Subscribe via feed.

Zero Day Initiative Advisory 11-252

Posted by deepcore under Apple, exploit, OSX security tools (No Respond)

Zero Day Initiative Advisory 11-252 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles the PnSize PICT opcode

Tags: ,

Secunia Security Advisory 45516

Posted by deepcore under Apple, exploit, OSX security tools, Security (No Respond)

Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user’s system.

Tags: , , , ,

Zero Day Initiative Advisory 11-243

Posted by deepcore under Apple, exploit, OSX security tools (No Respond)

Zero Day Initiative Advisory 11-243 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit as utilized by either Apple Safari, or Google’s Chrome browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the library handles implicitly defined styles

Tags: , , ,

Zero Day Initiative Advisory 11-242

Posted by deepcore under Apple, exploit, OSX security tools (No Respond)

Zero Day Initiative Advisory 11-242 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari’s Webkit.

Tags: , , , ,

Zero Day Initiative Advisory 11-240

Posted by deepcore under Apple, exploit, OSX security tools (No Respond)

Zero Day Initiative Advisory 11-240 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari’s Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library’s support of SVG markers

Tags: , ,

Zero Day Initiative Advisory 11-239

Posted by deepcore under Apple, exploit, OSX security tools (No Respond)

Zero Day Initiative Advisory 11-239 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit.

Tags: , ,

Safari 5.0.5 SVG Remote Code Execution

Posted by deepcore under Apple, exploit, OSX security tools (No Respond)

WebKit as used in Apple Safari versions prior to 5.0.6 memory corruption exploit with DEP bypass.

Tags: , , , ,

Secunia Security Advisory 45369

Posted by deepcore under Apple, exploit, OSX security tools, Security (No Respond)

Secunia Security Advisory – A vulnerability has been reported in Apple iOS, which can be exploited by malicious people to conduct spoofing attacks.

Tags: , ,

iDefense Security Advisory 07.20.11 – Safari Memory Corruption

Posted by deepcore under Apple, exploit, OSX security tools, Security (No Respond)

iDefense Security Advisory 07.20.11 – Remote exploitation of a memory corruption vulnerability in Apple Inc.’s Safari browser could allow an attacker to execute arbitrary code with the privileges of the current user. Safari is Apple’s Web browser and is based on the open source WebKit browser engine. This vulnerability occurs when Safari incorrectly handles an error state when encountering a broken XHTML tag.

Tags: , , ,

iDefense Security Advisory 07.20.11 – WebKit Use-After-Free

Posted by deepcore under Apple, exploit, OSX security tools, Security (No Respond)

iDefense Security Advisory 07.20.11 – Remote exploitation of a use-after-free vulnerability in WebKit, as included with Apple Inc.’s Safari Web browser, could allow an attacker to execute arbitrary code with the privileges of the current user.

Tags: , , ,