Apple Security Advisory 2011-10-12-3 – OS X Lion has a security update available that addresses findings in Apache, a format string vulnerability in the Application Firewall, an arbitrary code execution vulnerability when viewing a malicious font via ATS, and 60+ other issues.
Tags: Apple, apple-security, SecurityApple Security Advisory 2011-08-03-1 – QuickTime version 7.7 has been made available to address multiple code execution, cross-origin, integer overflow, memory corruption, and other vulnerabilities.
Tags: Apple, apple-security, code-execution, VulnerabilitiesApple Security Advisory 2011-07-25-1 – A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Tags: apple-security, issue, SecurityApple Security Advisory 2011-07-25-2 – The iOS 4.2.10 software update addresses a certificate chain validation issue. The issue existed in the handling of X.509 certificates where an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible
Tags: Apple, apple-security, handling, issue-existed, SecurityApple Security Advisory 2011-07-20-1 – A large amount of security issues have been addressed in Safari versions 5.1 and 5.0.6. These range from cross site scripting, possible arbitrary code execution, accidental trust in a disable root certificate, buffer and integer overflows, and more.
Tags: Apple, apple-security, code-execution, disable-root, security-issuesApple Security Advisory 2011-07-15-2 – A buffer overflow exists in FreeType’s handling of TrueType font files. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.
Tags: apple-security, SecurityApple Security Advisory 2011-06-28-2 – Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user.
Tags: apple-security, SecurityApple Security Advisory 2010-12-16-1 – Multiple vulnerabilities have been addressed in Time Capsule and the Airport Base Station.
Tags: Apple, apple-security, Security