2016 NATIONAL VULNERABILITY DATABASE

 

 

CVE-2016-4648

Summary: Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: 7/21/2016 11:00:07 PM

 

CVE-2016-4647

Summary: Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.

Published: 7/21/2016 11:00:05 PM

 

CVE-2016-4646

Summary: Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file.

Published: 7/21/2016 11:00:04 PM

 

CVE-2016-4645

Summary: CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.

Published: 7/21/2016 11:00:03 PM

 

CVE-2016-4641

Summary: Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."

Published: 7/21/2016 11:00:02 PM

 

CVE-2016-4640

Summary: Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.

Published: 7/21/2016 11:00:00 PM

 

CVE-2016-4639

Summary: Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors.

Published: 7/21/2016 10:59:59 PM

 

CVE-2016-4638

Summary: Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."

Published: 7/21/2016 10:59:58 PM

 

CVE-2016-4637

Summary: CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.

Published: 7/21/2016 10:59:57 PM

 

CVE-2016-4635

Summary: FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors.

Published: 7/21/2016 10:59:56 PM

 

CVE-2016-4634

Summary: The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: 7/21/2016 10:59:55 PM

 

CVE-2016-4633

Summary: Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: 7/21/2016 10:59:54 PM

 

CVE-2016-4632

Summary: ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Published: 7/21/2016 10:59:53 PM

 

CVE-2016-4631

Summary: ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.

Published: 7/21/2016 10:59:51 PM

 

CVE-2016-4630

Summary: ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression.

Published: 7/21/2016 10:59:50 PM

 

CVE-2016-4629

Summary: ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted xStride and yStride values in an EXR image.

Published: 7/21/2016 10:59:49 PM

 

CVE-2016-4628

Summary: IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: 7/21/2016 10:59:48 PM

 

CVE-2016-4627

Summary: IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

Published: 7/21/2016 10:59:47 PM

 

CVE-2016-4626

Summary: IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

Published: 7/21/2016 10:59:46 PM

 

CVE-2016-4625

Summary: Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.

Published: 7/21/2016 10:59:45 PM

 

 

<<< New  Older >>>