Apple Security Advisory 2014-10-16-3
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2014-10-16-4
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2014-10-16-4 – OS X Server 3.2.2 is now available and addresses the SSL 3.0 Poodle bug. There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support […]
Tags: Apple, ios, osxApple Security Advisory 2014-10-16-5
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2014-10-16-5 – OS X Server 2.2.5 is now available and addresses the SSL 3.0 Poodle bug. There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support […]
Tags: Apple, ios, osxApple Security Advisory 2014-10-16-6
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2014-09-17-3
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2014-09-17-4
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2014-09-17-5
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2014-09-17-6
Posted by deepcore under Apple (No Respond)
Apple Security Advisory 2014-09-17-7
Posted by deepcore under Apple (No Respond)
Apple Foundation NSXMLParser XML eXternal Entity (XXE)
Posted by deepcore under Apple (No Respond)
In May 2014, VSR identified a vulnerability in versions 7.0 and 7.1 of the iOS SDK whereby the NSXMLParser class, resolves XML External Entities by default despite documentation which indicates otherwise. In addition, settings to change the behavior of XML External Entity resolution appears to be non-functional. This vulnerability, commonly known as XXE (XML eXternal […]
Tags: Apple, ios, osx
