opkstream.blogg.se

Impact: Uploading using TFTP to a maliciously crafted URL with libcurl may disclose application memoryĭescription: An out-of-bounds read was addressed with improved bounds checking.ĬVE-2017-1000100: Even Rouault, found by OSS-Fuzz Impact: Processing a maliciously crafted font file may lead to arbitrary code executionĬVE-2017-13825: Australian Cyber Security Centre – Australian Signals DirectorateĪvailable for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6

Impact: An application may be able to read restricted memoryĬVE-2017-13821: Australian Cyber Security Centre – Australian Signals DirectorateĪvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code executionĭescription: A memory consumption issue was addressed with improved memory handling.ĬVE-2017-13807: Yangkang of Qihoo 360 Qex TeamĪvailable for: OS X El Capitan 10.11.6, and macOS Sierra 10.12.6ĬVE-2017-13829: Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day InitiativeĬVE-2017-13833: Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day Initiative Impact: Processing a maliciously crafted font may result in the disclosure of process memoryĭescription: A memory corruption issue was addressed with improved input validation. Impact: Decompiling an AppleScript with osadecompile may lead to arbitrary code executionĭescription: A validation issue was addressed with improved input sanitization. Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2017-13800: Sergej Schumilo of Ruhr-University Bochum This issue was addressed by limiting the time the FileVault decryption buffers are DMA mapped to the duration of the I/O operation.

Impact: A malicious Thunderbolt adapter may be able to recover unencrypted APFS filesystem dataĭescription: An issue existed in the handling of DMA. Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6ĭescription: Multiple issues were addressed by updating to version 2.4.27.