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096 [ 3 ] CVE-2015-7098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098 [ 4 ] CVE-2016-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723 [ 5 ] CVE-2016-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724 [ 6 ] CVE-2016-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725 [ 7 ] CVE-2016-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726 [ 8 ] CVE-2016-1727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727 [ 9 ] CVE-2016-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728 [ 10 ] CVE-2016-4692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692 [ 11 ] CVE-2016-4743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743 [ 12 ] CVE-2016-7586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586 [ 13 ] CVE-2016-7587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587 [ 14 ] CVE-2016-7589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589 [ 15 ] CVE-2016-7592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592 [ 16 ] CVE-2016-7598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598 [ 17 ] CVE-2016-7599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599 [ 18 ] CVE-2016-7610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610 [ 19 ] CVE-2016-7611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611 [ 20 ] CVE-2016-7623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623 [ 21 ] CVE-2016-7632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632 [ 22 ] CVE-2016-7635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635 [ 23 ] CVE-2016-7639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639 [ 24 ] CVE-2016-7640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640 [ 25 ] CVE-2016-7641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641 [ 26 ] CVE-2016-7642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642 [ 27 ] CVE-2016-7645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645 [ 28 ] CVE-2016-7646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646 [ 29 ] CVE-2016-7648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648 [ 30 ] CVE-2016-7649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649 [ 31 ] CVE-2016-7652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652 [ 32 ] CVE-2016-7654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654 [ 33 ] CVE-2016-7656 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656 [ 34 ] CVE-2016-9642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642 [ 35 ] CVE-2016-9643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643 [ 36 ] CVE-2017-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350 [ 37 ] CVE-2017-2354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354 [ 38 ] CVE-2017-2355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355 [ 39 ] CVE-2017-2356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356 [ 40 ] CVE-2017-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362 [ 41 ] CVE-2017-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363 [ 42 ] CVE-2017-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364 [ 43 ] CVE-2017-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365 [ 44 ] CVE-2017-2366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366 [ 45 ] CVE-2017-2367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367 [ 46 ] CVE-2017-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369 [ 47 ] CVE-2017-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371 [ 48 ] CVE-2017-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373 [ 49 ] CVE-2017-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376 [ 50 ] CVE-2017-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377 [ 51 ] CVE-2017-2386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386 [ 52 ] CVE-2017-2392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392 [ 53 ] CVE-2017-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394 [ 54 ] CVE-2017-2395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395 [ 55 ] CVE-2017-2396 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396 [ 56 ] CVE-2017-2405 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405 [ 57 ] CVE-2017-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415 [ 58 ] CVE-2017-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419 [ 59 ] CVE-2017-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433 [ 60 ] CVE-2017-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442 [ 61 ] CVE-2017-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445 [ 62 ] CVE-2017-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446 [ 63 ] CVE-2017-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447 [ 64 ] CVE-2017-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454 [ 65 ] CVE-2017-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455 [ 66 ] CVE-2017-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457 [ 67 ] CVE-2017-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459 [ 68 ] CVE-2017-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460 [ 69 ] CVE-2017-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464 [ 70 ] CVE-2017-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465 [ 71 ] CVE-2017-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466 [ 72 ] CVE-2017-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468 [ 73 ] CVE-2017-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469 [ 74 ] CVE-2017-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470 [ 75 ] CVE-2017-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471 [ 76 ] CVE-2017-2475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475 [ 77 ] CVE-2017-2476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476 [ 78 ] CVE-2017-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481 [ 79 ] CVE-2017-2496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496 [ 80 ] CVE-2017-2504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504 [ 81 ] CVE-2017-2505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505 [ 82 ] CVE-2017-2506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506 [ 83 ] CVE-2017-2508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508 [ 84 ] CVE-2017-2510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510 [ 85 ] CVE-2017-2514 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514 [ 86 ] CVE-2017-2515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515 [ 87 ] CVE-2017-2521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521 [ 88 ] CVE-2017-2525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525 [ 89 ] CVE-2017-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526 [ 90 ] CVE-2017-2528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528 [ 91 ] CVE-2017-2530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530 [ 92 ] CVE-2017-2531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531 [ 93 ] CVE-2017-2536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536 [ 94 ] CVE-2017-2539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539 [ 95 ] CVE-2017-2544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544 [ 96 ] CVE-2017-2547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547 [ 97 ] CVE-2017-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549 [ 98 ] CVE-2017-6980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980 [ 99 ] CVE-2017-6984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201706-15 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --NcNxMnppmhackEL27c23XhPLDAAQ7GQcq-- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-5 Safari 9.0.2 Safari 9.0.2 is now available and addresses the following: WebKit Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple CVE-2015-7104 : Apple WebKit Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan 10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: Safari 9.0.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRXAAoJEBcWfLTuOo7tp/kP/1QG495DAo4BKcJwr5oHxeK+ V0cld44Ot1F9+m8Pd2Il5kkE2mxEGnvOdtEQM0mOT80qfdTVi9zD4ypnFWkBcob1 tV0hEa7/LxMe1OtDMeeNM+qW22Ap6RO8o7v6mCzdn72ds0xSmiPFGuQ1RiRflKRj MjU+k61a3oEe2/rkvbBfuDSIm+4yZo1PjTDI02UoD5JC2nJ0Dlk6978hF6lLSrCv 28UR0i6NijI3Wa2Uq3gSA+qY9bo02sC1XOEveTfftLUfl1QOID0VZGHHnrao4mfx LpxYJR2XJpTvNs1x3lCOcTYWJr4Ju99/ZFkHneAj2OQEvOhP/CHuqUmUglHW9UMW CwQKAVZD242e6qPUu0xaW/nH4dQHbridWPWR3MfwiFj6Vbzc3Wpc+tx7LGdlFuhG 9/goo4MMI7QFdxFXD3bbcOhYRi6DbqJUSxTvWfpC2sssFmZ/N5kmr0w2ccXMUAGc Ez2M8Wm+gVYlCeBMS3rtPkxVcayzHZnxhj+3Fa7Qh3FAY9NdnJ/UA6xJdPrQvTpd DJsQUIK9Ung2c1D3kGGN6QgnUCgL3CtZ7RCSgPD8Zqs4q6Zhuwq6uquC3EDIZO2y HgMF1dRKihaXV5URz9IXfQAHQvbR1PD5e/KuL32bEtXwE0Oxocp1jTrIeIrW71JZ 2qcwUzBx5TzaQfLl+Rk1 =7iMd -----END PGP SIGNATURE----- . ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2016-0001 ------------------------------------------------------------------------ Date reported : February 01, 2016 Advisory ID : WSA-2016-0001 Advisory URL : http://webkitgtk.org/security/WSA-2016-0001.html CVE identifiers : CVE-2015-7096, CVE-2015-7098. Several vulnerabilities were discovered on WebKitGTK+. CVE-2015-7096 Versions affected: WebKitGTK+ before 2.10.5. Credit to Apple. CVE-2015-7098 Versions affected: WebKitGTK+ before 2.10.5. Credit to Apple. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: http://webkitgtk.org/security.html The WebKitGTK+ team, February 01, 2016
VAR-201512-0116 CVE-2015-7082 Apple Xcode Used in Git Vulnerability in CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases. This vulnerability Xcode Relevant only when using.It may be affected unspecified. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. Git is a free and open source distributed version control system developed by American software developer Linus Torvalds. A security vulnerability exists in Git 2.5.3 and earlier versions used in Apple Xcode 7.1.1 and earlier versions. Attackers can exploit this vulnerability to cause unknown effects. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-6 Xcode 7.2 Xcode 7.2 is now available and addresses the following: Git Available for: OS X Yosemite v10.10.5 or later Impact: Multiple vulnerabilities existed in Git Description: Multiple vulnerabilities existed in Git versions prior to 2.5.4. These were addressed by updating Git to version 2.5.4. CVE-ID CVE-2015-7082 IDE SCM Available for: OS X Yosemite v10.10.5 or later Impact: Intentionally untracked files may be uploaded to repositories Description: Xcode did not honor the .gitignore directive. This issue was addressed by adding support to honor .gitignore file. CVE-ID CVE-2015-7056 : Stephen Lardieri otools Available for: OS X Yosemite v10.10.5 or later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of mach-o files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team CVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team Installation note: Xcode 7.2 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "7.2". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau FNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4 Ofg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t 6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h 1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT rnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr HCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu PQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI gPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O pPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi 5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH ObtqW74YB0YXaiw1ckGl =FxUB -----END PGP SIGNATURE-----
VAR-201512-0115 CVE-2015-7081 Apple iOS and Apple OS X of iBooks Vulnerable to reading arbitrary files CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. This case XML External entity (XXE) Vulnerability related to the problem. A security-bypass vulnerability 2. An information-disclosure vulnerability 3. A memory-corruption vulnerability An attacker can leverage these issues to obtain sensitive information, execute arbitrary code, bypass security restrictions. Failed exploit attempts will likely result in denial-of-service conditions. in the United States. The former is an operating system developed for mobile devices; the latter is a dedicated operating system developed for Mac computers. iBooks is one of the e-book reading components
VAR-201512-0117 CVE-2015-7083 plural Apple Vulnerability gained in the product kernel CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.2, watchOS 2.1, OS X 10.11.2, and tvOS 9.1 are vulnerable. Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. Kernel is one of the kernel components. Security vulnerabilities exist in the kernel components of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-4 watchOS 2.1 watchOS 2.1 is now available and addresses the following: AppSandbox Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Compression Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru CoreGraphics Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of malformed media files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7075 dyld Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A segment validation issue existed in dyld. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7072 : Apple FontParser Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero Day Initiative GasGauge Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6979 : PanguTeam ImageIO Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple IOHIDFamily Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero LaunchServices Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7113 : Olivier Goguel of Free Tools Association libarchive Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) OpenGL Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Sandbox Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A trust evaluation configured to require revocation checking may succeed even if revocation checking fails Description: The kSecRevocationRequirePositiveResponse flag was specified but not implemented. This issue was addressed by implementing the flag. CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRUAAoJEBcWfLTuOo7tDFcP/0eMRtPiazqLeAvYEhbHBBYX K9T4vuY0ridD8lmoOPIEjcZnlx2VfZJIeUlgRoWBi1gm5Hi9UoR/17wCSJBUK7an EwcR2zlwEwZK3Vb64ogyAr3CkV0646nMyTiBRoZT+vz/zTRxxh/7yxcGE0kc6h2m 1w4uiljcU/1DzMNbjWz7+TSOKRJLilumf2kzvRGS5WPRs/WN1xJ6bGA5aiY9+M0R 7QbgnTsLVU58jmo1iIJDGLUyQ/7iF+kALZa+IozKRXJjbrq31qkheGSMCquUgDQT 3MkNbMl+UwZQdWuUswjp/ZYZ1EJ3e1AFNKVwv4f79DpBDViquq9g13agnCExhvvK ByrCwL41emEwQ0rVZdtmfneCrTsUfWGkM4BSAcSLJAmsJ/H9gP/J11x8MK4qkd+q Xl4YKJtRE1ovkRlxpKQbJL14yXIXVXMCdXhwkU6HlyxX3qOw8Gop0/2AXuBIup7Q 4idJ+JJyLjv6mYL3CtgWh+D6HVpRSS2DeKjHP33F8qMNaD0zjjlx1qQ2MZ42gwI4 4g5gGHWaq9q4fCLdbIvfHdeeU54Xb8Q/rJ2CMuE3y0q7BzYzToJFt8xE5+kw1d+x 3Cfc2clhT7YJdg2i4JtakbAAGMybx2IqfO2Zjc2GIGPuZGUSxQKUFgtmfJDR0/4e Zgl367oS5NsHOKYGx4cn =gPGz -----END PGP SIGNATURE-----
VAR-201512-0113 CVE-2015-7079 Apple iOS and tvOS of dyld Vulnerable to arbitrary code execution in a privileged context CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app. Apple iOS and tvOS are prone to multiple arbitrary code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in: Apple iOS 9.2 Apple tvOS 9.1. in the United States. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system
VAR-201512-0112 CVE-2015-7078 Apple OS X Hypervisor vulnerabilities that can be granted privileges CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlBy local users VM Depending on the problem with the object, you may be able to get permission. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, bypass security restrictions and perform unauthorized actions. This may aid in other attacks. Hypervisor (also known as virtual machine monitor, VMM) is an intermediate software layer running between the physical server and the operating system, which allows multiple operating systems and applications to share a set of underlying physical hardware. A local attacker could exploit this vulnerability to gain privileges
VAR-201512-0111 CVE-2015-7077 Apple OS X of Intel Graphics Driver Vulnerability gained privileges in components CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, bypass security restrictions and perform unauthorized actions. This may aid in other attacks. Intel Graphics Driver is one of the graphics driver components
VAR-201512-0118 CVE-2015-7084 plural Apple Vulnerability gained in the product kernel CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.2, watchOS 2.1, OS X 10.11.2, and tvOS 9.1 are vulnerable. Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. Kernel is one of the kernel components. Security vulnerabilities exist in the kernel components of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-4 watchOS 2.1 watchOS 2.1 is now available and addresses the following: AppSandbox Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Compression Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru CoreGraphics Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of malformed media files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7075 dyld Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A segment validation issue existed in dyld. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7072 : Apple FontParser Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero Day Initiative GasGauge Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6979 : PanguTeam ImageIO Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple IOHIDFamily Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero LaunchServices Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7113 : Olivier Goguel of Free Tools Association libarchive Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) OpenGL Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Sandbox Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A trust evaluation configured to require revocation checking may succeed even if revocation checking fails Description: The kSecRevocationRequirePositiveResponse flag was specified but not implemented. This issue was addressed by implementing the flag. CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRUAAoJEBcWfLTuOo7tDFcP/0eMRtPiazqLeAvYEhbHBBYX K9T4vuY0ridD8lmoOPIEjcZnlx2VfZJIeUlgRoWBi1gm5Hi9UoR/17wCSJBUK7an EwcR2zlwEwZK3Vb64ogyAr3CkV0646nMyTiBRoZT+vz/zTRxxh/7yxcGE0kc6h2m 1w4uiljcU/1DzMNbjWz7+TSOKRJLilumf2kzvRGS5WPRs/WN1xJ6bGA5aiY9+M0R 7QbgnTsLVU58jmo1iIJDGLUyQ/7iF+kALZa+IozKRXJjbrq31qkheGSMCquUgDQT 3MkNbMl+UwZQdWuUswjp/ZYZ1EJ3e1AFNKVwv4f79DpBDViquq9g13agnCExhvvK ByrCwL41emEwQ0rVZdtmfneCrTsUfWGkM4BSAcSLJAmsJ/H9gP/J11x8MK4qkd+q Xl4YKJtRE1ovkRlxpKQbJL14yXIXVXMCdXhwkU6HlyxX3qOw8Gop0/2AXuBIup7Q 4idJ+JJyLjv6mYL3CtgWh+D6HVpRSS2DeKjHP33F8qMNaD0zjjlx1qQ2MZ42gwI4 4g5gGHWaq9q4fCLdbIvfHdeeU54Xb8Q/rJ2CMuE3y0q7BzYzToJFt8xE5+kw1d+x 3Cfc2clhT7YJdg2i4JtakbAAGMybx2IqfO2Zjc2GIGPuZGUSxQKUFgtmfJDR0/4e Zgl367oS5NsHOKYGx4cn =gPGz -----END PGP SIGNATURE-----
VAR-201512-0110 CVE-2015-7076 Apple OS X of Intel Graphics Driver Vulnerability gained privileges in components CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. http://cwe.mitre.org/data/definitions/476.htmlAuthorized by local user or service disruption (NULL Pointer dereference ) There is a possibility of being put into a state. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, bypass security restrictions and perform unauthorized actions. This may aid in other attacks. Intel Graphics Driver is one of the graphics card drivers
VAR-201512-0147 CVE-2015-7048 Apple iOS Used in etc. WebKit Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious web page. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit of several Apple products. The following products and versions are affected: Apple iOS 9.1 and earlier, Safari 9.0.1 and earlier, tvOS 9.0 and earlier. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWa0HxAAoJEBcWfLTuOo7tL3sP/3IMYdGz6mTS98t6/aMJx8Ew okyR8nBT2M3ALNVxTJeVxRbHc11f75x9DVJMV4Q291MRqeX3b7wHBcvoizmOM66c bWNIqRdIYVub+WWwljBuzdsPIT0d9NlY8Htz9dbwtWmTPACYNKYr9ZUO1T9ntSer WCEBRql2VlpOpr12FfpRc2I52BisIF1pVm24QmsVfgJM156lWxFAjC+i6ESOeBnd waL4T5aw7+mZuoIbUSQvVsjEo2ay5wglAvPhYDlwpEMEY+w0U0E077qr/6LiLf9B MtxIz6i/rtPD4Ak+rKLdAbAGah0nWvVPomo4KI+xS+kxlmxEQY2Q7dUzDpCmviho ZMEgjoEFAouUa+mQC0w+CSxMyO5MS5ZDoZo14DHfkB978DDBjW88xAky4Row5gjX 97ZJ/+933eYqrcNLjc74CNoTDHw22YQ9bys05qJ2FovoTu0s+qsVWhx5tEehxJLr RTvBfc/49JNTracvb/uK7ShbUc9u6qj9g5tHCgLqU6KwFj/vafF5d/lQph4gz6NQ 2xAxKCQjzS6Hqalj0xjmw51b2rxZXjXW2Q4itRa+BVbG8Eb8Frp5yzj5h/m/pS5/ 5/yMR9vYDYXN8psVrSSPhFtpCz0jloeAWsSJk5nM+ReH4sUwRyS3dV7ONfyDxtvo jIfn9cPnOmCwLLCZl2E9 =eKwE -----END PGP SIGNATURE----- . Description: An issue existed in how Keychain Access interacted with Keychain Agent. CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-1 iOS 9.2 iOS 9.2 is now available and addresses the following: AppleMobileFileIntegrity Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An access control issue was addressed by preventing modification of access control structures. CVE-ID CVE-2015-7055 : Apple AppSandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7074 : Apple CVE-2015-7075 dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple segment validation issues existed in dyld. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7072 : Apple CVE-2015-7079 : PanguTeam GPUTools Framework Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple path validation issues existed in Mobile Replayer. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7069 : Luca Todesco (@qwertyoruiop) CVE-2015-7070 : Luca Todesco (@qwertyoruiop) iBooks Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero LaunchServices Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7113 : Olivier Goguel of Free Tools Association libarchive Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University MobileStorageMounter Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A timing issue existed in loading of the trust cache. This issue was resolved by validating the system environment before loading the trust cache. CVE-ID CVE-2015-7051 : PanguTeam OpenGL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Photos Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to use the backup system to access restricted areas of the file system Description: A path validation issue existed in Mobile Backup. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7037 : PanguTeam QuickLook Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling. CVE-ID CVE-2015-7093 : xisigr of Tencent's Xuanwu LAB (www.tencent.com) Sandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking. CVE-ID CVE-2015-7080 : Or Safran (www.linkedin.com/profile/view?id=33912591) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.2". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRMAAoJEBcWfLTuOo7tEKgQAJ9/T6vHx0rQLQBU32SytoMV qnU9gXfhENP6nWOb0r8Lz8h+xpH3TfqyFUdqLDZtkfZVYtgt4YZ7J1trLPgKXrl1 0tZqAl+iDqMnroawUK+TsWyNZcsrOnSxy1so83CDZkeG1vmt4OIFZ6NHNzTQDnXx +f13C5vHnsd2JryQ9pWGazpj4F1oi7J8B3I5F0AOzvq9kGOzwg35h1GYFYeU59J9 YHpLwDlCjD3rJojG0lIedC0HMqSHK++OxoAMQaLTzzI6qWfoZw9j1/kXlEQ8g/yK jOp9SceJJ2iBti7p7ID5fyF3zTK10zggfsq3jXwJKWdt84JobhnERiTHGBdzEEWq bip6UHKB36daTnAhA72GHn8hzc0c5JC9tQgWzwEpxEBEW/9iF99iY+q87rYxVt1J FyyCJpgSWJsEE9dA09P6+CY4xBGYFf+uOJIBnctJm+ofg8IM/VNaDffLLQ0OCYAs FgW258wuEn0ztV0sA4wX5rOiEa9rRHDFG6zn/zuyYmfR3fYa7xGVuBA5yp/EY0l1 zLWZrdgIBL21luETby773BFCwXMrg0+fchGLXS0TxSq6NVBtfqpRTFI/X24kjp79 X6gU4R4t3G5YoDXgKYLUcR3TT+I4x70dMu9oVK4tmaQmeA6n0pZwM3DVqywsPuYL /ohF4zrwzeJ8a/8oKLfe =Rjch -----END PGP SIGNATURE----- . CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: Safari 9.0.2 may be obtained from the Mac App Store
VAR-201512-0109 CVE-2015-7075 plural Apple Product CoreMedia Vulnerability in arbitrary code execution in the playback of CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.2, watchOS 2.1, OS X 10.11.2, and tvOS 9.1 are vulnerable. Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. CoreMedia Playback is one of the multimedia playback controller components. A security vulnerability exists in the CoreMedia Playback component of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-4 watchOS 2.1 watchOS 2.1 is now available and addresses the following: AppSandbox Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Compression Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru CoreGraphics Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of malformed media files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7075 dyld Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A segment validation issue existed in dyld. