This was addressed through improved input validation.ĬVE-2017-13878: Ian Beer of Google Project Zeroĭescription: An out-of-bounds read was addressed through improved bounds checking.ĬVE-2017-13875: Ian Beer of Google Project ZeroĬVE-2017-7159: found by IMF developed by HyungSeok Han (daramg.gift) of SoftSec, KAIST (.kr)ĭescription: An input validation issue existed in the kernel. Impact: A local user may be able to cause unexpected system termination or read kernel memoryĭescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory.
#Apple security update sierra code
Impact: An application may be able to execute arbitrary code with kernel privilegesĬVE-2017-13883: Yu Wang of Didi Research AmericaĬVE-2017-7163: Yu Wang of Didi Research AmericaĬVE-2017-7155: Yu Wang of Didi Research America Impact: An application may be able to read restricted memoryĭescription: An integer overflow was addressed through improved input validation.ĬVE-2017-15422: Yuan Deng of Ant-financial Light-Year Security Lab This was addressed with improved credential validation. Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s passwordĭescription: A logic error existed in the validation of credentials. Not impacted: macOS Sierra 10.12.6 and earlier
This issue was addressed with improved bounds checking.Īvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.1 Impact: Malicious FTP servers may be able to cause the client to read out-of-bounds memoryĭescription: An out-of-bounds read issue existed in the FTP PWD response parsing. Impact: An application may be able to execute arbitrary code with elevated privilegesĬVE-2017-7171: 360 Security working with Trend Micro's Zero Day Initiative, and Tencent Keen Security Lab working with Trend Micro's Zero Day InitiativeĬVE-2017-7151: Samuel Groß added October 18, 2018 This issue was addressed with improved handling of user information.ĬVE-2017-13892: Ryan Manly of Glenbrook High School District 225 Impact: Sharing contact information may lead to unexpected data sharingĭescription: An issue existed in the handling of Contact sharing. Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2017-7172: Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative
Impact: An application may be able to gain elevated privilegesĭescription: A race condition was addressed with additional validation.ĬVE-2017-13905: Samuel Groß added October 18, 2018Īvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1 Impact: Processing a maliciously crafted Apache configuration directive may result in the disclosure of process memoryĭescription: Multiple issues were addressed by updating to version 2.4.28. This was addressed with improved state management.Īvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1 Impact: APFS encryption keys may not be securely deleted after hibernatingĭescription: A logic issue existed in APFS when deleting keys during hibernation.
0 kommentar(er)
