Alexandre Helie

**Name of the Vulnerable Software and Affected Versions** Apple AirPort Base Station Firmware versions prior to 7.6.7 Apple AirPort Base Station Firmware versions 7.7.x prior to 7.7.7 **Description** The issue is related to the misparsing of DNS data, which can be exploited by remote attackers to execute arbitrary code or cause a denial of service due to memory corruption. The exact vectors used for the exploitation are not specified. **Recommendations** For Apple AirPort Base Station Firmware versions prior to 7.6.7, update to version 7.6.7 or later. For Apple AirPort Base Station Firmware versions 7.7.x prior to 7.7.7, update to version 7.7.7 or later.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.1 **Description** The issue arises from the MCX Application Restrictions component mishandling provisioning profiles when Managed Configuration is enabled. This allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app. **Recommendations** For Apple OS X versions prior to 10.11.1, update to version 10.11.1 or later to resolve the issue.