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7072 : Apple FontParser Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero Day Initiative GasGauge Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6979 : PanguTeam ImageIO Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple IOHIDFamily Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero LaunchServices Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7113 : Olivier Goguel of Free Tools Association libarchive Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) OpenGL Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Sandbox Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google Security Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A trust evaluation configured to require revocation checking may succeed even if revocation checking fails Description: The kSecRevocationRequirePositiveResponse flag was specified but not implemented. This issue was addressed by implementing the flag. CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRUAAoJEBcWfLTuOo7tDFcP/0eMRtPiazqLeAvYEhbHBBYX K9T4vuY0ridD8lmoOPIEjcZnlx2VfZJIeUlgRoWBi1gm5Hi9UoR/17wCSJBUK7an EwcR2zlwEwZK3Vb64ogyAr3CkV0646nMyTiBRoZT+vz/zTRxxh/7yxcGE0kc6h2m 1w4uiljcU/1DzMNbjWz7+TSOKRJLilumf2kzvRGS5WPRs/WN1xJ6bGA5aiY9+M0R 7QbgnTsLVU58jmo1iIJDGLUyQ/7iF+kALZa+IozKRXJjbrq31qkheGSMCquUgDQT 3MkNbMl+UwZQdWuUswjp/ZYZ1EJ3e1AFNKVwv4f79DpBDViquq9g13agnCExhvvK ByrCwL41emEwQ0rVZdtmfneCrTsUfWGkM4BSAcSLJAmsJ/H9gP/J11x8MK4qkd+q Xl4YKJtRE1ovkRlxpKQbJL14yXIXVXMCdXhwkU6HlyxX3qOw8Gop0/2AXuBIup7Q 4idJ+JJyLjv6mYL3CtgWh+D6HVpRSS2DeKjHP33F8qMNaD0zjjlx1qQ2MZ42gwI4 4g5gGHWaq9q4fCLdbIvfHdeeU54Xb8Q/rJ2CMuE3y0q7BzYzToJFt8xE5+kw1d+x 3Cfc2clhT7YJdg2i4JtakbAAGMybx2IqfO2Zjc2GIGPuZGUSxQKUFgtmfJDR0/4e Zgl367oS5NsHOKYGx4cn =gPGz -----END PGP SIGNATURE-----
VAR-201512-0108 CVE-2015-7074 plural Apple Product CoreMedia Vulnerability in arbitrary code execution in the playback of CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file. Apple Mac OS X, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Note: The issue described by CVE-2015-3807 has been removed. The issue is discussed in BID 76343 (Apple Mac OS X and iOS Multiple Security Vulnerabilities). Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. CoreMedia Playback is one of the multimedia playback controller components. A security vulnerability exists in the CoreMedia Playback component of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-1 iOS 9.2 iOS 9.2 is now available and addresses the following: AppleMobileFileIntegrity Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An access control issue was addressed by preventing modification of access control structures. CVE-ID CVE-2015-7055 : Apple AppSandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7074 : Apple CVE-2015-7075 dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple segment validation issues existed in dyld. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7072 : Apple CVE-2015-7079 : PanguTeam GPUTools Framework Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple path validation issues existed in Mobile Replayer. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7069 : Luca Todesco (@qwertyoruiop) CVE-2015-7070 : Luca Todesco (@qwertyoruiop) iBooks Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero LaunchServices Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7113 : Olivier Goguel of Free Tools Association libarchive Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University MobileStorageMounter Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A timing issue existed in loading of the trust cache. This issue was resolved by validating the system environment before loading the trust cache. CVE-ID CVE-2015-7051 : PanguTeam OpenGL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Photos Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to use the backup system to access restricted areas of the file system Description: A path validation issue existed in Mobile Backup. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7037 : PanguTeam QuickLook Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling. CVE-ID CVE-2015-7093 : xisigr of Tencent's Xuanwu LAB (www.tencent.com) Sandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking. CVE-ID CVE-2015-7080 : Or Safran (www.linkedin.com/profile/view?id=33912591) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.2". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRMAAoJEBcWfLTuOo7tEKgQAJ9/T6vHx0rQLQBU32SytoMV qnU9gXfhENP6nWOb0r8Lz8h+xpH3TfqyFUdqLDZtkfZVYtgt4YZ7J1trLPgKXrl1 0tZqAl+iDqMnroawUK+TsWyNZcsrOnSxy1so83CDZkeG1vmt4OIFZ6NHNzTQDnXx +f13C5vHnsd2JryQ9pWGazpj4F1oi7J8B3I5F0AOzvq9kGOzwg35h1GYFYeU59J9 YHpLwDlCjD3rJojG0lIedC0HMqSHK++OxoAMQaLTzzI6qWfoZw9j1/kXlEQ8g/yK jOp9SceJJ2iBti7p7ID5fyF3zTK10zggfsq3jXwJKWdt84JobhnERiTHGBdzEEWq bip6UHKB36daTnAhA72GHn8hzc0c5JC9tQgWzwEpxEBEW/9iF99iY+q87rYxVt1J FyyCJpgSWJsEE9dA09P6+CY4xBGYFf+uOJIBnctJm+ofg8IM/VNaDffLLQ0OCYAs FgW258wuEn0ztV0sA4wX5rOiEa9rRHDFG6zn/zuyYmfR3fYa7xGVuBA5yp/EY0l1 zLWZrdgIBL21luETby773BFCwXMrg0+fchGLXS0TxSq6NVBtfqpRTFI/X24kjp79 X6gU4R4t3G5YoDXgKYLUcR3TT+I4x70dMu9oVK4tmaQmeA6n0pZwM3DVqywsPuYL /ohF4zrwzeJ8a/8oKLfe =Rjch -----END PGP SIGNATURE-----
VAR-201512-0160 CVE-2015-7061 plural Apple Product ASN.1 Vulnerability in arbitrary code execution in decoder CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060. Apple Mac OS X, watchOS, and tvOS are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code. Failed exploit attempts may result in a denial-of-service condition. in the United States. Apple OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. A security vulnerability exists in the ASN.1 decoder of several Apple products. The following products and versions are affected: Apple OS X 10.11.1 and earlier, tvOS 9.0 and earlier, watchOS 2.0 and earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses the following: apache_mod_php Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30. CVE-ID CVE-2015-7803 CVE-2015-7804 AppSandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Bluetooth Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7108 : Ian Beer of Google Project Zero CFNetwork HTTPProtocol Available for: OS X El Capitan v10.11 and v10.11.1 Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru Configuration Profiles Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local attacker may be able to install a configuration profile without admin privileges Description: An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-7062 : David Mulder of Dell Software CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7110 : Ian Beer of Google Project Zero EFI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7063 : Apple File Bookmark Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7071 : Apple Hypervisor Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management. CVE-ID CVE-2015-7078 : Ian Beer of Google Project Zero iBooks Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A null pointer dereference issue was addressed through improved input validation. CVE-ID CVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7077 : Ian Beer of Google Project Zero IOAcceleratorFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero IOThunderboltFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts. CVE-ID CVE-2015-7067 : Juwei Lin of TrendMicro Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero kext tools Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A validation issue existed during the loading of kernel extensions. This issue was addressed through additional verification. CVE-ID CVE-2015-7052 : Apple Keychain Access Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to masquerade as the Keychain Server. Description: An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality. CVE-ID CVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi- Min Hu of Tsinghua University, and Xinhui Han of Peking University libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libexpat Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in expat Description: Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0. CVE-ID CVE-2012-0876 : Vincent Danen CVE-2012-1147 : Kurt Seifried CVE-2012-1148 : Kurt Seifried libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks OpenLDAP Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote unauthenticated client may be able to cause a denial of service Description: An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation. These were addressed by updating LibreSSL to version 2.1.8. CVE-ID CVE-2015-5333 CVE-2015-5334 QuickLook Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Sandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google Security Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 System Integrity Protection Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to execute arbitrary code with system privileges Description: A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7044 : MacDefender Installation note: Security Update 2015-008 is recommended for all users and improves the security of OS X. After installing this update, the QuickTime 7 web browser plug-in will no longer be enabled by default. Learn what to do if you still need this legacy plug-in. https://support.apple.com/en-us/HT205081 OS X El Capitan v10.11.2 includes the security content of Safari 9.0.2: https://support.apple.com/en-us/HT205639 OS X El Capitan 10.11.2 and Security Update 2015-008 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzzVAAoJEBcWfLTuOo7tQsMQAIBHD6EQQmEBqEqNqszdNS4j PE0wrKpgJUe79i5bUVXF3e8bK41+QGQzouceIaKK/r0aizEmUFbgvKG0BFCYacjn +XiDt0V4Itnf2VVvcjodEjVM8Os1BVl0G4tsrXfqJNJ8UmzqQfSFZZ0l+/yQW0rQ jtGYuBIezeWJ/2aA2l5qC89KgiWjmN9YzwpBUx3+02maWIJaKKIvUZy4b7xbQ4fz 0AKMHHh8u/xoPjAIpgXEpYuXM9XILabXkex3m5fp5roBipyimto/OomSsv/CuM5g OjMLz1ZL/dPf7yGaxSD+cTfdKJStTsm89VRWuE9MfAgWdFqjH8CpM9CT4nxX1Q8s Ima2Vk7R+VbyOJksB2fygBtfqBmIjX+fwm52WxhW0B5HabfKMbPjoBKLGIcPsH36 Num/gxdQ+0eswLLUzzorq3Qm2ptxoY6t/ceRAm0HE497+1+YVAKETwTbQTaBZqlB BhDfxk85wYfi7uuKJUH5NPP6j7sXrkJvMAuPJOXcY0QLhyxb96oD6yWaYGWjOGEY Z9zphs8o57l6YW1DWjvVNbZOon05bjIrepzkq6F9Q3TzCGTRgYL5BEAlgaREIZVx rfmFZHP3xM60SIHRKPiiADXo4dg6TvDJ6h8n+L/6OTdylxUf6bxQdoO5cmBhny1T gvIdn3N1k8hWpmYDjxZd =Yi/n -----END PGP SIGNATURE----- . CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software.". To check the current version of software, select "Settings -> General -> About". CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About"
VAR-201512-0159 CVE-2015-7060 plural Apple Product ASN.1 Vulnerability in arbitrary code execution in decoder CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061. Apple Mac OS X, watchOS, and tvOS are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code. Failed exploit attempts may result in a denial-of-service condition. in the United States. Apple OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. A security vulnerability exists in the ASN.1 decoder of several Apple products. The following products and versions are affected: Apple OS X 10.11.1 and earlier, tvOS 9.0 and earlier, watchOS 2.0 and earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses the following: apache_mod_php Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30. CVE-ID CVE-2015-7803 CVE-2015-7804 AppSandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Bluetooth Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7108 : Ian Beer of Google Project Zero CFNetwork HTTPProtocol Available for: OS X El Capitan v10.11 and v10.11.1 Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru Configuration Profiles Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local attacker may be able to install a configuration profile without admin privileges Description: An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-7062 : David Mulder of Dell Software CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7110 : Ian Beer of Google Project Zero EFI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7063 : Apple File Bookmark Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7071 : Apple Hypervisor Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management. CVE-ID CVE-2015-7078 : Ian Beer of Google Project Zero iBooks Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A null pointer dereference issue was addressed through improved input validation. CVE-ID CVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7077 : Ian Beer of Google Project Zero IOAcceleratorFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero IOThunderboltFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts. CVE-ID CVE-2015-7067 : Juwei Lin of TrendMicro Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero kext tools Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A validation issue existed during the loading of kernel extensions. This issue was addressed through additional verification. CVE-ID CVE-2015-7052 : Apple Keychain Access Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to masquerade as the Keychain Server. Description: An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality. CVE-ID CVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi- Min Hu of Tsinghua University, and Xinhui Han of Peking University libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libexpat Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in expat Description: Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0. CVE-ID CVE-2012-0876 : Vincent Danen CVE-2012-1147 : Kurt Seifried CVE-2012-1148 : Kurt Seifried libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks OpenLDAP Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote unauthenticated client may be able to cause a denial of service Description: An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation. These were addressed by updating LibreSSL to version 2.1.8. CVE-ID CVE-2015-5333 CVE-2015-5334 QuickLook Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Sandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google Security Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 System Integrity Protection Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to execute arbitrary code with system privileges Description: A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7044 : MacDefender Installation note: Security Update 2015-008 is recommended for all users and improves the security of OS X. After installing this update, the QuickTime 7 web browser plug-in will no longer be enabled by default. Learn what to do if you still need this legacy plug-in. https://support.apple.com/en-us/HT205081 OS X El Capitan v10.11.2 includes the security content of Safari 9.0.2: https://support.apple.com/en-us/HT205639 OS X El Capitan 10.11.2 and Security Update 2015-008 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzzVAAoJEBcWfLTuOo7tQsMQAIBHD6EQQmEBqEqNqszdNS4j PE0wrKpgJUe79i5bUVXF3e8bK41+QGQzouceIaKK/r0aizEmUFbgvKG0BFCYacjn +XiDt0V4Itnf2VVvcjodEjVM8Os1BVl0G4tsrXfqJNJ8UmzqQfSFZZ0l+/yQW0rQ jtGYuBIezeWJ/2aA2l5qC89KgiWjmN9YzwpBUx3+02maWIJaKKIvUZy4b7xbQ4fz 0AKMHHh8u/xoPjAIpgXEpYuXM9XILabXkex3m5fp5roBipyimto/OomSsv/CuM5g OjMLz1ZL/dPf7yGaxSD+cTfdKJStTsm89VRWuE9MfAgWdFqjH8CpM9CT4nxX1Q8s Ima2Vk7R+VbyOJksB2fygBtfqBmIjX+fwm52WxhW0B5HabfKMbPjoBKLGIcPsH36 Num/gxdQ+0eswLLUzzorq3Qm2ptxoY6t/ceRAm0HE497+1+YVAKETwTbQTaBZqlB BhDfxk85wYfi7uuKJUH5NPP6j7sXrkJvMAuPJOXcY0QLhyxb96oD6yWaYGWjOGEY Z9zphs8o57l6YW1DWjvVNbZOon05bjIrepzkq6F9Q3TzCGTRgYL5BEAlgaREIZVx rfmFZHP3xM60SIHRKPiiADXo4dg6TvDJ6h8n+L/6OTdylxUf6bxQdoO5cmBhny1T gvIdn3N1k8hWpmYDjxZd =Yi/n -----END PGP SIGNATURE----- . CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software.". To check the current version of software, select "Settings -> General -> About". CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About"
