VARIoT IoT vulnerabilities database

The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. http://cwe.mitre.org/data/definitions/17.htmlIt may be subject to unspecified effects and attacks. Apple Xcode is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. Versions prior to Apple Xcode 7.1 are vulnerable. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. Swift is a programming language used to develop Mac OS X and iOS applications. A security vulnerability exists in the Swift implementation of Apple's Xcode 7.0 and earlier versions. The vulnerability stems from the program's improper handling of type conversions. Attackers can exploit this vulnerability to cause Swift programs to return incorrect values. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-10-21-7 Xcode 7.1 Xcode 7.1 is now available and addresses the following: Swift Available for: OS X Yosemite v10.10.5 or later Impact: Swift programs performing certain type conversions may receive unexpected values Description: A type conversion issue existed that could lead to conversions returning unexpected values. This issue was addressed through improved type checking. CVE-ID CVE-2015-7030 : an anonymous researcher Installation note: Xcode 7.1 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "7.1". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWJ/d+AAoJEBcWfLTuOo7tSeEP/2kJ90yMD+I3obU7us1+ZflX pXyEp5XEdfKkPi6LwEarct85LjaG0eozqZVfo5qZ4gWX9u74GN+Y7kSsZ+5MJaFp FF12elp50CIXCHtDdtzm8nO4i6X256XNU9g5T9dkxFCJHRhmVmxDeoZXfPGRAEJa FMsS0b+v0zozye4VdbPYtxluWAdBjCDcnmNZbYZe2wg/T4fuVnFABshAAotPLz1t NFmuakPkv58vH8qSLR8/M/i5WvMAfxNf6Nz8qFapGOdSN8GFfU154taKediJwqJz 18IEpkJEeUEvl25c1McG3NMkvaXPxeeYqu6nZ+6Woucev4WNPets+xzu2DTs/OPZ 4LdRaCsbpCRuArR3M6tWnGYA3wky5PnIDQzHIQ9181F40goQw9bD4Z44cZk+4z6E oJkqEmnOiwY9ynQ7sTmzuVxle0EMXi2+QnTFg9GqVC5MHRwBOKsMMvPID63tn+Sz imFruz3iaMLErGKi0pz9uhm8bQGGqzbJFW0q9DYFSpzTrjteq1ixbC/spervfLM8 6ApwUr/fbp3TcGPWeUzy9CisODUuofZAayNcu34RI3d/HfAtgtstk/cA3iZe2s/2 yd5a0CewLXBmpPWrLTde84Xwn2Bcs24WhRi4a9o4crzPlXuzmCYtTKpDgGH0edxe h2YJzY5OvZ1ygvZ/0OND =oH8w -----END PGP SIGNATURE-----

FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, and CVE-2015-7010. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions, overwrite arbitrary files and cause denial-of-service conditions. in the United States. FontParser is a font parsing component

The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different vulnerability than CVE-2015-7020. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, bypass security restrictions and perform unauthorized actions. This may aid in other attacks. Graphics Drivers is one of the graphics driver components

The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, bypass security restrictions and perform unauthorized actions. This may aid in other attacks. The vulnerability stems from the fact that the program does not properly handle pre-fetched configuration files when Managed Configuration is enabled

