![]() Impact: A malicious application may be able to modify contents of the EFI system partition and execute arbitrary code with kernel privileges if secure boot is not enabledĭescription: A permissions issue existed in DiskArbitration. This was addressed with input sanitization.ĬVE-2018-4346: Wojciech Reguła of SecuRing Impact: Parsing a maliciously crafted dictionary file may lead to disclosure of user informationĭescription: A validation issue existed which allowed local file access. Impact: An attacker in a privileged position may be able to perform a denial of service attackĭescription: A denial of service issue was addressed with improved validation.ĬVE-2018-4406: Michael Hanselmann of hansmi.ch Impact: In certain configurations, a remote attacker may be able to replace the message content from the print server with arbitrary contentĭescription: An injection issue was addressed with improved validation.ĬVE-2018-4153: Michael Hanselmann of hansmi.ch Impact: Processing a maliciously crafted text file may lead to arbitrary code executionĭescription: A use after free issue was addressed with improved memory management.Įntry added October 30, 2018, updated December 13, 2018 Impact: An application may be able to gain elevated privilegesĬVE-2018-4414: The UK's National Cyber Security Centre (NCSC) Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2018-4126: Bruno Keith working with Trend Micro's Zero Day InitiativeĬVE-2018-4412: The UK's National Cyber Security Centre (NCSC) ![]() This issue was addressed with improved validation of the process entitlement.ĬVE-2018-4321: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. Impact: A malicious application may be able to access local users AppleIDsĭescription: A validation issue existed in the entitlement verification. Impact: A malicious application may be able to elevate privilegesĭescription: A memory corruption issue was addressed with improved input validation.ĬVE-2018-4411: lilang wu moony Li of Trend Micro working with Trend Micro's Zero Day Initiativeĭescription: An out-of-bounds read was addressed with improved bounds checking.ĬVE-2018-4308: Mohamed Ghannam added October 30, 2018 Impact: Multiple buffer overflow issues existed in Perlĭescription: Multiple issues in Perl were addressed with improved memory handling.ĬVE-2017-12613: Craig Young of Tripwire VERTĬVE-2017-12618: Craig Young of Tripwire VERT Impact: A sandboxed process may be able to circumvent sandbox restrictionsĭescription: A configuration issue was addressed with additional restrictions.ĬVE-2018-4353: Abhinav Bansal of LinkedIn Inc. Impact: An application may be able to read restricted memoryĭescription: A validation issue was addressed with improved input sanitization.ĬVE-2018-4417: Lee of the Information Security Lab Yonsei University working with Trend Micro's Zero Day Initiative This issue was addressed with improved access controls.ĬVE-2018-4324: Sergii Kryvoblotskyi of MacPaw Inc. Impact: A malicious application may be able to determine the Apple ID of the owner of the computerĭescription: A permissions issue existed in the handling of the Apple ID. Impact: A remote attacker may be able to attack AFP servers through HTTP clientsĭescription: An input validation issue was addressed with improved input validation.ĬVE-2018-4295: Jianjun Chen from Tsinghua University and UC Berkeley The updates below are available for these Mac models: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013, Mid 2010, and Mid 2012 models with recommended Metal-capable graphics processor, including MSI Gaming Radeon RX 560 and Sapphire Radeon PULSE RX 580) ![]() This issue was addressed with improved input validation.ĬVE-2018-5383: Lior Neumann and Eli Biham Impact: An attacker in a privileged network position may be able to intercept Bluetooth trafficĭescription: An input validation issue existed in Bluetooth. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |