Released October 31, 2017 apache Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Multiple issues in Apache Description: Multiple issues were addressed by updating to version 2.4.27. CVE-2016-0736 CVE-2016-2161 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 Entry updated November 14, 2017 APFS Available for: macOS High Sierra 10.13 Impact: A malicious Thunderbolt adapter may be able to recover unencrypted APFS filesystem data Description: An issue existed in the handling of DMA. This issue was addressed by limiting the time the FileVault decryption buffers are DMA mapped to the duration of the I/O operation. CVE-2017-13786: Dmytro Oleksiuk Entry updated November 10, 2017 APFS Available for: macOS High Sierra 10.13 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13800: Sergej Schumilo of Ruhr-University Bochum AppleScript Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Decompiling an AppleScript with osadecompile may lead to arbitrary code execution Description: A validation issue was addressed with improved input sanitization. CVE-2017-13809: bat0s Entry updated November 10, 2017 ATS Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: A memory corruption issue was addressed with improved input validation. CVE-2017-13820: John Villamil, Doyensec Audio Available for: macOS Sierra 10.12.6 Impact: Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code execution Description: A memory consumption issue was addressed through improved memory handling. ![]() Dec 11, 2018 MacRumors attracts a broad audience of both consumers and professionals interested in the latest technologies and products. We also boast an active community focused on purchasing decisions and technical aspects of the iPhone, iPod, iPad, and Mac platforms. Bolder and easier to read, San Francisco has been used on iOS devices and Macs since iOS 9 and OS X 10.11 were introduced in 2015. San Francisco is a condensed sans-serif that's similar to Helvetica. 3d mmorpg for mac. CVE-2017-13807: Yangkang (@dnpushme) of Qihoo 360 Qex Team CFNetwork Available for: OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-13829: Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day Initiative CVE-2017-13833: Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day Initiative Entry added November 10, 2017 CFString Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-13821: Australian Cyber Security Centre – Australian Signals Directorate CoreText Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling. CVE-2017-13825: Australian Cyber Security Centre – Australian Signals Directorate Entry updated November 16, 2018 curl Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Uploading using TFTP to a maliciously crafted URL with libcurl may disclose application memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-20: Even Rouault, found by OSS-Fuzz curl Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Processing a maliciously crafted URL with libcurl may cause unexpected application termination or read process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-20: Brian Carpenter, Yongji Ouyang Dictionary Widget Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Searching pasted text in the Dictionary widget may lead to compromise of user information Description: A validation issue existed which allowed local file access. This was addressed with input sanitization. CVE-2017-13801: xisigr of Tencent's Xuanwu Lab (tencent.com) file Available for: macOS Sierra 10.12.6 Impact: Multiple issues in file Description: Multiple issues were addressed by updating to version 5.31. Office mix for mac. CVE-2017-13815: found by OSS-Fuzz Entry updated October 18, 2018 Fonts Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Rendering untrusted text may lead to spoofing Description: An inconsistent user interface issue was addressed with improved state management.
0 Comments
Leave a Reply. |