The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Apple iOS and Mac OS X are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions, overwrite arbitrary files and cause denial-of-service conditions. in the United States. The vulnerability stems from the omission of verification and locking steps when the program enables multi-threading mode. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address the following: Accelerate Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the Accelerate Framework in multi-threading mode. This issue was addressed through improved accessor element validation and improved object locking. These were addressed by updating PHP to versions 5.5.29 and 5.4.45. CVE-ID CVE-2015-0235 CVE-2015-0273 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 ATS Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted webpage may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in ATS. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6985 : John Villamil (@day6reak), Yahoo Pentest Team Audio Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code Description: An uninitialized memory issue existed in coreaudiod. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-7003 : Mark Brand of Google Project Zero Audio Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Playing a malicious audio file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of audio files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5933 : Apple CVE-2015-5934 : Apple Bom Available for: OS X El Capitan 10.11 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A file traversal vulnerability existed in the handling of CPIO archives. This issue was addressed through improved validation of metadata. CVE-ID CVE-2015-7006 : Mark Dowd of Azimuth Security CFNetwork Available for: OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A parsing issue existed when handling cookies with different letter casing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of Tsinghua University, Jian Jiang of University of California, Berkeley, Haixin Duan of Tsinghua University and International Computer Science Institute, Shuo Chen of Microsoft Research Redmond, Tao Wan of Huawei Canada, Nicholas Weaver of International Computer Science Institute and University of California, Berkeley, coordinated via CERT/CC configd Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to elevate privileges Description: A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients. CVE-ID CVE-2015-7015 : PanguTeam CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in CoreGraphics. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5925 : Apple CVE-2015-5926 : Apple CoreText Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team CoreText Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team CoreText Available for: OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team CoreText Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5944 : John Villamil (@day6reak), Yahoo Pentest Team Disk Images Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6995 : Ian Beer of Google Project Zero EFI Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: An attacker can exercise unused EFI functions Description: An issue existed with EFI argument handling. This was addressed by removing the affected functions. CVE-ID CVE-2015-7035 : Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of The MITRE Corporation, coordinated via CERT/CC File Bookmark Available for: OS X El Capitan 10.11 Impact: Browsing to a folder with malformed bookmarks may cause unexpected application termination Description: An input validation issue existed in parsing bookmark metadata. This issue was addressed through improved validation checks. CVE-ID CVE-2015-6987 : Luca Todesco (@qwertyoruiop) FontParser Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5927 : Apple CVE-2015-5942 CVE-2015-6976 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6977 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero Day Initiative CVE-2015-6991 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6993 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7009 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7010 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7018 : John Villamil (@day6reak), Yahoo Pentest Team FontParser Available for: OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6990 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7008 : John Villamil (@day6reak), Yahoo Pentest Team Grand Central Dispatch Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of dispatch calls. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6989 : Apple Graphics Drivers Available for: OS X El Capitan 10.11 Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: Multiple out of bounds read issues existed in the NVIDIA graphics driver. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7019 : Ian Beer of Google Project Zero CVE-2015-7020 : Moony Li of Trend Micro Graphics Drivers Available for: OS X El Capitan 10.11 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7021 : Moony Li of Trend Micro ImageIO Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted image file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation. CVE-ID CVE-2015-5935 : Apple CVE-2015-5938 : Apple ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted image file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation. CVE-ID CVE-2015-5936 : Apple CVE-2015-5937 : Apple CVE-2015-5939 : Apple IOAcceleratorFamily Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6996 : Ian Beer of Google Project Zero IOHIDFamily Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6974 : Luca Todesco (@qwertyoruiop) Kernel Available for: OS X Yosemite v10.10.5 Impact: A local user may be able to execute arbitrary code with system privileges Description: A type confusion issue existed in the validation of Mach tasks. This issue was addressed through improved Mach task validation. CVE-ID CVE-2015-5932 : Luca Todesco (@qwertyoruiop), Filippo Bigarella Kernel Available for: OS X El Capitan 10.11 Impact: An attacker with a privileged network position may be able to execute arbitrary code Description: An uninitialized memory issue existed in the kernel. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-6988 : The Brainy Code Scanner (m00nbsd) Kernel Available for: OS X El Capitan 10.11 Impact: A local application may be able to cause a denial of service Description: An issue existed when reusing virtual memory. This issue was addressed through improved validation. CVE-ID CVE-2015-6994 : Mark Mentovai of Google Inc. libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: A malicious application may be able to overwrite arbitrary files Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization. CVE-ID CVE-2015-6984 : Christopher Crone of Infinit, Jonathan Schleifer MCX Application Restrictions Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: A developer-signed executable may acquire restricted entitlements Description: An entitlement validation issue existed in Managed Configuration. A developer-signed app could bypass restrictions on use of restricted entitlements and elevate privileges. This issue was addressed through improved provisioning profile validation. CVE-ID CVE-2015-7016 : Apple Net-SNMP Available for: OS X El Capitan 10.11 Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple issues existed in netsnmp version 5.6. These issues were addressed by using patches affecting OS X from upstream. CVE-ID CVE-2012-6151 CVE-2014-3565 OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in OpenGL. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5924 : Apple OpenSSH Available for: OS X El Capitan 10.11 Impact: A local user may be able to conduct impersonation attacks Description: A privilege separation issue existed in PAM support. This issue was addressed with improved authorization checks. CVE-ID CVE-2015-6563 : Moritz Jodeit of Blue Frost Security GmbH Sandbox Available for: OS X El Capitan 10.11 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An input validation issue existed when handling NVRAM parameters. This issue was addressed through improved validation. CVE-ID CVE-2015-5945 : Rich Trouton (@rtrouton), Howard Hughes Medical Institute, Apple Script Editor Available for: OS X El Capitan 10.11 Impact: An attacker may trick a user into running arbitrary AppleScript Description: In some circumstances, Script Editor did not ask for user confirmation before executing AppleScripts. This issue was addressed by prompting for user confirmation before executing AppleScripts. CVE-ID CVE-2015-7007 : Joe Vennix of Rapid7 Security Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to overwrite arbitrary files Description: A double free issue existed in the handling of AtomicBufferedFile descriptors. This issue was addressed through improved validation of AtomicBufferedFile descriptors. CVE-ID CVE-2015-6983 : David Benjamin, Greg Kerr, Mark Mentovai and Sergey Ulanov from the Chrome Team SecurityAgent Available for: OS X El Capitan 10.11 Impact: A malicious application can programmatically control keychain access prompts Description: A method existed for applications to create synthetic clicks on keychain prompts. This was addressed by disabling synthetic clicks for keychain access windows. CVE-ID CVE-2015-5943 Installation note: OS X El Capitan v10.11.1 includes the security content of Safari 9.0.1: https://support.apple.com/kb/HT205377 OS X El Capitan 10.11.1 and Security Update 2015-007 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWJuKsAAoJEBcWfLTuOo7t8e0P/igVHKDXeLNib2eEzbS2BMVV Ee968BgEDw1xnHK8zzh3bbRNxxAUT9lwe8RuSYECfp8sUYySb51/VIWpmidewsqB az7mJ4Gohldppejc5tykHDoTYesQL7iySLn74PdxZfZXbtz2EGJK19cA6hIHcO5x ZiMCbJzTaAOylKRQRRi3kMdNWEzxbtm90247vNx/zMSjs1bhGlQbJsCVDmX/Q9uH Xja9aPCHDfaQueTw5idbXwT+Y/+I9ytBlL5JXVrjRUDYCtuewC4DNsQxZY0qcDyE A7/0G7iYW5vOECNhpoLA0+1MbdHxJXhwJtmIKX8zucYqe/Vr4j41oGey/HJW55ER USJ2RBpMtGhDEolyvxz7FlSPYOIpp05mwMB0GWQWAmkWDAxnagkQm9xwKBMt4eq4 CNdI0YaX0iPPWYIkI3HpZHdzuwbE5b053cw1hLKc0OVQBiqLUQxe3W5s64ZqTSe0 whlm9lt/9EUwyfXHEiXTYi/d+CF8+JthY4ieXRJ4mwz77udafmgA5Pbl71SqB8pE 7TBByuCOFdou6JmdJPahLDxoGRA+i7Z+a8Myn4WtbemkjrO9iZ/VsdAdl/Db+7cz rEgSPjelEC5z5WxQspiuohxU1NkDnMgWm2Tnx+pFBOfZMheE4xnTfve3vqY+gQdN 4GbuRXld4PbxeDdel0Nk =snJ4 -----END PGP SIGNATURE----- . Notification Center Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Phone and Messages notifications may appear on the lock screen even when disabled Description: When "Show on Lock Screen" was turned off for Phone or Messages, configuration changes were not immediately applied. CVE-ID CVE-2015-6999 : Apple Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A trust evaluation configured to require revocation checking may succeed even if revocation checking fails Description: The kSecRevocationRequirePositiveResponse flag was specified but not implemented. CVE-ID CVE-2015-6997 : Apple Telephony Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to leak sensitive user information Description: An issue existed in the authorization checks for querying phone call status. CVE-ID CVE-2015-5928 : Apple CVE-2015-5929 : Apple CVE-2015-5930 : Apple CVE-2015-6981 CVE-2015-6982 CVE-2015-7002 : Apple CVE-2015-7005 : Apple CVE-2015-7012 : Apple CVE-2015-7014 Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.1"

CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992. Successful exploits may allow attackers to execute arbitrary code in the context of the affected system; Failed exploit attempts will cause denial-of-service conditions. in the United States. iTunes is a suite of multimedia music player applications. CoreText is one of the text engines that can control text formatting and text layout. A security vulnerability exists in the CoreText engine of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-21-5 iTunes 12.3.1 iTunes 12.3.1 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5928 : Apple CVE-2015-5929 : Apple CVE-2015-5930 : Apple CVE-2015-5931 CVE-2015-7002 : Apple CVE-2015-7011 : Apple CVE-2015-7012 : Apple CVE-2015-7013 : Apple CVE-2015-7014 iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team Installation note: iTunes 12.3.1 may be obtained from: http://www.apple.com/itunes/download/ You may also update to the latest version of iTunes via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWJuK0AAoJEBcWfLTuOo7tFqsP/i4hhZ9050OUg8jdzLx7ql9b pw0VB3uCssp4c7m6U/Dr90sgAAG1BRqNZF5jE0ItWfaeVxUtny9iHvj9MF5mhU4O 1hd/+f9iVeA2chOi63jVBYl/RTON/HLG0EukNAt57H7UNcnpGOJMwPxciDgHb5mi GEQEo3Q9bM2B9ReMcxCenVWBJ+e02l4iAqFBeV09BgAYvbaTvAQamjSeXkKyodI3 AkHmUuq6qWx9ka3EcMkEtm/agI2fKewlfI3WgpotkBx2lrZGUeFiuD21Nmq0diL8 O6tWt3FG4FsdrbPN7rm1NtPQq+fAnHn3EWCrpz32LB6Dh6NTqTLLesVDD5BCCK4p TanM1TlaRPVuBxg6oCLreNN8IHAx25vhCLEsAw9GMl5JRhmBL9IjTczt91zFAAjX fdW1bhq2O283MrRqZxvJW3eBti4IMr+cZtP9+OdlK+8zGx91LdvWNcuMS5Eg2W5T Auwf4ZfHmVCX5DDe2wgeUqe14eTpDomCI4S4utyh6jVtA0+b7V7FEBVlqc760ThO Gj7W4it3Ljosw6/VQodEPDiesbvhw+Cn7FcTHKxV7fgz+tLFSlEcox5BU0m/ardJ xWJ6c7qrT8TKkE4wYGHWljhWx7o6SkU/60BYZo5FNAYllYC1bp2rQTa7G79fjMvM eXiT4RZimmMNlbqwFKHQ =4LVn -----END PGP SIGNATURE-----

Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client. Apple Mac OS X, watchOS and iOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code with kernel privileges. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.1, watchOS 2.0.1 and OS X 10.11.1 are vulnerable. in the United States. Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; watchOS is a smart watch operating system. configd is one of the system configuration daemon components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-21-2 watchOS 2.0.1 watchOS 2.0.1 is now available and addresses the following: Apple Pay Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: The transaction log functionality was enabled in certain configurations. This issue was addressed by removing the transaction log functionality. This update additionally addresses the issue for Apple Watches manufactured with watchOS 2. CVE-ID CVE-2015-5916 Bom Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A file traversal vulnerability existed in the handling of CPIO archives. This issue was addressed through improved validation of metadata. CVE-ID CVE-2015-7006 : Mark Dowd at Azimuth Security configd Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to elevate privileges Description: A heap based buffer overflow issue existed in the DNS client library. A local user with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients. CVE-ID CVE-2015-7015 : PanguTeam CoreGraphics Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in CoreGraphics. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5925 : Apple CVE-2015-5926 : Apple FontParser Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Viewing a document with a maliciously crafted font may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5927 : Apple CVE-2015-5942 Grand Central Dispatch Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of dispatch calls. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6989 : Apple ImageIO Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Viewing a maliciously crafted image file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues was addressed through improved metadata validation. CVE-ID CVE-2015-5935 : Apple CVE-2015-5936 : Apple CVE-2015-5937 : Apple CVE-2015-5939 : Apple IOAcceleratorFamily Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6996 : Ian Beer of Google Project Zero IOHIDFamily Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6974 : Luca Todesco (@qwertyoruiop) Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWJuKhAAoJEBcWfLTuOo7tkBcP+QGVb0FmXmyDjPNF1b3Mx4Cv 2gPz3W6x1BQlss3/2+WX8YAMXgtGux0HQfYF/uQIjverf+HHlGDN2bd+P61odDEp hEU2h6N6bPbDp85MehTgZWt8/c6HR5XB2KFKNAXhE6YmrZ8neXBYLF+sF9T9NMx0 ar2/yWFlCVFTgDHzt4KGFJFjNDr8urHNp0nc4KjOE7YE83oK9vkAxmqOhpPNNzdj DIob8y1wO4NBoClzXr8DIlqoajFEWLXU++G6MVclhCoWun+vQpUo3XcOG7mJgoff nrb9ITbsEXtpKLeHYPdK7y7EMWOasVb2GPkK3TWEc37wf2eEk2cUSHRN6bjeIsJO WWVqGC8+Ya7eQgsztUlfUMK8OFNX9wz9CABB/wBNbYe1fzea+oZV7ijCR6IzOi6I 5xFEDCxSOnDMSn3uF/ENRk5LG7DC0PsL/Er/H2tSit9oacEGmoozyUdGlexG4o+a pySDBLiplfVjdfoPv8ABQSN6mtvD1MaLVVAoG14FEObEEY/tdl22Ou8NZQ6OgeLl I2uyMSPQDGMKXNxjIfgWTWK31TQakq3c78swlXy9fZrCWl/ti8y6CFUVqP8XOjN9 LgkJcChm77UXsiFCKqREMw/kgSDvctF94iMknUBc1+YDj+uDs+t9vvUzZ3syFC0V 4bPj6XOJcceSHv1+PlcF =gtL/ -----END PGP SIGNATURE-----

