Apple Macos Sierra vulnerabilities

CVE-2016-4750 [HIGH] CVE-2016-4750: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4750 Component: S2 Camera Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-6174 [HIGH] CVE-2016-6174: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-6174 Component: CVE-2016-6174

CVE-2016-4726 [HIGH] CVE-2016-4726: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4726 Component: IOAcceleratorFamily Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-6289 [HIGH] CVE-2016-6289: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-6289 Component: CVE-2016-6289

CVE-2016-4682 [HIGH] CVE-2016-4682: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4682 Component: ImageIO Impact: Processing maliciously crafted image may result in the disclosure of process memory Description: An out-of-bounds read issue existed in the SGI image parsing. This issue was addressed through improved bounds checking.

CVE-2016-4716 [HIGH] CVE-2016-4716: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4716 Component: DiskArbitration Impact: A local user may be able to execute arbitrary code with system privileges Description: An access issue existed in diskutil. This issue was addressed through improved permissions checking.

CVE-2016-4709 [HIGH] CVE-2016-4709: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4709 Component: WindowServer Impact: A local user may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling.

CVE-2016-4777 [HIGH] CVE-2016-4777: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4777 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: An untrusted pointer dereference was addressed by removing the affected code.

CVE-2016-4698 [HIGH] CVE-2016-4698: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4698 Component: AppleMobileFileIntegrity Impact: A local application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the task port inheritance policy. This issue was addressed through improved validation of the process entitlement and Team ID.

CVE-2016-4703 [HIGH] CVE-2016-4703: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4703 Component: Bluetooth Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation.

CVE-2016-0755 [HIGH] CVE-2016-0755: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-0755 Component: CoreDisplay Impact: A user with screen sharing access may be able to view another user's screen Description: A session management issue existed in the handling of screen sharing sessions. This issue was addressed through improved session tracking.

CVE-2016-4738 [HIGH] CVE-2016-4738: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4738 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2016-4710 [HIGH] CVE-2016-4710: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4710 Component: WindowServer Impact: A local user may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling.

CVE-2016-4775 [HIGH] CVE-2016-4775: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4775 Component: Kernel Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-4778 [HIGH] CVE-2016-4778: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4778 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2016-4711 [HIGH] CVE-2016-4711: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4711 Component: CommonCrypto Impact: An application using CCrypt may disclose sensitive plaintext if the output and input buffer are the same Description: An input validation issue existed in corecrypto. This issue was addressed through improved input validation.

CVE-2016-4779 [HIGH] CVE-2016-4779: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4779 Component: ATS Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-4725 [HIGH] CVE-2016-4725: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4725 Component: IOAcceleratorFamily Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: A memory corruption issue was addressed through improved input validation.

CVE-2016-4773 [HIGH] CVE-2016-4773: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4773 Component: Kernel Impact: An application may be able to determine kernel memory layout Description: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.

CVE-2016-4712 [HIGH] CVE-2016-4712: macOS Sierra 10.12 Apple Security Update: About the security content of macOS Sierra 10.12 Product: macOS Sierra Version: 10.12 CVE: CVE-2016-4712 Component: CoreCrypto Impact: An application may be able to execute arbitrary code Description: An out-of-bounds write issue was addressed by removing the vulnerable code.