![]() ![]() Impact: An application may be able to execute arbitrary code with kernel privilegesĬVE-2017-7114: Alex Plaskett of MWR InfoSecurity Impact: Processing a maliciously crafted image may lead to a denial of serviceĮntry added October 31, 2017, updated April 3, 2019 Impact: Processing a maliciously crafted image may lead to arbitrary code executionĭescription: A memory corruption issue was addressed with improved input validation.ĬVE-2017-13814: Australian Cyber Security Centre – Australian Signals Directorate Impact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service This issue was addressed through improved validation.ĬVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico WilliamsĬVE-2017-13830: Sergej Schumilo of Ruhr-University Bochum ![]() Impact: An attacker in a privileged network position may be able to impersonate a serviceĭescription: A validation issue existed in the handling of the KDC-REP service name. Impact: Rendering untrusted text may lead to spoofingĭescription: An inconsistent user interface issue was addressed with improved state management.ĬVE-2017-13828: Leonard Grey and Robert Sesek of Google Chrome AutoDiscover V2 is now supported.ĬVE-2017-7088: Ilya Nesterov, Maxim Goncharovĭescription: Multiple issues were addressed by updating to version 5.31.Įntry added October 31, 2017, updated October 18, 2018 This was addressed by requiring TLS for AutoDiscover V1. Impact: An attacker in a privileged network position may be able to erase a device during Exchange account setupĭescription: A validation issue existed in AutoDiscover V1. Impact: Processing a maliciously crafted font file may lead to arbitrary code executionĭescription: A memory consumption issue was addressed with improved memory handling.ĬVE-2017-13825: Australian Cyber Security Centre – Australian Signals DirectorateĮntry added October 31, 2017, updated November 16, 2018 Impact: An application may be able to read restricted memoryĭescription: A validation issue was addressed with improved input sanitization.ĬVE-2017-13821: Australian Cyber Security Centre – Australian Signals Directorateĭescription: An out-of-bounds read was addressed by updating to Opus version 1.1.4.ĬVE-2017-0381: V.E.O of Mobile Threat Research Team, Trend Micro Impact: An attacker in a privileged network position may be able to cause a denial of serviceĭescription: Multiple denial of service issues were addressed through improved memory handling.ĬVE-2017-7083: Abhinav Bansal of Zscaler Inc. Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2017-13829: Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day InitiativeĬVE-2017-13833: Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day Initiative This was addressed with improved state management.ĬVE-2017-7131: Dominik Conrads of Federal Office for Information Security, an anonymous researcher, Anand Kathapurkar of India, Elvis updated October 9, 2017 Impact: An application may be able to access restricted filesĭescription: A privacy issue existed in the handling of Contact cards. This issue was addressed through a revised protocol.ĬVE-2017-13863: FURIOUSMAC Team of United States Naval Academy Impact: An attacker in a privileged network position could track a userĭescription: A privacy issue existed in the use of client certificates. Impact: An attacker may be able to exploit weaknesses in TLS 1.0ĭescription: A protocol security issue was addressed by enabling TLS 1.1 and TLS 1.2.ĬVE-2017-13832: Doug Wussler of Florida State UniversityĮntry added October 31, 2017, updated November 10, 2017 Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |