Total vulnerabilities in the database
libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type.
| Software | From | Fixed in |
|---|---|---|
| apple / mac_os_x | - | 10.10.1.x |
| apple / iphone_os | - | 8.1.2.x |
| apple / tvos | - | 7.0.1.x |