earbad.blogg.se

These issues were addressed through improved memory handling.

This issue was addressed through improved input validation.ĬVE-2015-7105 : John Villamil Yahoo Pentest Teamĭescription: Multiple memory corruption issues existed in the processing of malformed media files. Impact: Processing a maliciously crafted font file may lead to arbitrary code executionĭescription: A memory corruption issue existed in the processing of font files. This issue was addressed through improved authorization checks.ĬVE-2015-7062 : David Mulder of Dell SoftwareĪvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: A local attacker may be able to install a configuration profile without admin privilegesĭescription: An issue existed when installing configuration profiles. This issue was addressed through improved memory initialization and additional validation of zlib streams. Impact: Visiting a maliciously crafted website may lead to arbitrary code executionĭescription: An uninitialized memory access issue existed in zlib. This issue was addressed through improved URL validation.ĬVE-2015-7094 : Tsubasa Iinuma of Gehirn Inc. Impact: An attacker with a privileged network position may be able to bypass HSTSĭescription: An input validation issue existed within URL processing. This issue was addressed through improved memory handling.ĬVE-2015-7108 : Ian Beer of Google Project Zero Impact: A local user may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue existed in the Bluetooth HCI interface.

This issue was addressed through improved hardening of the app sandbox.ĬVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest Luke Deshotels and William Enck of North Carolina State University Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Impact: A malicious application may maintain access to Contacts after having access revokedĭescription: An issue existed in the sandbox's handling of hard links. These were addressed by updating PHP to version 5.5.30. Available for: OS X El Capitan v10.11 and v10.11.1ĭescription: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution.