<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Sun May 28 06:35:58 2017 +0000 zdi@hp.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-17-365: Hewlett Packard Enterprise Cloud Optimizer DownloadServlet Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/KJbk095t0Jo/ This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Cloud Optimizer. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/KJbk095t0Jo" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-365/ <![CDATA[ZDI-17-364: (Pwn2Own) Apple macOS AppleMultitouchDevice Use-After-Free Privilege Escalation Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/HIIExcwpBPM/ This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/HIIExcwpBPM" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-364/ <![CDATA[ZDI-17-363: (Pwn2Own) Apple macOS AppleMultitouchDevice Uninitialized Memory Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/4go6n2K4O08/ This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/4go6n2K4O08" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-363/ <![CDATA[ZDI-17-362: (Pwn2Own) Apple Safari ProcessingInstruction Use-After-Free Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/3j_ON30KBrU/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/3j_ON30KBrU" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-362/ <![CDATA[ZDI-17-361: (Pwn2Own) Apple Safari WebGLRenderingContextBase drawElements Out-Of-Bounds Read Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/fxeGVKN-pBA/ This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/fxeGVKN-pBA" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-361/ <![CDATA[ZDI-17-360: (Pwn2Own) Apple Safari WebSQL Type Confusion Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/bi8BxQ_Umd4/ This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/bi8BxQ_Umd4" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-360/ <![CDATA[ZDI-17-359: (Pwn2Own) Apple macOS smbfs Out-Of-Bounds Access Privilege Escalation Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/_TINsAldLqc/ This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/_TINsAldLqc" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-359/ <![CDATA[ZDI-17-358: (Pwn2Own) Apple Safari Spread Operator Integer Overflow Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/QAHAuTd8JTc/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/QAHAuTd8JTc" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-358/ <![CDATA[ZDI-17-357: (Pwn2Own) Apple macOS diskarbitrationd Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/JOnRr7f4XoQ/ This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/JOnRr7f4XoQ" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-357/ <![CDATA[ZDI-17-356: (Pwn2Own) Apple macOS authd Privilege Escalation Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/EqKjafZIJAQ/ This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/EqKjafZIJAQ" height="1" width="1" alt=""/> Thu, 18 May 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-356/