VARIoT IoT vulnerabilities database

Platform Software before 4.4.5 in Cisco Unified Communications Domain Manager (CDM) 8.x has a hardcoded password for a privileged account, which allows remote attackers to obtain root access by leveraging knowledge of this password and entering it in an SSH session, aka Bug ID CSCuq45546. An attacker can leverage this issue to gain unauthorized access to an affected system with the privileges of the root user. A successful exploit could result in a complete system compromise. This issue is being tracked by Cisco Bug ID CSCuq45546. This component features scalable, distributed, and highly available enterprise Voice over IP call processing. There is a security vulnerability in Cisco UCDM 8.x versions of Platform Software prior to version 4.4.5

The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416. Vendors have confirmed this vulnerability Bug ID CSCur08416 It is released as.One local user VDC By using the administrator privileges of the VDC Files may be deleted. The Cisco Nexus 7000 Series Switches help create the network foundation platform required for next-generation unified array data centers. After the Cisco Nexus 7000 device is configured with multiple VDCs, there are multiple privilege escalation vulnerabilities in the Python scripting subsystem. Cisco NX-OS Software for Nexus 7000 Series is prone to a local privilege-escalation vulnerability. This could result in a denial of service (DoS) condition on the affected device. This issue is being tracked by Cisco Bug ID CSCur08416

The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436. Vendors have confirmed this vulnerability Bug ID CSCuv08491 , CSCuv08443 , CSCuv08480 , CSCuv08448 , CSCuu99291 , CSCuv08434 ,and CSCuv08436 It is released as.By the local user, via a crafted character in the file name OS The command may be executed. Nexus is Cisco's line of network switches designed for data centers. The Cisco Nexus Operating System (NX-OS) CLI resolver has a security vulnerability that allows an authenticated local attacker to exploit this vulnerability for elevated privileges. This issue is being tracked by Cisco Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436. The following releases are affected: Cisco NX-OS Release 4.1(2)E1(1), Release 6.2(11b), Release 6.2(12), Release 7.2(0)ZZ(99.1), Release 7.2(0)ZZ(99.3) , version 9.1(1)SV1(3.1.8)

The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4(7) and 8.6(1.2) allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests during a time of high network traffic, aka Bug ID CSCul02601. An attacker can exploit this issue to cause denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCul02601

Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad servers to cause a denial of service (reboot) via malformed ad messages, aka Bug ID CSCur13999. Attackers can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCur13999. A security vulnerability exists in Cisco DCM version 15.0.0

QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3669. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the properties for the QuickTime browser plugin. By manipulating a QuickTime object's properties an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions. Versions prior to QuickTime 7.7.7 running on Windows 7 and Windows Vista are vulnerable. Apple QuickTime is a multimedia playback software developed by Apple (Apple). The software is capable of handling multiple sources such as digital video, media segments, and more. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3661 : G. Geshev working with HP's Zero Day Initiative CVE-2015-3662 : kdot working with HP's Zero Day Initiative CVE-2015-3663 : kdot working with HP's Zero Day Initiative CVE-2015-3664 : Andrea Micalizzi (rgod) working with HP's Zero Day Initiative CVE-2015-3665 : WanderingGlitch of HP's Zero Day Initiative CVE-2015-3666 : Steven Seeley of Source Incite working with HP's Zero Day Initiative CVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3668 : Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3669 : kdot working with HP's Zero Day Initiative QuickTime 7.7.7 may be obtained from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ You may also update to the latest version of QuickTime via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJVkxVvAAoJEBcWfLTuOo7tuGoP/3oURL1tC5dv/+ZDKV/nI9Ug WOJoeVUIT662wG7JLEEnhS94VAlChogFcgXNIrms72ApocBMxj81NIsjIjJPqmbg 3UgOHVcA7xYCUTvm5Q3Cj4zZRJ14J47GLu3On1bLtpFPcQRsAyeMIwtbawt6vYoB qiQ7rYvtT02/SBXor0RojmIuo4kMZz2twpjZHGf5aOu/0CzuzA/TPJ1FRALWmvGx rIy4bS0QPqbzg7A/TT+1X9e7pCdY/Hmn3GMFBk3cX0cLfQN8XHxMU/JJ8ja7vbl4 LfB9xuy6CJL9S1w6W/U5/4WVb5k5AXb9mF1KsfxffBGZnOqLxMGWlbr9holSBRfh /BRbaLhNG9DQ9DMO9i7sjdFs3uVM9U3M0G/0TPed2+S8WBOgac+x9OCpM3u9aOjP 3nWiA4WDsurl8DFdZwt5mAi+OoocYQARS4g+JghVkBZ982MXGeisamqyec3BQVzs i75lzDBPp6pW+TJj0GlEFTa2qf/n3YsL5au6RubFHb62qNq7SmmNj0GmBVddZIDd I3TZ72sqievGv0UMMzYhIWeZCUJmSpsr2tJ9pkdH8SkmsEClGJHtwOscevQIhqPz WfhRPgPmGE/0QBtDHRciVWxJ9jfH4AG79+69FqEE1QIew/+/hZcK0IJyttqOVli7 3l2PXTYo9ZOODysgzAFn =Srvg -----END PGP SIGNATURE-----

QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3665 and CVE-2015-3669. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the alis atom. By providing a malformed alis atom, an attacker is able to cause QuickTime to overflow a stack buffer and execute arbitrary code in the context of the QuickTime process. Apple QuickTime is prone to a stack-based buffer-overflow vulnerability. Failed attempts will likely cause a denial-of-service condition. The title has been changed to better reflect the underlying component affected. Versions prior to QuickTime 7.7.7 running on Windows 7 and Windows Vista are vulnerable. Apple QuickTime is a multimedia playback software developed by Apple (Apple). The software is capable of handling multiple sources such as digital video, media segments, and more. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3661 : G. Geshev working with HP's Zero Day Initiative CVE-2015-3662 : kdot working with HP's Zero Day Initiative CVE-2015-3663 : kdot working with HP's Zero Day Initiative CVE-2015-3664 : Andrea Micalizzi (rgod) working with HP's Zero Day Initiative CVE-2015-3665 : WanderingGlitch of HP's Zero Day Initiative CVE-2015-3666 : Steven Seeley of Source Incite working with HP's Zero Day Initiative CVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3668 : Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3669 : kdot working with HP's Zero Day Initiative QuickTime 7.7.7 may be obtained from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ You may also update to the latest version of QuickTime via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJVkxVvAAoJEBcWfLTuOo7tuGoP/3oURL1tC5dv/+ZDKV/nI9Ug WOJoeVUIT662wG7JLEEnhS94VAlChogFcgXNIrms72ApocBMxj81NIsjIjJPqmbg 3UgOHVcA7xYCUTvm5Q3Cj4zZRJ14J47GLu3On1bLtpFPcQRsAyeMIwtbawt6vYoB qiQ7rYvtT02/SBXor0RojmIuo4kMZz2twpjZHGf5aOu/0CzuzA/TPJ1FRALWmvGx rIy4bS0QPqbzg7A/TT+1X9e7pCdY/Hmn3GMFBk3cX0cLfQN8XHxMU/JJ8ja7vbl4 LfB9xuy6CJL9S1w6W/U5/4WVb5k5AXb9mF1KsfxffBGZnOqLxMGWlbr9holSBRfh /BRbaLhNG9DQ9DMO9i7sjdFs3uVM9U3M0G/0TPed2+S8WBOgac+x9OCpM3u9aOjP 3nWiA4WDsurl8DFdZwt5mAi+OoocYQARS4g+JghVkBZ982MXGeisamqyec3BQVzs i75lzDBPp6pW+TJj0GlEFTa2qf/n3YsL5au6RubFHb62qNq7SmmNj0GmBVddZIDd I3TZ72sqievGv0UMMzYhIWeZCUJmSpsr2tJ9pkdH8SkmsEClGJHtwOscevQIhqPz WfhRPgPmGE/0QBtDHRciVWxJ9jfH4AG79+69FqEE1QIew/+/hZcK0IJyttqOVli7 3l2PXTYo9ZOODysgzAFn =Srvg -----END PGP SIGNATURE-----

Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856. Cisco Nexus and MDS 9000 Run on device Cisco NX-OS Any OS A command execution vulnerability exists. Nexus is Cisco's line of network switches designed for data centers. On the command line interpreter of the Cisco Nexus device, the parameter input filtering of the tar command is invalid. There are multiple privilege escalation vulnerabilities. An authenticated local attacker can use this vulnerability to gain elevated privileges and execute arbitrary commands on the underlying operating system. Cisco NX-OS software is a data center-level operating system that reflects modular design, resiliency, and maintainability. Cisco NX-OS Software for Nexus Series is prone to a local privilege-escalation vulnerability. This issue is being tracked by Cisco Bug ID CSCus44856

Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127. Cisco Nexus Run on device Cisco NX-OS Is root There is a vulnerability that can gain access. Nexus is Cisco's line of network switches designed for data centers. Cisco NX-OS software is a data center-level operating system that reflects modular design, resiliency, and maintainability. Multiple Cisco products are prone to multiple local privilege escalation vulnerabilities. This issue is being tracked by Cisco Bug ID's CSCun02887, CSCur00115, and CSCur00127

SQL injection vulnerability in Cisco Unified MeetingPlace 8.6(1.2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu54037. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. This issue being tracked by Cisco Bug ID CSCuu54037. This solution provides a user environment that integrates voice, video and Web conferencing

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs. Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. Citrix Access Gateway is a universal SSL VPN device. An attacker may leverage this issue to execute arbitrary shell commands in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The following products and versions are affected: Citrix Systems NetScaler ADC and NetScaler Gateway 10.1 prior to 10.1.132.8, 10.5 prior to Build 56.15, and 10.5.e prior to Build 56.1505.e

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702. This vulnerability CVE-2015-3695 , CVE-2015-3696 , CVE-2015-3698 , CVE-2015-3699 , CVE-2015-3700 , CVE-2015-3701 ,and CVE-2015-3702 Is a different vulnerability.Authority may be obtained by local users. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4. Intel Graphics Driver is one of the graphics card drivers

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702. This vulnerability CVE-2015-3695 , CVE-2015-3697 , CVE-2015-3698 , CVE-2015-3699 , CVE-2015-3700 , CVE-2015-3701 ,and CVE-2015-3702 Is a different vulnerability.Authority may be obtained by local users. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4. Intel Graphics Driver is one of the graphics card drivers

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702. This vulnerability is CVE-2015-3696 , CVE-2015-3697 , CVE-2015-3698 , CVE-2015-3699 , CVE-2015-3700 , CVE-2015-3701 ,and CVE-2015-3702 This is a different vulnerability.Local users may be able to gain privileges. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4. Intel Graphics Driver is one of the graphics card drivers

Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations. Multiple BIOS implementations fail to properly set write protections after waking from sleep, leading to the possibility of an arbitrary BIOS image reflash. Supplementary information : CWE Vulnerability types by CWE-254: Security Features ( Security features ) Has been identified. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code with system privileges and to bypass security restrictions or perform unauthorized actions. These issues affect Mac OS X prior to 10.10.4. Apple Mac EFI is one of the firmware upgrade interfaces. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-06-30-3 Mac EFI Security Update 2015-001 Mac EFI Security Update 2015-001 is now available and addresses the following: EFI Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A malicious application with root privileges may be able to modify EFI flash memory Description: An insufficient locking issue existed with EFI flash when resuming from sleep states. This issue was addressed through improved locking. CVE-ID CVE-2015-3692 : Trammell Hudson of Two Sigma Investments, Xeno Kovah and Corey Kallenberg of LegbaCore LLC, Pedro Vilaca EFI Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A malicious application may induce memory corruption to escalate privileges Description: A disturbance error, also known as Rowhammer, exists with some DDR3 RAM that could have led to memory corruption. This issue was mitigated by increasing memory refresh rates. CVE-ID CVE-2015-3693 : Mark Seaborn and Thomas Dullien of Google, working from original research by Yoongu Kim et al (2014) Mac EFI Security Update 2015-001 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVkfe2AAoJEBcWfLTuOo7tov8P/13ou+R6Z9qOXiKLcdGKaf+l jr6o3SnIzbRM1D53d52e0xAPGuWbyUGkzoZBzBDQBt+dGj0n98NNJKsX/Stm/4mB onEh21h1AflSWucTzHcJ4+PdwtvWofeFJ3bND8CZ6M8keHPBfwjY+yY3C5LNFv2w rcQzKfufHPtdfKMp5xd7v26PUQvTKJP2F72xxZWgLnhu+MCGA4hjpU4oNWzbd79T oUgHUrRUmgnjKdSdHo3wyNycLVkCMdwupF2C+v8cIg8X4veLtpj2XitsJrnj09kh 87ahgsvvFZo7yZLBDgoKx8/LU3p2NkozxhvizW3/HNnsF7bYgDTPF4afn4WGuGwM 7SXuoBxnwlv0cd3+l5EeWVzqnl0owEzhY8n+wr/nWP/6sMl9+AMl6b1HmgCf0PIw duC2F5PlCPbyq9F0YksEvMxJ4c2F9MADiqAPEa8Y5Nt2cUj+6KpGD8t47TlhRCWu obI1en03HBKA0+5Eh42A4IVHMJKBU8fpajWD4twjXaIKwaHgMjd64v9JqS6JAAR2 3QiMGhPp0FomBAiYX299jCkMnOeyeM1Avzv9al9TgUhoTrDDlMhI7wM8bibcGF3j qG/M/C8bVDeEJmYaSXJADevY9lq5Vp5SHL0d4nf6sZ4XCF+IP/GZekj/+bDXN2KQ nW0qODyqKboBMikYspwF =nAip -----END PGP SIGNATURE-----

Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not enforce a locking protection mechanism upon being woken from sleep, which allows local users to conduct EFI flash attacks by leveraging root privileges. Multiple BIOS implementations fail to properly set write protections after waking from sleep, leading to the possibility of an arbitrary BIOS image reflash. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy using root authority by a third party, EFI There is a possibility that a flash attack will be executed. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code with system privileges and to bypass security restrictions or perform unauthorized actions. These issues affect Mac OS X prior to 10.10.4. Apple Mac EFI is one of the firmware upgrade interfaces. A local attacker could exploit this vulnerability to modify the EFI flash memory with root privileges. This issue was addressed through improved locking. CVE-ID CVE-2015-3692 : Trammell Hudson of Two Sigma Investments, Xeno Kovah and Corey Kallenberg of LegbaCore LLC, Pedro Vilaca EFI Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: A malicious application may induce memory corruption to escalate privileges Description: A disturbance error, also known as Rowhammer, exists with some DDR3 RAM that could have led to memory corruption. This issue was mitigated by increasing memory refresh rates. CVE-ID CVE-2015-3693 : Mark Seaborn and Thomas Dullien of Google, working from original research by Yoongu Kim et al (2014) Mac EFI Security Update 2015-001 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVkfe2AAoJEBcWfLTuOo7tov8P/13ou+R6Z9qOXiKLcdGKaf+l jr6o3SnIzbRM1D53d52e0xAPGuWbyUGkzoZBzBDQBt+dGj0n98NNJKsX/Stm/4mB onEh21h1AflSWucTzHcJ4+PdwtvWofeFJ3bND8CZ6M8keHPBfwjY+yY3C5LNFv2w rcQzKfufHPtdfKMp5xd7v26PUQvTKJP2F72xxZWgLnhu+MCGA4hjpU4oNWzbd79T oUgHUrRUmgnjKdSdHo3wyNycLVkCMdwupF2C+v8cIg8X4veLtpj2XitsJrnj09kh 87ahgsvvFZo7yZLBDgoKx8/LU3p2NkozxhvizW3/HNnsF7bYgDTPF4afn4WGuGwM 7SXuoBxnwlv0cd3+l5EeWVzqnl0owEzhY8n+wr/nWP/6sMl9+AMl6b1HmgCf0PIw duC2F5PlCPbyq9F0YksEvMxJ4c2F9MADiqAPEa8Y5Nt2cUj+6KpGD8t47TlhRCWu obI1en03HBKA0+5Eh42A4IVHMJKBU8fpajWD4twjXaIKwaHgMjd64v9JqS6JAAR2 3QiMGhPp0FomBAiYX299jCkMnOeyeM1Avzv9al9TgUhoTrDDlMhI7wM8bibcGF3j qG/M/C8bVDeEJmYaSXJADevY9lq5Vp5SHL0d4nf6sZ4XCF+IP/GZekj/+bDXN2KQ nW0qODyqKboBMikYspwF =nAip -----END PGP SIGNATURE-----

The Bluetooth HCI interface implementation in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple Mac OS X is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4

Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3681. Apple Mac OS X is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4

Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3682. Apple Mac OS X is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4

Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-3682. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of data fork font suitcase files. The issue lies in the parsing of the 'FOND' table. An attacker can leverage this vulnerability to execute code under the context of the current user. Apple Mac OS X is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4