Yubin Fu

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.6 **Description** The issue allows attackers to gain privileges via a crafted app that leverages a type confusion in the Login Window. This type confusion exists in the WindowServer, specifically affecting the ` XSetApplicationBindingsForWorkspaces` and ` XSetDictionaryForCurrentSession` functions. **Recommendations** For Apple OS X versions prior to 10.11.6, update to version 10.11.6 or later to resolve the issue. As a temporary workaround, consider restricting the execution of crafted apps that could leverage the type confusion in the WindowServer.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.6 **Description** The issue is related to insufficient access control in the CoreGraphics component, allowing local users to obtain sensitive information from kernel memory, gain privileges, or cause a denial of service through an out-of-bounds read via unspecified vectors. **Recommendations** For Apple OS X versions prior to 10.11.6, update to version 10.11.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the CoreGraphics component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.6 **Description** The issue is related to the Login Window in Apple OS X, where it does not properly initialize memory. This allows local users to cause a denial of service via unspecified vectors. The problem is also described as a WindowServer Memory Corruption Privilege Escalation issue. **Recommendations** For versions prior to 10.11.6, update to version 10.11.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the Login Window to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.6 **Description** The issue allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service due to memory corruption via a crafted app. It is related to a heap-buffer overflow and memory corruption in the WindowServer, specifically in the XRegisterCursorWithData function. **Recommendations** For Apple OS X versions prior to 10.11.6, update to version 10.11.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the WindowServer to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.6 **Description** The issue allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a type confusion in the Login Window. **Recommendations** For versions prior to 10.11.6, update to version 10.11.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.5 **Description** The issue is related to a buffer overflow in the Multi-Touch subsystem of the operating system, which can be exploited by a remote attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) using a specially crafted application. **Recommendations** For Apple OS X versions prior to 10.11.5, update to version 10.11.5 or later to resolve the issue.