VAR-201512-0158 CVE-2015-7059 plural Apple Product ASN.1 Vulnerability in arbitrary code execution in decoder CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061. Apple Mac OS X, watchOS, and tvOS are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code. Failed exploit attempts may result in a denial-of-service condition. in the United States. Apple OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. A security vulnerability exists in the ASN.1 decoder of several Apple products. The following products and versions are affected: Apple OS X 10.11.1 and earlier, tvOS 9.0 and earlier, watchOS 2.0 and earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses the following: apache_mod_php Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30. CVE-ID CVE-2015-7803 CVE-2015-7804 AppSandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Bluetooth Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7108 : Ian Beer of Google Project Zero CFNetwork HTTPProtocol Available for: OS X El Capitan v10.11 and v10.11.1 Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru Configuration Profiles Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local attacker may be able to install a configuration profile without admin privileges Description: An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-7062 : David Mulder of Dell Software CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7110 : Ian Beer of Google Project Zero EFI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7063 : Apple File Bookmark Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7071 : Apple Hypervisor Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management. CVE-ID CVE-2015-7078 : Ian Beer of Google Project Zero iBooks Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A null pointer dereference issue was addressed through improved input validation. CVE-ID CVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7077 : Ian Beer of Google Project Zero IOAcceleratorFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero IOThunderboltFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts. CVE-ID CVE-2015-7067 : Juwei Lin of TrendMicro Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero kext tools Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A validation issue existed during the loading of kernel extensions. This issue was addressed through additional verification. CVE-ID CVE-2015-7052 : Apple Keychain Access Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to masquerade as the Keychain Server. Description: An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality. CVE-ID CVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi- Min Hu of Tsinghua University, and Xinhui Han of Peking University libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libexpat Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in expat Description: Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0. CVE-ID CVE-2012-0876 : Vincent Danen CVE-2012-1147 : Kurt Seifried CVE-2012-1148 : Kurt Seifried libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks OpenLDAP Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote unauthenticated client may be able to cause a denial of service Description: An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation. These were addressed by updating LibreSSL to version 2.1.8. CVE-ID CVE-2015-5333 CVE-2015-5334 QuickLook Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Sandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google Security Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 System Integrity Protection Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to execute arbitrary code with system privileges Description: A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7044 : MacDefender Installation note: Security Update 2015-008 is recommended for all users and improves the security of OS X. After installing this update, the QuickTime 7 web browser plug-in will no longer be enabled by default. Learn what to do if you still need this legacy plug-in. https://support.apple.com/en-us/HT205081 OS X El Capitan v10.11.2 includes the security content of Safari 9.0.2: https://support.apple.com/en-us/HT205639 OS X El Capitan 10.11.2 and Security Update 2015-008 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzzVAAoJEBcWfLTuOo7tQsMQAIBHD6EQQmEBqEqNqszdNS4j PE0wrKpgJUe79i5bUVXF3e8bK41+QGQzouceIaKK/r0aizEmUFbgvKG0BFCYacjn +XiDt0V4Itnf2VVvcjodEjVM8Os1BVl0G4tsrXfqJNJ8UmzqQfSFZZ0l+/yQW0rQ jtGYuBIezeWJ/2aA2l5qC89KgiWjmN9YzwpBUx3+02maWIJaKKIvUZy4b7xbQ4fz 0AKMHHh8u/xoPjAIpgXEpYuXM9XILabXkex3m5fp5roBipyimto/OomSsv/CuM5g OjMLz1ZL/dPf7yGaxSD+cTfdKJStTsm89VRWuE9MfAgWdFqjH8CpM9CT4nxX1Q8s Ima2Vk7R+VbyOJksB2fygBtfqBmIjX+fwm52WxhW0B5HabfKMbPjoBKLGIcPsH36 Num/gxdQ+0eswLLUzzorq3Qm2ptxoY6t/ceRAm0HE497+1+YVAKETwTbQTaBZqlB BhDfxk85wYfi7uuKJUH5NPP6j7sXrkJvMAuPJOXcY0QLhyxb96oD6yWaYGWjOGEY Z9zphs8o57l6YW1DWjvVNbZOon05bjIrepzkq6F9Q3TzCGTRgYL5BEAlgaREIZVx rfmFZHP3xM60SIHRKPiiADXo4dg6TvDJ6h8n+L/6OTdylxUf6bxQdoO5cmBhny1T gvIdn3N1k8hWpmYDjxZd =Yi/n -----END PGP SIGNATURE----- . CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software.". To check the current version of software, select "Settings -> General -> About". CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About"
VAR-201512-0069 CVE-2015-7037 Apple iOS Directory Traversal Vulnerability in Mobile Photo Backups CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname. Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions, execute arbitrary code, spoof the source URI of a site presented to an unsuspecting user. Failed exploit attempts may cause a denial-of-service condition. Versions prior to iOS 9.2 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Photos is one of the photo management tools. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-1 iOS 9.2 iOS 9.2 is now available and addresses the following: AppleMobileFileIntegrity Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An access control issue was addressed by preventing modification of access control structures. CVE-ID CVE-2015-7055 : Apple AppSandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7074 : Apple CVE-2015-7075 dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple segment validation issues existed in dyld. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7072 : Apple CVE-2015-7079 : PanguTeam GPUTools Framework Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple path validation issues existed in Mobile Replayer. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7069 : Luca Todesco (@qwertyoruiop) CVE-2015-7070 : Luca Todesco (@qwertyoruiop) iBooks Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero LaunchServices Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7113 : Olivier Goguel of Free Tools Association libarchive Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University MobileStorageMounter Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A timing issue existed in loading of the trust cache. This issue was resolved by validating the system environment before loading the trust cache. CVE-ID CVE-2015-7051 : PanguTeam OpenGL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Photos Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to use the backup system to access restricted areas of the file system Description: A path validation issue existed in Mobile Backup. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7037 : PanguTeam QuickLook Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling. CVE-ID CVE-2015-7093 : xisigr of Tencent's Xuanwu LAB (www.tencent.com) Sandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking. CVE-ID CVE-2015-7080 : Or Safran (www.linkedin.com/profile/view?id=33912591) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.2". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRMAAoJEBcWfLTuOo7tEKgQAJ9/T6vHx0rQLQBU32SytoMV qnU9gXfhENP6nWOb0r8Lz8h+xpH3TfqyFUdqLDZtkfZVYtgt4YZ7J1trLPgKXrl1 0tZqAl+iDqMnroawUK+TsWyNZcsrOnSxy1so83CDZkeG1vmt4OIFZ6NHNzTQDnXx +f13C5vHnsd2JryQ9pWGazpj4F1oi7J8B3I5F0AOzvq9kGOzwg35h1GYFYeU59J9 YHpLwDlCjD3rJojG0lIedC0HMqSHK++OxoAMQaLTzzI6qWfoZw9j1/kXlEQ8g/yK jOp9SceJJ2iBti7p7ID5fyF3zTK10zggfsq3jXwJKWdt84JobhnERiTHGBdzEEWq bip6UHKB36daTnAhA72GHn8hzc0c5JC9tQgWzwEpxEBEW/9iF99iY+q87rYxVt1J FyyCJpgSWJsEE9dA09P6+CY4xBGYFf+uOJIBnctJm+ofg8IM/VNaDffLLQ0OCYAs FgW258wuEn0ztV0sA4wX5rOiEa9rRHDFG6zn/zuyYmfR3fYa7xGVuBA5yp/EY0l1 zLWZrdgIBL21luETby773BFCwXMrg0+fchGLXS0TxSq6NVBtfqpRTFI/X24kjp79 X6gU4R4t3G5YoDXgKYLUcR3TT+I4x70dMu9oVK4tmaQmeA6n0pZwM3DVqywsPuYL /ohF4zrwzeJ8a/8oKLfe =Rjch -----END PGP SIGNATURE-----
