Dragonltx

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 10.2 Apple macOS versions prior to 10.12.2 Apple watchOS versions prior to 3.1.3 **Description** The issue involves the CoreMedia Playback component and is caused by a buffer overflow in memory. This allows a remote attacker to execute arbitrary code or cause a denial of service, such as memory corruption and application crash, via a specially crafted MP4 file. **Recommendations** For Apple iOS versions prior to 10.2, update to version 10.2 or later to resolve the issue. For Apple macOS versions prior to 10.12.2, update to version 10.12.2 or later to resolve the issue. For Apple watchOS versions prior to 3.1.3, update to version 3.1.3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted MP4 files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.x through 4.4.3 Android versions 5.0.x through 5.0.1 Android versions 5.1.x through 5.1.0 **Description** A remote code execution issue in libjpeg could allow an attacker to execute arbitrary code in the context of an unprivileged process by using a specially crafted file. This issue is considered High due to the possibility of remote code execution in an application that uses libjpeg. **Recommendations** For Android versions 4.x through 4.4.3, update to version 4.4.4 or later. For Android versions 5.0.x through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.0, update to version 5.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** Apple QuickTime versions prior to 7.7.5 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted PSD image. This can lead to an application crash. **Recommendations** For versions prior to 7.7.5, update to version 7.7.5 or later to resolve the issue.