Thomas Dullien

**Name of the Vulnerable Software and Affected Versions** LibTIFF versions 3.9.3 through 4.0.9 **Description** The issue is related to the JBIGDecode function in the LibTIFF library, which decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size. This leads to an out-of-bounds write in the tif jbig.c JBIGDecode function. The exploitation of this issue may allow an attacker to cause a denial of service or execute arbitrary code using specially crafted image files. **Recommendations** For LibTIFF versions 3.9.3 through 4.0.9, consider disabling the JBIG functionality until a patch is available. As a temporary workaround, restrict the use of the JBIGDecode function in the tif jbig.c file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apple Mac EFI versions before 2015-001 OS X versions prior to 10.10.4 **Description** The issue is related to the improper setting of refresh rates for DDR3 RAM, which could facilitate row-hammer attacks. This might allow remote attackers to gain privileges or cause a denial of service due to memory corruption by triggering specific patterns of access to memory locations. **Recommendations** For Apple Mac EFI versions before 2015-001, update to version 2015-001 or later. For OS X versions prior to 10.10.4, update to OS X 10.10.4 or later.