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. Apple iOS , Safari and iTunes Used in etc. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious web page. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. iTunes is a suite of media player applications. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit used in several Apple products. The following products and versions are affected: Apple iOS versions prior to 9.1, Safari versions prior to 9.0.1, and iTunes versions prior to 12.3.1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-21-5 iTunes 12.3.1 iTunes 12.3.1 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5928 : Apple CVE-2015-5929 : Apple CVE-2015-5930 : Apple CVE-2015-5931 CVE-2015-7002 : Apple CVE-2015-7011 : Apple CVE-2015-7012 : Apple CVE-2015-7013 : Apple CVE-2015-7014 iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team Installation note: iTunes 12.3.1 may be obtained from: http://www.apple.com/itunes/download/ You may also update to the latest version of iTunes via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWJuK0AAoJEBcWfLTuOo7tFqsP/i4hhZ9050OUg8jdzLx7ql9b pw0VB3uCssp4c7m6U/Dr90sgAAG1BRqNZF5jE0ItWfaeVxUtny9iHvj9MF5mhU4O 1hd/+f9iVeA2chOi63jVBYl/RTON/HLG0EukNAt57H7UNcnpGOJMwPxciDgHb5mi GEQEo3Q9bM2B9ReMcxCenVWBJ+e02l4iAqFBeV09BgAYvbaTvAQamjSeXkKyodI3 AkHmUuq6qWx9ka3EcMkEtm/agI2fKewlfI3WgpotkBx2lrZGUeFiuD21Nmq0diL8 O6tWt3FG4FsdrbPN7rm1NtPQq+fAnHn3EWCrpz32LB6Dh6NTqTLLesVDD5BCCK4p TanM1TlaRPVuBxg6oCLreNN8IHAx25vhCLEsAw9GMl5JRhmBL9IjTczt91zFAAjX fdW1bhq2O283MrRqZxvJW3eBti4IMr+cZtP9+OdlK+8zGx91LdvWNcuMS5Eg2W5T Auwf4ZfHmVCX5DDe2wgeUqe14eTpDomCI4S4utyh6jVtA0+b7V7FEBVlqc760ThO Gj7W4it3Ljosw6/VQodEPDiesbvhw+Cn7FcTHKxV7fgz+tLFSlEcox5BU0m/ardJ xWJ6c7qrT8TKkE4wYGHWljhWx7o6SkU/60BYZo5FNAYllYC1bp2rQTa7G79fjMvM eXiT4RZimmMNlbqwFKHQ =4LVn -----END PGP SIGNATURE-----

FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, and CVE-2015-7018. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions, overwrite arbitrary files and cause denial-of-service conditions. in the United States. FontParser is a font parsing component

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. Apple Safari and iTunes Used in etc. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious web page. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. The former is a web browser, a Mac comes with the default browser on Mac OS X and iOS operating systems. The latter is a suite of media player applications. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit used in Apple Safari versions prior to 9.0.1 and iTunes versions prior to 12.3.1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-21-5 iTunes 12.3.1 iTunes 12.3.1 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5928 : Apple CVE-2015-5929 : Apple CVE-2015-5930 : Apple CVE-2015-5931 CVE-2015-7002 : Apple CVE-2015-7011 : Apple CVE-2015-7012 : Apple CVE-2015-7013 : Apple CVE-2015-7014 iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team Installation note: iTunes 12.3.1 may be obtained from: http://www.apple.com/itunes/download/ You may also update to the latest version of iTunes via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWJuK0AAoJEBcWfLTuOo7tFqsP/i4hhZ9050OUg8jdzLx7ql9b pw0VB3uCssp4c7m6U/Dr90sgAAG1BRqNZF5jE0ItWfaeVxUtny9iHvj9MF5mhU4O 1hd/+f9iVeA2chOi63jVBYl/RTON/HLG0EukNAt57H7UNcnpGOJMwPxciDgHb5mi GEQEo3Q9bM2B9ReMcxCenVWBJ+e02l4iAqFBeV09BgAYvbaTvAQamjSeXkKyodI3 AkHmUuq6qWx9ka3EcMkEtm/agI2fKewlfI3WgpotkBx2lrZGUeFiuD21Nmq0diL8 O6tWt3FG4FsdrbPN7rm1NtPQq+fAnHn3EWCrpz32LB6Dh6NTqTLLesVDD5BCCK4p TanM1TlaRPVuBxg6oCLreNN8IHAx25vhCLEsAw9GMl5JRhmBL9IjTczt91zFAAjX fdW1bhq2O283MrRqZxvJW3eBti4IMr+cZtP9+OdlK+8zGx91LdvWNcuMS5Eg2W5T Auwf4ZfHmVCX5DDe2wgeUqe14eTpDomCI4S4utyh6jVtA0+b7V7FEBVlqc760ThO Gj7W4it3Ljosw6/VQodEPDiesbvhw+Cn7FcTHKxV7fgz+tLFSlEcox5BU0m/ardJ xWJ6c7qrT8TKkE4wYGHWljhWx7o6SkU/60BYZo5FNAYllYC1bp2rQTa7G79fjMvM eXiT4RZimmMNlbqwFKHQ =4LVn -----END PGP SIGNATURE-----

FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7010, and CVE-2015-7018. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions, overwrite arbitrary files and cause denial-of-service conditions. in the United States. FontParser is a font parsing component

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. Apple iOS , Safari and iTunes Used in etc. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious web page. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. Apple iOS is an operating system developed for mobile devices; Apple Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; Apple TV is a high-definition television set-top box product. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit used in several Apple products. The following products and versions are affected: Apple iOS versions prior to 9.1, Safari versions prior to 9.0.1, and iTunes versions prior to 12.3.1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-21-5 iTunes 12.3.1 iTunes 12.3.1 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5928 : Apple CVE-2015-5929 : Apple CVE-2015-5930 : Apple CVE-2015-5931 CVE-2015-7002 : Apple CVE-2015-7011 : Apple CVE-2015-7012 : Apple CVE-2015-7013 : Apple CVE-2015-7014 iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team Installation note: iTunes 12.3.1 may be obtained from: http://www.apple.com/itunes/download/ You may also update to the latest version of iTunes via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWJuK0AAoJEBcWfLTuOo7tFqsP/i4hhZ9050OUg8jdzLx7ql9b pw0VB3uCssp4c7m6U/Dr90sgAAG1BRqNZF5jE0ItWfaeVxUtny9iHvj9MF5mhU4O 1hd/+f9iVeA2chOi63jVBYl/RTON/HLG0EukNAt57H7UNcnpGOJMwPxciDgHb5mi GEQEo3Q9bM2B9ReMcxCenVWBJ+e02l4iAqFBeV09BgAYvbaTvAQamjSeXkKyodI3 AkHmUuq6qWx9ka3EcMkEtm/agI2fKewlfI3WgpotkBx2lrZGUeFiuD21Nmq0diL8 O6tWt3FG4FsdrbPN7rm1NtPQq+fAnHn3EWCrpz32LB6Dh6NTqTLLesVDD5BCCK4p TanM1TlaRPVuBxg6oCLreNN8IHAx25vhCLEsAw9GMl5JRhmBL9IjTczt91zFAAjX fdW1bhq2O283MrRqZxvJW3eBti4IMr+cZtP9+OdlK+8zGx91LdvWNcuMS5Eg2W5T Auwf4ZfHmVCX5DDe2wgeUqe14eTpDomCI4S4utyh6jVtA0+b7V7FEBVlqc760ThO Gj7W4it3Ljosw6/VQodEPDiesbvhw+Cn7FcTHKxV7fgz+tLFSlEcox5BU0m/ardJ xWJ6c7qrT8TKkE4wYGHWljhWx7o6SkU/60BYZo5FNAYllYC1bp2rQTa7G79fjMvM eXiT4RZimmMNlbqwFKHQ =4LVn -----END PGP SIGNATURE-----

