Jonathan Zdziarski

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9 **Description** The issue is related to the checkint division routines in the removefile function, which can be exploited to cause a denial of service. This can lead to an overflow fault and app crash via crafted data. The vulnerability is caused by a buffer overflow in the removefile function of the iOS operating system. Exploitation of the vulnerability may allow a remote attacker to cause a denial of service using specially crafted data. **Recommendations** For versions prior to 9, update to iOS version 9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** OS X versions prior to 10.10.5 **Description** The issue is related to the Notification Center in OS X, which does not properly remove dismissed notifications. This allows attackers to read arbitrary notifications via a crafted app. The vulnerability is associated with a lack of protection for service data, and its exploitation can enable a remote attacker to read arbitrary notifications using a specially formed application. **Recommendations** For OS X versions prior to 10.10.5, update to version 10.10.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 8.1 **Description** The issue relies on the hardware UID for its encryption key, making it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID. **Recommendations** For versions prior to 8.1, update to version 8.1 or later to resolve the issue.