Apple macOS vulnerabilities

CVE-2016-7660 [HIGH] CWE-264 CVE-2016-7660: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "syslog" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.

CVE-2016-7613 [HIGH] CWE-264 CVE-2016-7613: An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages object-lifetime mishandling dur

CVE-2016-7606 [HIGH] CWE-119 CVE-2016-7606: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

CVE-2016-7618 [HIGH] CWE-119 CVE-2016-7618: An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .gcx file.

CVE-2016-7659 [HIGH] CWE-119 CVE-2016-7659: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file.

CVE-2016-4681 [HIGH] CWE-119 CVE-2016-4681: An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Core Image" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file.

CVE-2016-7643 [HIGH] CWE-125 CVE-2016-7643: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafte

CVE-2016-7617 [HIGH] CWE-704 CVE-2016-7617: An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app.

CVE-2016-4688 [HIGH] CWE-119 CVE-2016-4688: An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overfl

CVE-2016-4671 [HIGH] CWE-787 CVE-2016-4671: An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) via a crafted PDF file.

CVE-2016-7661 [HIGH] CWE-264 CVE-2016-7661: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "Power Management" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.

CVE-2016-4669 [HIGH] CWE-20 CVE-2016-4669: An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system c

CVE-2016-7655 [HIGH] CWE-704 CVE-2016-7655: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreMedia External Displays" component. It allows local users to gain privileges or cause a denial of service (type confusion) via unspecified vectors.

CVE-2016-7594 [HIGH] CWE-119 CVE-2016-7594: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ICU" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

CVE-2016-4693 [HIGH] CWE-326 CVE-2016-4693: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher.

CVE-2016-7602 [HIGH] CWE-119 CVE-2016-7602: An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

CVE-2017-2358 [HIGH] CWE-119 CVE-2017-2358: An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

CVE-2016-7595 [HIGH] CWE-119 CVE-2016-7595: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font.

CVE-2016-7644 [HIGH] CWE-416 CVE-2016-7644: An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.

CVE-2016-7633 [HIGH] CWE-416 CVE-2016-7633: An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Directory Services" component. It allows local users to gain privileges or cause a denial of service (use-after-free) via unspecified vectors.