发布时间:2016-11-07 10:26:29浏览次数: 次点赞数: 漏洞类别:Local漏洞等级: 
漏洞信息
Apple Xcode is a development application for Macintosh OS X.
A vulnerable version of Xcode was found on the target host.
The update resolves the following security issues:
- A register allocation issue existed in clang which sometimes led to stack cookie pointers being stored on the stack itself
- An integer overflow issue existed in the simulator that could lead to conversions returning unexpected values.
漏洞危害
Successful exploits could allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in denial-of-service.
解决方案
Apple Xcode v6.3 has been released to address these issues. The update can be downloaded and installed via Apple Developer.
Refer to Apple Security Update APPLE-SA-2015-04-08-5 for more information on these vulnerabilities.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论