Apple Watchos 4 vulnerabilities

CVE-2016-9841 [CRITICAL] CVE-2016-9841: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2016-9841 Component: CVE-2016-9841

CVE-2017-10989 [CRITICAL] CVE-2017-10989: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-10989 Component: SQLite Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3.

CVE-2017-13815 [CRITICAL] CVE-2017-13815: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-13815 Component: CoreText Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling.

CVE-2017-7108 [CRITICAL] CVE-2017-7108: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7108 Component: Wi-Fi Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling.

CVE-2016-9063 [CRITICAL] CVE-2016-9063: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2016-9063 Component: CVE-2016-9063

CVE-2017-7130 [CRITICAL] CVE-2017-7130: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7130 Component: SQLite Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3.

CVE-2017-7112 [CRITICAL] CVE-2017-7112: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7112 Component: Wi-Fi Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7376 [CRITICAL] CVE-2017-7376: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7376 Component: CVE-2017-9233 Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2016-9843 [CRITICAL] CVE-2016-9843: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2016-9843 Component: CVE-2016-9843

CVE-2017-13832 [CRITICAL] CVE-2017-13832: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-13832 Component: About Apple security updates Impact: An attacker may be able to exploit weaknesses in TLS 1.0 Description: A protocol security issue was addressed by enabling TLS 1.1 and TLS 1.2.

CVE-2017-7128 [CRITICAL] CVE-2017-7128: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7128 Component: SQLite Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3.

CVE-2017-7110 [CRITICAL] CVE-2017-7110: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7110 Component: Wi-Fi Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7103 [CRITICAL] CVE-2017-7103: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7103 Component: Wi-Fi Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7129 [CRITICAL] CVE-2017-7129: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7129 Component: SQLite Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3.

CVE-2017-7105 [CRITICAL] CVE-2017-7105: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7105 Component: Wi-Fi Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7086 [HIGH] CVE-2017-7086: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-7086 Component: Kernel Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device. Description: An application was able to access network activity information maintained by the operating system unrestricted. This issue was addressed by reducing the information available to third par

CVE-2017-13854 [HIGH] CVE-2017-13854: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-13854 Component: Kernel Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-0381 [HIGH] CVE-2017-0381: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-0381 Component: CoreAudio Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4.

CVE-2017-13812 [HIGH] CVE-2017-13812: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-13812 Component: Kernel Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device. Description: An application was able to access network activity information maintained by the operating system unrestricted. This issue was addressed by reducing the information available to third

CVE-2017-13814 [HIGH] CVE-2017-13814: watchOS 4 Apple Security Update: About the security content of watchOS 4 Product: watchOS 4 CVE: CVE-2017-13814 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.