Mac OS X, Safari, Firefox and Kaspersky all suffer from a regular expression denial of service condition that was discovered long ago in regcomp().
>> TAG: #ios
Apple TV had an issue where it was logging a user’s Apple ID and password via debug output in logs.
Facetime allows video calls for iOS. Facetime-Audio, added in iOS 7, allows audio only calls. The audio version uses a vulnerable URL scheme which is not used by Facetime Video….
Apple Security Advisory 2014-03-10-1 – iOS 7.1 is now available and addresses multiple security vulnerabilities.
Apple Security Advisory 2014-03-10-2 – Apple TV 6.1 is now available and addresses information disclosure, date checking failure, buffer overflow, and various other vulnerabilities.
This Metasploit module abuses some Safari functionality to force the download of a zipped .app OSX application containing our payload. The app is then invoked using a custom URL scheme….
Apple Security Advisory 2014-02-25-1 – OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses multiple security issues including the recent SSL vulnerability.
Apple Security Advisory 2014-02-25-2 – Safari 6.1.2 and Safari 7.0.2 is now available and addresses an issue where visiting a maliciously crafted website may lead to an unexpected application termination…
Apple Security Advisory 2014-02-25-3 – QuickTime 7.7.5 is now available and addresses multiple security issues related to denial of service and arbitrary code execution.
Apple Security Advisory 2014-02-21-3 – Apple TV 6.0.2 is now available and addresses a security issue. Secure Transport failed to validate the authenticity of the connection. This issue was addressed…