Apple Macos High Sierra vulnerabilities

CVE-2017-6458 [HIGH] CVE-2017-6458: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-6458 Component: Mail Drafts Impact: An attacker with a privileged network position may be able to intercept mail contents Description: An encryption issue existed in the handling of mail drafts. This issue was addressed with improved handling of mail drafts meant to be sent encrypted.

CVE-2017-13906 [HIGH] CVE-2017-13906: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13906 Component: CVE-2017-13906

CVE-2016-9842 [HIGH] CVE-2016-9842: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2016-9842 Component: CVE-2016-9842

CVE-2016-5387 [HIGH] CVE-2016-5387: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2016-5387 Component: CVE-2016-5387

CVE-2016-9840 [HIGH] CVE-2016-9840: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2016-9840 Component: CVE-2016-9840

CVE-2017-7127 [HIGH] CVE-2017-7127: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-7127 Component: SQLite Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13831 [HIGH] CVE-2017-13831: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13831 Component: ImageIO Impact: Processing a maliciously crafted image may lead to a denial of service Description: A memory corruption issue was addressed with improved input validation.

CVE-2017-7086 [HIGH] CVE-2017-7086: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-7086 Component: Kernel Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device. Description: An application was able to access network activity information maintained by the operating system unrestricted. This issue was addressed

CVE-2017-5130 [HIGH] CVE-2017-5130: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-5130 Component: CVE-2017-9233 Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A null pointer dereference was addressed with improved validation.

CVE-2017-13829 [HIGH] CVE-2017-13829: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13829 Component: CFNetwork Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7080 [HIGH] CVE-2017-7080: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-7080 Component: Security Impact: A revoked certificate may be trusted Description: A certificate validation issue existed in the handling of revocation data. This issue was addressed through improved validation.

CVE-2016-8740 [HIGH] CVE-2016-8740: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2016-8740 Component: CVE-2016-8740

CVE-2017-9233 [HIGH] CVE-2017-9233: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-9233 Component: CVE-2017-9233 Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A null pointer dereference was addressed with improved validation.

CVE-2017-13809 [HIGH] CVE-2017-13809: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13809 Component: AppleScript Impact: Decompiling an AppleScript with osadecompile may lead to arbitrary code execution Description: A validation issue was addressed with improved input sanitization.

CVE-2017-13825 [HIGH] CVE-2017-13825: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13825 Component: CoreText Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling.

CVE-2017-13827 [HIGH] CVE-2017-13827: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13827 Component: Kernel Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device. Description: An application was able to access network activity information maintained by the operating system unrestricted. This issue was addres

CVE-2017-13834 [HIGH] CVE-2017-13834: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13834 Component: Kernel Impact: Processing a malformed mach binary may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved validation.

CVE-2017-13813 [HIGH] CVE-2017-13813: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13813 Component: Kernel Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device. Description: An application was able to access network activity information maintained by the operating system unrestricted. This issue was addres

CVE-2017-6451 [HIGH] CVE-2017-6451: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-6451 Component: Mail Drafts Impact: An attacker with a privileged network position may be able to intercept mail contents Description: An encryption issue existed in the handling of mail drafts. This issue was addressed with improved handling of mail drafts meant to be sent encrypted.

CVE-2017-13835 [HIGH] CVE-2017-13835: macOS High Sierra 10.13 Apple Security Update: About the security content of macOS High Sierra 10.13 Product: macOS High Sierra Version: 10.13 CVE: CVE-2017-13835 Component: Fonts Impact: Rendering untrusted text may lead to spoofing Description: An inconsistent user interface issue was addressed with improved state management.