Apple Security Advisory 2015-03-09-2 – AppleTV 7.1 is now available and addresses folder creation, code execution, and tls-related vulnerabilities.
>> TAG: #osx
Apple Security Advisory 2015-03-09-3 – Security Update 2015-002 is now available and addresses buffer overflow, off-by-one, type confusion, and secure transport vulnerabilities.
Apple Security Advisory 2015-03-09-4 – Xcode 6.2 is now available and addresses spoofing and validation checking issues.
Apple Security Advisory 2015-03-17-1 – Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and address multiple WebKit vulnerabilities.
Mac OS X version 10.10.2 suffers from multiple heap overflow vulnerabilities. Included is a xnu local privilege escalation via IOHIDSecurePromptClient injectStringGated heap overflow exploit.
Apple Security Advisory 2015-03-19-1 – Security Update 2015-003 is now available and addresses iCloud Keychain and IOSurface code execution vulnerabilities.
WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability.
Mac OS X rootpipe local proof of concept privilege escalation exploit.
Apple Security Advisory 2015-04-08-1 – Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 are now available and address information disclosure, code execution, certificate matching, and various other vulnerabilities.
Apple Security Advisory 2015-04-08-2 – OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various other vulnerabilities.