VAR-201512-0157 CVE-2015-7058 plural Apple Vulnerability in products that can gain access to keychain items CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app. Apple Mac OS X, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Note: The issue described by CVE-2015-3807 has been removed. The issue is discussed in BID 76343 (Apple Mac OS X and iOS Multiple Security Vulnerabilities). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses the following: apache_mod_php Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30. CVE-ID CVE-2015-7803 CVE-2015-7804 AppSandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Bluetooth Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7108 : Ian Beer of Google Project Zero CFNetwork HTTPProtocol Available for: OS X El Capitan v10.11 and v10.11.1 Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru Configuration Profiles Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local attacker may be able to install a configuration profile without admin privileges Description: An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-7062 : David Mulder of Dell Software CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7074 : Apple CVE-2015-7075 Disk Images Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7110 : Ian Beer of Google Project Zero EFI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7063 : Apple File Bookmark Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7071 : Apple Hypervisor Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management. CVE-ID CVE-2015-7078 : Ian Beer of Google Project Zero iBooks Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A null pointer dereference issue was addressed through improved input validation. CVE-ID CVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7077 : Ian Beer of Google Project Zero IOAcceleratorFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7109 : Juwei Lin of TrendMicro IOHIDFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero IOThunderboltFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts. CVE-ID CVE-2015-7067 : Juwei Lin of TrendMicro Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero kext tools Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A validation issue existed during the loading of kernel extensions. Description: An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality. CVE-ID CVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi- Min Hu of Tsinghua University, and Xinhui Han of Peking University libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libexpat Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in expat Description: Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0. CVE-ID CVE-2012-0876 : Vincent Danen CVE-2012-1147 : Kurt Seifried CVE-2012-1148 : Kurt Seifried libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks OpenLDAP Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote unauthenticated client may be able to cause a denial of service Description: An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation. CVE-ID CVE-2015-6908 OpenSSH Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in LibreSSL Description: Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8. CVE-ID CVE-2015-5333 CVE-2015-5334 QuickLook Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Sandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple Security Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the ASN.1 decoder. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 System Integrity Protection Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to execute arbitrary code with system privileges Description: A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7044 : MacDefender Installation note: Security Update 2015-008 is recommended for all users and improves the security of OS X. After installing this update, the QuickTime 7 web browser plug-in will no longer be enabled by default. Learn what to do if you still need this legacy plug-in. https://support.apple.com/en-us/HT205081 OS X El Capitan v10.11.2 includes the security content of Safari 9.0.2: https://support.apple.com/en-us/HT205639 OS X El Capitan 10.11.2 and Security Update 2015-008 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzzVAAoJEBcWfLTuOo7tQsMQAIBHD6EQQmEBqEqNqszdNS4j PE0wrKpgJUe79i5bUVXF3e8bK41+QGQzouceIaKK/r0aizEmUFbgvKG0BFCYacjn +XiDt0V4Itnf2VVvcjodEjVM8Os1BVl0G4tsrXfqJNJ8UmzqQfSFZZ0l+/yQW0rQ jtGYuBIezeWJ/2aA2l5qC89KgiWjmN9YzwpBUx3+02maWIJaKKIvUZy4b7xbQ4fz 0AKMHHh8u/xoPjAIpgXEpYuXM9XILabXkex3m5fp5roBipyimto/OomSsv/CuM5g OjMLz1ZL/dPf7yGaxSD+cTfdKJStTsm89VRWuE9MfAgWdFqjH8CpM9CT4nxX1Q8s Ima2Vk7R+VbyOJksB2fygBtfqBmIjX+fwm52WxhW0B5HabfKMbPjoBKLGIcPsH36 Num/gxdQ+0eswLLUzzorq3Qm2ptxoY6t/ceRAm0HE497+1+YVAKETwTbQTaBZqlB BhDfxk85wYfi7uuKJUH5NPP6j7sXrkJvMAuPJOXcY0QLhyxb96oD6yWaYGWjOGEY Z9zphs8o57l6YW1DWjvVNbZOon05bjIrepzkq6F9Q3TzCGTRgYL5BEAlgaREIZVx rfmFZHP3xM60SIHRKPiiADXo4dg6TvDJ6h8n+L/6OTdylxUf6bxQdoO5cmBhny1T gvIdn3N1k8hWpmYDjxZd =Yi/n -----END PGP SIGNATURE----- . CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. CVE-ID CVE-2015-7107 Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. CVE-ID CVE-2015-7058 Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About
VAR-201512-0106 CVE-2015-7072 plural Apple Product dyld Vulnerable to arbitrary code execution in a privileged context CVSS V2: 9.3
CVSS V3: -
Severity: HIGH
dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app. Apple iOS, watchOS and tvOS are prone to an arbitrary code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in: Apple iOS 9.2 Apple tvOS 9.1 Apple watchOS 2.1. in the United States. Apple iOS is an operating system developed for mobile devices; watchOS is a smart watch operating system; tvOS is a smart TV operating system. A security vulnerability exists in dyld on several Apple products due to the program's improper handling of segment validation. The following products and versions are affected: Apple iOS 9.1 and earlier, tvOS 9.0 and earlier, watchOS 2.0 and earlier. Description: An issue existed in how Keychain Access interacted with Keychain Agent. CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-1 iOS 9.2 iOS 9.2 is now available and addresses the following: AppleMobileFileIntegrity Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An access control issue was addressed by preventing modification of access control structures. CVE-ID CVE-2015-7055 : Apple AppSandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7074 : Apple CVE-2015-7075 dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple segment validation issues existed in dyld. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7072 : Apple CVE-2015-7079 : PanguTeam GPUTools Framework Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple path validation issues existed in Mobile Replayer. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7069 : Luca Todesco (@qwertyoruiop) CVE-2015-7070 : Luca Todesco (@qwertyoruiop) iBooks Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero LaunchServices Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7113 : Olivier Goguel of Free Tools Association libarchive Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University MobileStorageMounter Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A timing issue existed in loading of the trust cache. This issue was resolved by validating the system environment before loading the trust cache. CVE-ID CVE-2015-7051 : PanguTeam OpenGL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Photos Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to use the backup system to access restricted areas of the file system Description: A path validation issue existed in Mobile Backup. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7037 : PanguTeam QuickLook Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling. CVE-ID CVE-2015-7093 : xisigr of Tencent's Xuanwu LAB (www.tencent.com) Sandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking. CVE-ID CVE-2015-7080 : Or Safran (www.linkedin.com/profile/view?id=33912591) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.2". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRMAAoJEBcWfLTuOo7tEKgQAJ9/T6vHx0rQLQBU32SytoMV qnU9gXfhENP6nWOb0r8Lz8h+xpH3TfqyFUdqLDZtkfZVYtgt4YZ7J1trLPgKXrl1 0tZqAl+iDqMnroawUK+TsWyNZcsrOnSxy1so83CDZkeG1vmt4OIFZ6NHNzTQDnXx +f13C5vHnsd2JryQ9pWGazpj4F1oi7J8B3I5F0AOzvq9kGOzwg35h1GYFYeU59J9 YHpLwDlCjD3rJojG0lIedC0HMqSHK++OxoAMQaLTzzI6qWfoZw9j1/kXlEQ8g/yK jOp9SceJJ2iBti7p7ID5fyF3zTK10zggfsq3jXwJKWdt84JobhnERiTHGBdzEEWq bip6UHKB36daTnAhA72GHn8hzc0c5JC9tQgWzwEpxEBEW/9iF99iY+q87rYxVt1J FyyCJpgSWJsEE9dA09P6+CY4xBGYFf+uOJIBnctJm+ofg8IM/VNaDffLLQ0OCYAs FgW258wuEn0ztV0sA4wX5rOiEa9rRHDFG6zn/zuyYmfR3fYa7xGVuBA5yp/EY0l1 zLWZrdgIBL21luETby773BFCwXMrg0+fchGLXS0TxSq6NVBtfqpRTFI/X24kjp79 X6gU4R4t3G5YoDXgKYLUcR3TT+I4x70dMu9oVK4tmaQmeA6n0pZwM3DVqywsPuYL /ohF4zrwzeJ8a/8oKLfe =Rjch -----END PGP SIGNATURE----- . CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About"
VAR-201512-0107 CVE-2015-7073 plural Apple Vulnerabilities in products that allow arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.2, watchOS 2.1, OS X 10.11.2, and tvOS 9.1 are vulnerable. Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. Security flaws exist in several Apple products. Description: An issue existed in how Keychain Access interacted with Keychain Agent. CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-1 iOS 9.2 iOS 9.2 is now available and addresses the following: AppleMobileFileIntegrity Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An access control issue was addressed by preventing modification of access control structures. CVE-ID CVE-2015-7055 : Apple AppSandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7074 : Apple CVE-2015-7075 dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple segment validation issues existed in dyld. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7072 : Apple CVE-2015-7079 : PanguTeam GPUTools Framework Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple path validation issues existed in Mobile Replayer. These were addressed through improved environment sanitization. CVE-ID CVE-2015-7069 : Luca Todesco (@qwertyoruiop) CVE-2015-7070 : Luca Todesco (@qwertyoruiop) iBooks Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero LaunchServices Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7113 : Olivier Goguel of Free Tools Association libarchive Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University MobileStorageMounter Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A timing issue existed in loading of the trust cache. This issue was resolved by validating the system environment before loading the trust cache. CVE-ID CVE-2015-7051 : PanguTeam OpenGL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Photos Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to use the backup system to access restricted areas of the file system Description: A path validation issue existed in Mobile Backup. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7037 : PanguTeam QuickLook Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling. CVE-ID CVE-2015-7093 : xisigr of Tencent's Xuanwu LAB (www.tencent.com) Sandbox Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking. CVE-ID CVE-2015-7080 : Or Safran (www.linkedin.com/profile/view?id=33912591) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.2". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzRMAAoJEBcWfLTuOo7tEKgQAJ9/T6vHx0rQLQBU32SytoMV qnU9gXfhENP6nWOb0r8Lz8h+xpH3TfqyFUdqLDZtkfZVYtgt4YZ7J1trLPgKXrl1 0tZqAl+iDqMnroawUK+TsWyNZcsrOnSxy1so83CDZkeG1vmt4OIFZ6NHNzTQDnXx +f13C5vHnsd2JryQ9pWGazpj4F1oi7J8B3I5F0AOzvq9kGOzwg35h1GYFYeU59J9 YHpLwDlCjD3rJojG0lIedC0HMqSHK++OxoAMQaLTzzI6qWfoZw9j1/kXlEQ8g/yK jOp9SceJJ2iBti7p7ID5fyF3zTK10zggfsq3jXwJKWdt84JobhnERiTHGBdzEEWq bip6UHKB36daTnAhA72GHn8hzc0c5JC9tQgWzwEpxEBEW/9iF99iY+q87rYxVt1J FyyCJpgSWJsEE9dA09P6+CY4xBGYFf+uOJIBnctJm+ofg8IM/VNaDffLLQ0OCYAs FgW258wuEn0ztV0sA4wX5rOiEa9rRHDFG6zn/zuyYmfR3fYa7xGVuBA5yp/EY0l1 zLWZrdgIBL21luETby773BFCwXMrg0+fchGLXS0TxSq6NVBtfqpRTFI/X24kjp79 X6gU4R4t3G5YoDXgKYLUcR3TT+I4x70dMu9oVK4tmaQmeA6n0pZwM3DVqywsPuYL /ohF4zrwzeJ8a/8oKLfe =Rjch -----END PGP SIGNATURE----- . CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About"
VAR-201512-0152 CVE-2015-7053 plural Apple Product ImageIO Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.2, watchOS 2.1, OS X 10.11.2, and tvOS 9.1 are vulnerable. Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. ImageIO is one of the static methods used to perform common image I/O operations. A security vulnerability exists in the ImageIO method of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses the following: apache_mod_php Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30. CVE-ID CVE-2015-7803 CVE-2015-7804 AppSandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Bluetooth Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7108 : Ian Beer of Google Project Zero CFNetwork HTTPProtocol Available for: OS X El Capitan v10.11 and v10.11.1 Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru Configuration Profiles Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local attacker may be able to install a configuration profile without admin privileges Description: An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-7062 : David Mulder of Dell Software CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7110 : Ian Beer of Google Project Zero EFI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7063 : Apple File Bookmark Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7071 : Apple Hypervisor Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management. CVE-ID CVE-2015-7078 : Ian Beer of Google Project Zero iBooks Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A null pointer dereference issue was addressed through improved input validation. CVE-ID CVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. This issue was addressed through improved memory handling. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero IOThunderboltFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero kext tools Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A validation issue existed during the loading of kernel extensions. This issue was addressed through additional verification. CVE-ID CVE-2015-7052 : Apple Keychain Access Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to masquerade as the Keychain Server. Description: An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality. CVE-ID CVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi- Min Hu of Tsinghua University, and Xinhui Han of Peking University libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libexpat Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in expat Description: Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0. CVE-ID CVE-2012-0876 : Vincent Danen CVE-2012-1147 : Kurt Seifried CVE-2012-1148 : Kurt Seifried libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks OpenLDAP Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote unauthenticated client may be able to cause a denial of service Description: An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation. CVE-ID CVE-2015-6908 OpenSSH Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in LibreSSL Description: Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Sandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google Security Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 System Integrity Protection Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to execute arbitrary code with system privileges Description: A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7044 : MacDefender Installation note: Security Update 2015-008 is recommended for all users and improves the security of OS X. After installing this update, the QuickTime 7 web browser plug-in will no longer be enabled by default. Learn what to do if you still need this legacy plug-in. https://support.apple.com/en-us/HT205081 OS X El Capitan v10.11.2 includes the security content of Safari 9.0.2: https://support.apple.com/en-us/HT205639 OS X El Capitan 10.11.2 and Security Update 2015-008 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzzVAAoJEBcWfLTuOo7tQsMQAIBHD6EQQmEBqEqNqszdNS4j PE0wrKpgJUe79i5bUVXF3e8bK41+QGQzouceIaKK/r0aizEmUFbgvKG0BFCYacjn +XiDt0V4Itnf2VVvcjodEjVM8Os1BVl0G4tsrXfqJNJ8UmzqQfSFZZ0l+/yQW0rQ jtGYuBIezeWJ/2aA2l5qC89KgiWjmN9YzwpBUx3+02maWIJaKKIvUZy4b7xbQ4fz 0AKMHHh8u/xoPjAIpgXEpYuXM9XILabXkex3m5fp5roBipyimto/OomSsv/CuM5g OjMLz1ZL/dPf7yGaxSD+cTfdKJStTsm89VRWuE9MfAgWdFqjH8CpM9CT4nxX1Q8s Ima2Vk7R+VbyOJksB2fygBtfqBmIjX+fwm52WxhW0B5HabfKMbPjoBKLGIcPsH36 Num/gxdQ+0eswLLUzzorq3Qm2ptxoY6t/ceRAm0HE497+1+YVAKETwTbQTaBZqlB BhDfxk85wYfi7uuKJUH5NPP6j7sXrkJvMAuPJOXcY0QLhyxb96oD6yWaYGWjOGEY Z9zphs8o57l6YW1DWjvVNbZOon05bjIrepzkq6F9Q3TzCGTRgYL5BEAlgaREIZVx rfmFZHP3xM60SIHRKPiiADXo4dg6TvDJ6h8n+L/6OTdylxUf6bxQdoO5cmBhny1T gvIdn3N1k8hWpmYDjxZd =Yi/n -----END PGP SIGNATURE----- . CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. CVE-ID CVE-2015-7107 Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. CVE-ID CVE-2015-7058 Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. CVE-ID CVE-2015-6997 : Apple Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About"