Blog | Rbcafe

CVE-2016-4656

Posted on Donnerstag, 05UTCThu, 05 Apr 2018 15:23:36 +0000 5. April 2018by Rbcafe

CVE-2016-4656 The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. (CWE-264) CVSS v2.0 Severity and Metrics: Base Score: 9.3 HIGH Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C CVSS v3.0 Severity and Metrics: Base Score: 7.8 HIGH Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-200

Posted on Donnerstag, 05UTCThu, 05 Apr 2018 14:54:59 +0000 5. April 2018by Rbcafe

CWE-200 An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

CVE-2016-4655

Posted on Donnerstag, 05UTCThu, 05 Apr 2018 14:53:53 +0000 5. April 2018by Rbcafe

CVE-2016-4655 The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app. (CWE-200) CVSS v2.0 Severity and Metrics: Base Score: 7.1 HIGH Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N CVSS v3.0 Severity and Metrics: Base Score: 5.5 MEDIUM Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVE-2017-12939

Posted on Donnerstag, 05UTCThu, 05 Apr 2018 06:02:53 +0000 5. April 2018by Rbcafe

CVE-2017-12939 A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4. (CWE-20) CVSS v2.0 Severity and Metrics: Base Score: 7.5 HIGH Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P CVSS v3.0 Severity and Metrics: Base Score: 9.8 CRITICAL Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-20

Posted on Donnerstag, 05UTCThu, 05 Apr 2018 05:47:34 +0000 5. April 2018by Rbcafe

CWE-20 The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. When software does not validate input properly, an attacker is able to craft the input in a form that is not expected by the rest of the application. This will lead to parts […]

CVE-2016-4657

Posted on Donnerstag, 05UTCThu, 05 Apr 2018 05:45:49 +0000 5. April 2018by Rbcafe

CVE-2016-4657 WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. (CWE-119) CVSS v2.0 Severity and Metrics: Base Score: 6.8 MEDIUM Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P CVSS v3.0 Severity and Metrics: Base Score: 8.8 HIGH Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-264

Posted on Donnerstag, 05UTCThu, 05 Apr 2018 05:31:20 +0000 5. April 2018by Rbcafe

CWE-264 Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

CVE-2016-4654

Posted on Donnerstag, 05UTCThu, 05 Apr 2018 05:29:13 +0000 5. April 2018by Rbcafe

CVE-2016-4654 IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. (CWE-119 , CWE-264) CVSS v2.0 Severity and Metrics: Base Score: 9.3 HIGH Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C CVSS v3.0 Severity and Metrics: Base Score: 7.8 HIGH Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H