CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017.

The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate.

The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.

Notification Center in Apple iOS before 9.1 mishandles changes to “Show on Lock Screen” settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen soon after a setting was disabled.

The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app.

WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1.

CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992.

The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app.

The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors.

The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors.