Teddy Reed

**Name of the Vulnerable Software and Affected Versions** U-Boot (affected versions not specified) **Description** The issue is related to improper input validation in Verified boot signature validation, which can lead to bypassing verified boot. This can be exploited through specially crafted FIT images and specific device memory functionality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QuickTime (affected versions not specified) **Description** The issue is caused by a buffer overflow in the QuickTime multimedia package. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service using a specially crafted file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IOKit in Apple iOS versions prior to 8.4.1 IOKit in Apple OS X versions prior to 10.10.5 **Description** The issue allows attackers to execute arbitrary code in a privileged context or cause a denial of service, resulting in memory corruption and application crash, via a malformed plist. It is caused by a buffer overflow in dynamic memory. Exploitation of the issue may allow a remote attacker to execute arbitrary code in a privileged context or cause a denial of service using a corrupted PLIST file. **Recommendations** For iOS versions prior to 8.4.1, update to version 8.4.1 or later. For OS X versions prior to 10.10.5, update to version 10.10.5 or later.