lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 Dec 2015 23:25:37 +0100 From: "[CXSEC]" <submit@...ec.org> To: fulldisclosure@...lists.org Subject: [FD] MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow Hi @ll, Today Apple fixed buffer overflow issue in LIBC/FTS (CVE-2015-7039). Patch available for: - OS X El Capitan v10.11 and v10.11.1 - iPhone 4s and later, - Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes - Apple TV (4th generation) Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds Conception and description of issue here: https://cxsecurity.com/issue/WLB-2015100149 Best Regards, Maksymilian Arciemowicz (http://cert.cx) https://cxsecurity.com - Independent Information _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists