Posted by Apple Product Security via Fulldisclosure on Jul 21
APPLE-SA-2022-07-20-2 macOS Monterey 12.5
macOS Monterey 12.5 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213345.
APFS
Available for: macOS Monterey
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir (@Muirey03)…
Posted by Apple Product Security via Fulldisclosure on Jul 21
Safari 15.6 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213341.
Safari Extensions
Available for: macOS Big Sur and macOS Catalina
Impact: Visiting a maliciously crafted website may leak sensitive
data
Description: The issue was addressed with improved UI handling.
CVE-2022-32784: Young Min Kim of CompSec Lab at Seoul National
University
Posted by Apple Product Security via Fulldisclosure on Jul 21
APPLE-SA-2022-07-20-6 watchOS 8.7
watchOS 8.7 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213340.
APFS
Available for: Apple Watch Series 3 and later
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir (@Muirey03)
Posted by Apple Product Security via Fulldisclosure on Jul 21
APPLE-SA-2022-07-20-5 tvOS 15.6
tvOS 15.6 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213342.
APFS
Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple
TV HD
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir…
Security Update 2022-005 Catalina addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213343.
APFS
Available for: macOS Catalina
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir…
Posted by Apple Product Security via Fulldisclosure on Jul 21
APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8
macOS Big Sur 11.6.8 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213344.
APFS
Available for: macOS Big Sur
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir (@Muirey03)…
Posted by Apple Product Security via Fulldisclosure on Jul 21
APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6
iOS 15.6 and iPadOS 15.6 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213346.
APFS
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An app with root privileges may be able to execute arbitrary
code…
Posted by Martin Heiland via Fulldisclosure on Jul 21
Dear subscribers,
we’re sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne.
Yours sincerely,
Martin Heiland, Open-Xchange GmbH
Product: OX App Suite
Vendor: OX Software GmbH
Internal reference: DOCS-4106
Vulnerability type: OS Command Injection (CWE-78)
Vulnerable…
