ID CVE-2015-3710
Summary Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
References
Vulnerable Configurations
  • Apple iPhone OS 8.3
    cpe:2.3:o:apple:iphone_os:8.3
  • Apple Mac OS X 10.10.3
    cpe:2.3:o:apple:mac_os_x:10.10.3
CVSS
Base: 4.3 (as of 07-07-2015 - 08:30)
Impact:
Exploitability:
CWE CWE-254
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2015-005.NASL
    description The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-005. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - afpserver - apache - AppleFSCompression - AppleGraphicsControl - AppleThunderboltEDMService - ATS - Bluetooth - Certificate Trust Policy - CFNetwork HTTPAuthentication - CoreText - coreTLS - DiskImages - Display Drivers - EFI - FontParser - Graphics Driver - ImageIO - Install Framework Legacy - Intel Graphics Driver - IOAcceleratorFamily - IOFireWireFamily - Kernel - kext tools - Mail - ntfs - ntp - OpenSSL - QuickTime - Security - Spotlight - SQLite - System Stats - TrueTypeScaler - zip Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 84489
    published 2015-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84489
    title Mac OS X Multiple Vulnerabilities (Security Update 2015-005) (GHOST) (Logjam)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_10_4.NASL
    description The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.4. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - afpserver - apache - AppleFSCompression - AppleGraphicsControl - AppleThunderboltEDMService - ATS - Bluetooth - Certificate Trust Policy - CFNetwork HTTPAuthentication - CoreText - coreTLS - DiskImages - Display Drivers - EFI - FontParser - Graphics Driver - ImageIO - Install Framework Legacy - Intel Graphics Driver - IOAcceleratorFamily - IOFireWireFamily - Kernel - kext tools - Mail - ntfs - ntp - OpenSSL - QuickTime - Security - Spotlight - SQLite - System Stats - TrueTypeScaler - zip Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 84488
    published 2015-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84488
    title Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam)
refmap via4
apple
  • APPLE-SA-2015-06-30-1
  • APPLE-SA-2015-06-30-2
bid 75491
confirm
sectrack 1032760
Last major update 28-11-2016 - 14:25
Published 02-07-2015 - 22:00
Last modified 21-09-2017 - 21:29
Back to Top