Apple iOS / MacOS suffers from a memory corruption vulnerability due to bad bounds checking in NSCharacterSet coding for NSKeyedUnarchiver.
>> CATEGORY: Apple
Apple MacOS NSUnarchiver suffers from a heap corruption vulnerability due to lack of bounds checking in [NSBuiltinCharacterSet initWithCoder:].
Apple iOS / MacOS suffers from a NSKeyedArchiver heap corruption vulnerability due to a rounding error in TIKeyboardLayout initWithCoder:.
Apple MacOS suffers from a local elevation of privilege vulnerability due to a lack of bounds checking in HIServices custom CFObject serialization.
Apple iOS / OS X suffer from a NSKeyedArchiver memory corruption vulnerability due to a lack of bounds checking in CAMediaTimingFunctionBuiltin.
Apple iOS versions prior to 10.3.2 suffer from a notifications API denial of service vulnerability.
Apple Security Advisory 2017-05-15-1 – macOS 10.12.5 is now available and addresses certificate validation, privilege escalation, and various other vulnerabilities.
Apple Security Advisory 2017-05-15-2 – iOS 10.3.2 is now available and addresses memory corruption, code execution, and various other vulnerabilities.
Apple Security Advisory 2017-05-15-3 – tvOS 10.2.1 is now available and addresses memory corruption, code execution, and various other vulnerabilities.
Apple Security Advisory 2017-05-15-4 – watchOS 3.2.1 is now available and addresses memory corruption, code execution, and various other vulnerabilities.