Luca Todesco

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9.2 **Description** The issue is related to errors in the code of the Mobile Replayer component in the GPUTools Framework. It allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname. **Recommendations** For versions prior to 9.2, update to version 9.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9.2 **Description** The issue is related to errors in the code of the Mobile Replayer component in the GPUTools Framework. It allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname. **Recommendations** For versions prior to 9.2, update to iOS version 9.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9.1 Apple OS X versions prior to 10.11.1 Apple watchOS versions prior to 2.0.1 **Description** The issue allows attackers to execute arbitrary code in a privileged context or cause a denial of service due to memory corruption via a crafted app. **Recommendations** For Apple iOS versions prior to 9.1, update to version 9.1 or later. For Apple OS X versions prior to 10.11.1, update to version 10.11.1 or later. For Apple watchOS versions prior to 2.0.1, update to version 2.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.1 **Description** The issue allows local users to cause a denial of service, resulting in an application crash, by utilizing crafted bookmark metadata in a folder. **Recommendations** For Apple OS X versions prior to 10.11.1, update to version 10.11.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.1 **Description** The issue allows local users to gain privileges by leveraging an unspecified type confusion during Mach task processing. **Recommendations** For Apple OS X versions prior to 10.11.1, update to version 10.11.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11 **Description** The issue is related to the IOGraphics component in Apple OS X, which lacks protection of internal data. This allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Exploitation of the issue may enable a remote attacker to access protected information in kernel memory using a specially formed application. **Recommendations** For versions prior to 10.11, update to version 10.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9 **Description** The issue is caused by a buffer overflow in the Disk Images component of the iOS operating system. This can be exploited by a local attacker to gain elevated privileges or cause a denial of service, resulting in memory corruption. **Recommendations** For versions prior to 9, update to version 9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10.3 **Description** The issue is related to a buffer overflow in the IOHIDFamily component of Apple OS X, allowing local users to gain privileges. Additionally, there are reports of a heap buffer overflow in the IOHIDSecurePromptClient and an untrusted pointer dereference, which can lead to arbitrary code execution. **Recommendations** For versions prior to 10.10.3, update to version 10.10.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the IOHIDFamily component and the IOHIDSecurePromptClient until a patch is applied. Avoid using the affected `IOHIDSecurePromptClient` function in sensitive operations until the issue is resolved.