This issue was resolved by revoking access to the Apple Notification Center Service.ĬVE-2015-3786 : Xiaolong Bai (Tsinghua University), Luyi Xing (System Security Lab of Indiana University), Tongxin Li (Peking University), XiaoFeng Wang (Indiana University) The issue affected devices using Handoff and logged into the same iCloud account. Impact: A malicious app may be able to access notifications from other iCloud devicesĭescription: An issue existed where a malicious app could access a Bluetooth-paired Mac or iOS device's Notification Center notifications via the Apple Notification Center Service. This issue was addressed with improved memory management.ĬVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze Networks This issue was addressed through improved memory handling.ĬVE-2015-3779 : Teddy Reed of Facebook Securityĭescription: A memory management issue could have led to the disclosure of kernel memory layout.
Impact: A local user may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue existed in IOBluetoothHCIController. This issue was addressed through improved bounds checking. Impact: A malicious application may be able to determine kernel memory layoutĭescription: An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. The issue was addressed through improved state management.ĬVE-2015-3799 : an anonymous researcher working with HP's Zero Day Initiative Impact: A malicious application may be able change the password of a local userĭescription: In some circumstances, a state management issue existed in password authentication. These were addressed by updating Apache to version 5.5.27.Īvailable for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.ĭescription: Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 2.4.16. Impact: Multiple vulnerabilities existed in Apache 2.4.16, the most serious of which may allow a remote attacker to cause a denial of service.ĭescription: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
0 kommentar(er)