Script Editor in Apple OS X before 10.11.1 allows remote attackers to bypass an intended user-confirmation requirement for AppleScript execution via unspecified vectors. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, bypass security restrictions and perform unauthorized actions. This may aid in other attacks. Script Editor is one of the script debugging tools. A remote attacker could exploit this vulnerability to trick users into running AppleScript scripts

WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1. Apple iOS Used in etc. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious webpage. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit used in Apple iOS 9.0.2 and earlier

The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app. Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions, obtain sensitive information, execute arbitrary code and cause a denial-of-service condition; this may aid in launching further attacks. Versions prior to iOS 9.1 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Kernel is one of the kernel components

coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, which allows attackers to execute arbitrary code via a crafted app. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, bypass security restrictions and perform unauthorized actions. This may aid in other attacks. Audio is one of the audio components. The vulnerability stems from the fact that the program does not initialize the data structure

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. Apple Safari and iTunes Used in etc. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious web page. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. The former is a web browser, a Mac comes with the default browser on Mac OS X and iOS operating systems. The latter is a suite of media player applications. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit used in Apple Safari versions prior to 9.0.1 and iTunes versions prior to 12.3.1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-21-5 iTunes 12.3.1 iTunes 12.3.1 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5928 : Apple CVE-2015-5929 : Apple CVE-2015-5930 : Apple CVE-2015-5931 CVE-2015-7002 : Apple CVE-2015-7011 : Apple CVE-2015-7012 : Apple CVE-2015-7013 : Apple CVE-2015-7014 iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team Installation note: iTunes 12.3.1 may be obtained from: http://www.apple.com/itunes/download/ You may also update to the latest version of iTunes via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWJuK0AAoJEBcWfLTuOo7tFqsP/i4hhZ9050OUg8jdzLx7ql9b pw0VB3uCssp4c7m6U/Dr90sgAAG1BRqNZF5jE0ItWfaeVxUtny9iHvj9MF5mhU4O 1hd/+f9iVeA2chOi63jVBYl/RTON/HLG0EukNAt57H7UNcnpGOJMwPxciDgHb5mi GEQEo3Q9bM2B9ReMcxCenVWBJ+e02l4iAqFBeV09BgAYvbaTvAQamjSeXkKyodI3 AkHmUuq6qWx9ka3EcMkEtm/agI2fKewlfI3WgpotkBx2lrZGUeFiuD21Nmq0diL8 O6tWt3FG4FsdrbPN7rm1NtPQq+fAnHn3EWCrpz32LB6Dh6NTqTLLesVDD5BCCK4p TanM1TlaRPVuBxg6oCLreNN8IHAx25vhCLEsAw9GMl5JRhmBL9IjTczt91zFAAjX fdW1bhq2O283MrRqZxvJW3eBti4IMr+cZtP9+OdlK+8zGx91LdvWNcuMS5Eg2W5T Auwf4ZfHmVCX5DDe2wgeUqe14eTpDomCI4S4utyh6jVtA0+b7V7FEBVlqc760ThO Gj7W4it3Ljosw6/VQodEPDiesbvhw+Cn7FcTHKxV7fgz+tLFSlEcox5BU0m/ardJ xWJ6c7qrT8TKkE4wYGHWljhWx7o6SkU/60BYZo5FNAYllYC1bp2rQTa7G79fjMvM eXiT4RZimmMNlbqwFKHQ =4LVn -----END PGP SIGNATURE-----

Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen soon after a setting was disabled. Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions, obtain sensitive information, execute arbitrary code and cause a denial-of-service condition; this may aid in launching further attacks. Versions prior to iOS 9.1 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Notification Center is one of the components that displays system notifications

The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions, obtain sensitive information, execute arbitrary code and cause a denial-of-service condition; this may aid in launching further attacks. Versions prior to iOS 9.1 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices

The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app. Apple iOS and Mac OS X are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions, overwrite arbitrary files and cause denial-of-service conditions. in the United States. The former is a set of operating systems developed for mobile devices, and the latter is a set of dedicated operating systems developed for Mac computers. Kernel is one of the kernel components. The vulnerability stems from the program not properly handling the reuse of virtual memory. An attacker could exploit this vulnerability with a specially crafted application to cause a denial of service