Hui Xue

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9 **Description** The issue exists due to insufficient input validation in the PluginKit component of the iOS operating system. This allows a remote attacker to bypass the app review process and install arbitrary extensions using a specially crafted enterprise app. **Recommendations** For Apple iOS versions prior to 9, update to version 9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9 **Description** The issue is related to insufficient access control in the SpringBoard component of the iOS operating system. This can be exploited by a remote attacker using a specially crafted application to spoof the dialog windows of arbitrary apps. **Recommendations** For versions prior to 9, update to a version 9 or later to resolve the issue. As a temporary workaround, consider restricting the installation of untrusted or third-party applications to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9 **Description** The issue is related to errors in security settings within the Application Store component. It allows remote attackers to cause a denial of service to an enterprise-signed app via a crafted ITMS URL. **Recommendations** For versions prior to 9, update to version 9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 8.4 **Description** The issue allows attackers to cause a denial of service, specifically an ID collision and launch outage, by utilizing a crafted universal provisioning profile app. This is due to the Application Store in Apple iOS not ensuring the uniqueness of bundle IDs. **Recommendations** For versions prior to 8.4, update to version 8.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 8.4 **Description** The issue allows attackers to cause a denial of service, specifically an ID collision and Watch launch outage, by using a crafted universal provisioning profile app. This is due to the MobileInstallation component not ensuring the uniqueness of Watch bundle IDs. **Recommendations** For versions prior to 8.4, update to version 8.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 8.3 **Description** The issue allows physically proximate attackers to discover passcodes by reading the lock screen during use of a Bluetooth keyboard, specifically exploiting the QuickType feature in the Keyboards subsystem. **Recommendations** For versions prior to 8.3, update to version 8.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** libnetcore in Apple iOS versions prior to 8.3 libnetcore in Apple OS X versions prior to 10.10.3 libnetcore in Apple TV versions prior to 7.2 **Description** The issue allows attackers to cause a denial of service, resulting in memory corruption and application crash, via a crafted configuration profile. **Recommendations** For Apple iOS versions prior to 8.3, update to version 8.3 or later. For Apple OS X versions prior to 10.10.3, update to version 10.10.3 or later. For Apple TV versions prior to 7.2, update to version 7.2 or later.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10.3 **Description** The issue is related to a type confusion problem in LaunchServices, allowing local users to gain privileges via a crafted localized string. **Recommendations** For Apple OS X versions prior to 10.10.3, update to version 10.10.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 8.1.3 **Description** The issue concerns the app-installation functionality in MobileInstallation, allowing attackers to gain control of the local app container. This can be achieved by leveraging access to an enterprise distribution certificate for signing a crafted app. **Recommendations** For versions prior to 8.1.3, update to version 8.1.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 7.1 **Description** The issue allows attackers to conduct user-action monitoring attacks against arbitrary apps via a crafted app that accesses an IOKit framework interface. **Recommendations** For versions prior to 7.1, update to version 7.1 or later to resolve the issue.