Apple Watch Apple OS X Let Remote And Local Users Execute Arbitrary Code And Deny Service Vulnrerabilities
5 Apr. 2016
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server
The information has been provided by Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt; Ian Beer of Google Project Zero; Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc.; Muneaki Nishimura (nishimunea); j00ru; .
* Apple OS X before 10.11.2 and tvOS before 9.1
* Apple OS X after 10.11.2 and tvOS after 9.1
Multiple vulnerabilities were reported in Apple OS X. A remote user can cause arbitrary code to be executed on the target user's system. A remote or local user can cause denial of service conditions on the target system. A local user can obtain potentially sensitive information. A local user or an application can bypass security restrictions. A local user can gain system privileges on the target system. Apple TV is affected.