Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Apple产品configd组件基于堆的缓冲区溢出漏洞
Vulnerability Description
Apple iOS、OS X和watchOS都是美国苹果(Apple)公司的产品。Apple iOS是为移动设备所开发的一套操作系统;OS X是为Mac计算机所开发的一套专用操作系统;watchOS是一套智能手表操作系统。configd是其中的一个系统配置守护进程组件。 多款Apple产品的configd组件中的DNS客户端库中存在基于堆的缓冲区溢出漏洞。攻击者可借助向客户端发送伪造的configd响应的应用程序利用该漏洞执行任意代码。以下产品及版本受到影响:Apple iOS 9.1之前版本,OS X
CVSS Information
N/A
Vulnerability Type
N/A