Apple tvOS vulnerabilities

CVE-2017-10989 [CRITICAL] CVE-2017-10989: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-10989 Component: SQLite Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3.

CVE-2017-13815 [CRITICAL] CVE-2017-13815: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13815 Component: CoreText Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling.

CVE-2017-7376 [CRITICAL] CVE-2017-7376: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-7376 Component: CVE-2017-9233 Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2017-13843 [HIGH] CVE-2017-13843: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13843 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13812 [HIGH] CVE-2017-13812: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13812 Component: Kernel Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device. Description: An application was able to access network activity information maintained by the operating system unrestricted. This issue was addressed by reducing the information available to thi

CVE-2017-0381 [HIGH] CVE-2017-0381: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-0381 Component: CoreAudio Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4.

CVE-2017-13834 [HIGH] CVE-2017-13834: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13834 Component: Kernel Impact: Processing a malformed mach binary may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved validation.

CVE-2017-5130 [HIGH] CVE-2017-5130: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-5130 Component: CVE-2017-9233 Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2017-9050 [HIGH] CVE-2017-9050: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-9050 Component: CVE-2017-9233 Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2017-13831 [HIGH] CVE-2017-13831: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13831 Component: ImageIO Impact: Processing a maliciously crafted image may lead to a denial of service Description: A memory corruption issue was addressed with improved input validation.

CVE-2017-13813 [HIGH] CVE-2017-13813: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13813 Component: Kernel Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device. Description: An application was able to access network activity information maintained by the operating system unrestricted. This issue was addressed by reducing the information available to thi

CVE-2017-13816 [HIGH] CVE-2017-13816: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13816 Component: Kernel Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device. Description: An application was able to access network activity information maintained by the operating system unrestricted. This issue was addressed by reducing the information available to thi

CVE-2017-13825 [HIGH] CVE-2017-13825: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13825 Component: CoreText Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling.

CVE-2017-9233 [HIGH] CVE-2017-9233: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-9233 Component: CVE-2017-9233 Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2017-13833 [HIGH] CVE-2017-13833: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13833 Component: CFNetwork Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-9049 [HIGH] CVE-2017-9049: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-9049 Component: CVE-2017-9233 Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2017-13829 [HIGH] CVE-2017-13829: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13829 Component: CFNetwork Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13830 [HIGH] CVE-2017-13830: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13830 Component: HFS Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13814 [HIGH] CVE-2017-13814: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13814 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2017-13818 [MEDIUM] CVE-2017-13818: tvOS 11 Apple Security Update: About the security content of tvOS 11 Product: tvOS Version: 11 CVE: CVE-2017-13818 Component: Kernel Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization.