CVE-2016-4754
ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
Source: CVE-2016-4754
[월:] 2016년 09월
CVE-2016-4755
CVE-2016-4755
Terminal in Apple OS X before 10.12 uses weak permissions for the .bash_history and .bash_session files, which allows local users to obtain sensitive information via unspecified vectors.
Source: CVE-2016-4755
CVE-2016-4753 (apple_tv, iphone_os, mac_os_x, watch_os)
CVE-2016-4753 (apple_tv, iphone_os, mac_os_x, watch_os)
Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
Source: CVE-2016-4753 (apple_tv, iphone_os, mac_os_x, watch_os)
CVE-2016-4753
CVE-2016-4753
Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
Source: CVE-2016-4753
CVE-2016-4752 (mac_os_x)
CVE-2016-4752 (mac_os_x)
The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CF_RETURNS_RETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation.
Source: CVE-2016-4752 (mac_os_x)
CVE-2016-4752
CVE-2016-4752
The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CF_RETURNS_RETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation.
Source: CVE-2016-4752
CVE-2016-4751 (safari)
CVE-2016-4751 (safari)
The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site.
Source: CVE-2016-4751 (safari)
CVE-2016-4751
CVE-2016-4751
The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site.
Source: CVE-2016-4751
CVE-2016-4750 (iphone_os, mac_os_x)
CVE-2016-4750 (iphone_os, mac_os_x)
S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4750
CVE-2016-4750
S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Source: CVE-2016-4750