Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2015-AVI-534
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans Apple OS X. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
Title | Publication Time | Tags | |||
---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Apple OS X El Capitan versions ant\u00e9rieures \u00e0 10.11.2", "product": { "name": "N/A", "vendor": { "name": "Apple", "scada": false } } }, { "description": "OS X Yosemite versions ant\u00e9rieures \u00e0 Security Update 2015-008", "product": { "name": "N/A", "vendor": { "name": "Apple", "scada": false } } }, { "description": "OS X Mavericks versions ant\u00e9rieures \u00e0 Security Update 2015-008", "product": { "name": "N/A", "vendor": { "name": "Apple", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2015-7067", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7067" }, { "name": "CVE-2015-7001", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7001" }, { "name": "CVE-2015-7075", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7075" }, { "name": "CVE-2015-7076", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7076" }, { "name": "CVE-2015-6908", "url": "https://www.cve.org/CVERecord?id=CVE-2015-6908" }, { "name": "CVE-2015-7073", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7073" }, { "name": "CVE-2015-7094", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7094" }, { "name": "CVE-2015-7107", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7107" }, { "name": "CVE-2015-7039", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7039" }, { "name": "CVE-2015-7074", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7074" }, { "name": "CVE-2015-7060", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7060" }, { "name": "CVE-2015-7068", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7068" }, { "name": "CVE-2015-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3807" }, { "name": "CVE-2015-7110", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7110" }, { "name": "CVE-2015-7058", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7058" }, { "name": "CVE-2015-7062", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7062" }, { "name": "CVE-2015-7043", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7043" }, { "name": "CVE-2015-7066", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7066" }, { "name": "CVE-2015-7077", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7077" }, { "name": "CVE-2015-7042", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7042" }, { "name": "CVE-2015-7109", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7109" }, { "name": "CVE-2012-1148", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1148" }, { "name": "CVE-2012-0876", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0876" }, { "name": "CVE-2015-7105", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7105" }, { "name": "CVE-2015-7804", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7804" }, { "name": "CVE-2015-7106", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7106" }, { "name": "CVE-2015-7063", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7063" }, { "name": "CVE-2015-7081", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7081" }, { "name": "CVE-2015-7038", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7038" }, { "name": "CVE-2015-7061", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7061" }, { "name": "CVE-2015-7803", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7803" }, { "name": "CVE-2015-7053", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7053" }, { "name": "CVE-2015-7059", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7059" }, { "name": "CVE-2015-5333", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5333" }, { "name": "CVE-2015-7046", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7046" }, { "name": "CVE-2015-7064", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7064" }, { "name": "CVE-2015-7078", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7078" }, { "name": "CVE-2015-7083", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7083" }, { "name": "CVE-2015-7108", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7108" }, { "name": "CVE-2015-7084", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7084" }, { "name": "CVE-2015-7112", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7112" }, { "name": "CVE-2015-5334", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5334" }, { "name": "CVE-2015-7041", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7041" }, { "name": "CVE-2015-7044", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7044" }, { "name": "CVE-2015-7054", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7054" }, { "name": "CVE-2011-2895", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2895" }, { "name": "CVE-2015-7111", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7111" }, { "name": "CVE-2012-1147", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1147" }, { "name": "CVE-2015-7047", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7047" }, { "name": "CVE-2015-7065", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7065" }, { "name": "CVE-2015-7071", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7071" }, { "name": "CVE-2015-7045", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7045" }, { "name": "CVE-2015-7040", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7040" }, { "name": "CVE-2015-7052", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7052" } ], "initial_release_date": "2015-12-09T00:00:00", "last_revision_date": "2015-12-09T00:00:00", "links": [], "reference": "CERTFR-2015-AVI-534", "revisions": [ { "description": "version initiale.", "revision_date": "2015-12-09T00:00:00.000000" } ], "risks": [ { "description": "D\u00e9ni de service \u00e0 distance" }, { "description": "Ex\u00e9cution de code arbitraire \u00e0 distance" }, { "description": "Ex\u00e9cution de code arbitraire" }, { "description": "Contournement de la politique de s\u00e9curit\u00e9" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" }, { "description": "\u00c9l\u00e9vation de privil\u00e8ges" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple OS X\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0\nun attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nune ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple OS X", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Apple HT205637 du 08 d\u00e9cembre 2015", "url": "https://support.apple.com/en-us/HT205637" } ] }
CVE-2015-7042 (GCVE-0-2015-7042)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.324Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7042", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7042", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.324Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2011-2895 (GCVE-0-2011-2895)
Vulnerability from cvelistv5
Published
2011-08-19 17:00
Modified
2024-08-06 23:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T23:15:31.486Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "name": "RHSA-2011:1154", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html" }, { "name": "USN-1191-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1191-1" }, { "name": "[oss-security] 20110810 LZW decompression issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2011/08/10/10" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760" }, { "name": "45544", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/45544" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT5130" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "MDVSA-2011:153", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153" }, { "name": "49124", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/49124" }, { "name": "45599", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/45599" }, { "name": "RHSA-2011:1155", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html" }, { "name": "1025920", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1025920" }, { "name": "openSUSE-SU-2011:1299", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "SUSE-SU-2011:1035", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html" }, { "name": "APPLE-SA-2012-02-01-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html" }, { "name": "[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html" }, { "name": "46127", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/46127" }, { "name": "45986", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/45986" }, { "name": "RHSA-2011:1161", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html" }, { "name": "RHSA-2011:1834", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17" }, { "name": "xorg-lzw-bo(69141)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "45568", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/45568" }, { "name": "[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "name": "NetBSD-SA2011-007", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0" }, { "name": "48951", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/48951" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT5281" }, { "name": "APPLE-SA-2012-05-09-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html" }, { "name": "DSA-2293", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2011/dsa-2293" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2011-08-10T00:00:00", "descriptions": [ { "lang": "en", "value": "The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "name": "RHSA-2011:1154", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html" }, { "name": "USN-1191-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1191-1" }, { "name": "[oss-security] 20110810 LZW decompression issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2011/08/10/10" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760" }, { "name": "45544", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/45544" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT5130" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "MDVSA-2011:153", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153" }, { "name": "49124", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/49124" }, { "name": "45599", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/45599" }, { "name": "RHSA-2011:1155", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html" }, { "name": "1025920", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1025920" }, { "name": "openSUSE-SU-2011:1299", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "SUSE-SU-2011:1035", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html" }, { "name": "APPLE-SA-2012-02-01-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html" }, { "name": "[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html" }, { "name": "46127", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/46127" }, { "name": "45986", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/45986" }, { "name": "RHSA-2011:1161", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html" }, { "name": "RHSA-2011:1834", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17" }, { "name": "xorg-lzw-bo(69141)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "45568", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/45568" }, { "name": "[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "name": "NetBSD-SA2011-007", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0" }, { "name": "48951", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/48951" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT5281" }, { "name": "APPLE-SA-2012-05-09-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html" }, { "name": "DSA-2293", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2011/dsa-2293" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2895", "datePublished": "2011-08-19T17:00:00", "dateReserved": "2011-07-27T00:00:00", "dateUpdated": "2024-08-06T23:15:31.486Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7043 (GCVE-0-2015-7043)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.248Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7043", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7043", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.248Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7065 (GCVE-0-2015-7065)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.239Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7065", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7065", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.239Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7062 (GCVE-0-2015-7062)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.171Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7062", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7062", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.171Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7063 (GCVE-0-2015-7063)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel loader in EFI in Apple OS X before 10.11.2 allows local users to gain privileges via a crafted pathname.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.163Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel loader in EFI in Apple OS X before 10.11.2 allows local users to gain privileges via a crafted pathname." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7063", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel loader in EFI in Apple OS X before 10.11.2 allows local users to gain privileges via a crafted pathname." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7063", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.163Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7047 (GCVE-0-2015-7047)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.317Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "39371", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39371/" }, { "name": "39373", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39373/" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "39374", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39374/" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" }, { "name": "39375", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39375/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "39371", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39371/" }, { "name": "39373", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39373/" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "39374", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39374/" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" }, { "name": "39375", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39375/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7047", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "39371", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39371/" }, { "name": "39373", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39373/" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "39374", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39374/" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" }, { "name": "39375", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39375/" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7047", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.317Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-6908 (GCVE-0-2015-6908)
Vulnerability from cvelistv5
Published
2015-09-11 16:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:34.937Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "76714", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/76714" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.security-assessment.com/files/documents/advisory/OpenLDAP-ber_get_next-Denial-of-Service.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0255", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html" }, { "name": "SUSE-SU-2016:0224", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629" }, { "name": "DSA-3356", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3356" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "USN-2742-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2742-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240" }, { "name": "RHSA-2015:1840", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1840.html" }, { "name": "1033534", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1033534" }, { "name": "openSUSE-SU-2016:0261", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html" }, { "name": "SUSE-SU-2016:0262", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html" }, { "name": "openSUSE-SU-2016:0226", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-09-09T00:00:00", "descriptions": [ { "lang": "en", "value": "The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-20T16:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian" }, "references": [ { "name": "76714", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/76714" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.security-assessment.com/files/documents/advisory/OpenLDAP-ber_get_next-Denial-of-Service.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0255", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html" }, { "name": "SUSE-SU-2016:0224", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629" }, { "name": "DSA-3356", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3356" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "USN-2742-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2742-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240" }, { "name": "RHSA-2015:1840", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1840.html" }, { "name": "1033534", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1033534" }, { "name": "openSUSE-SU-2016:0261", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html" }, { "name": "SUSE-SU-2016:0262", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html" }, { "name": "openSUSE-SU-2016:0226", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@debian.org", "ID": "CVE-2015-6908", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "76714", "refsource": "BID", "url": "http://www.securityfocus.com/bid/76714" }, { "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "name": "http://www.security-assessment.com/files/documents/advisory/OpenLDAP-ber_get_next-Denial-of-Service.pdf", "refsource": "CONFIRM", "url": "http://www.security-assessment.com/files/documents/advisory/OpenLDAP-ber_get_next-Denial-of-Service.pdf" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0255", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html" }, { "name": "SUSE-SU-2016:0224", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html" }, { "name": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629", "refsource": "CONFIRM", "url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629" }, { "name": "DSA-3356", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3356" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "USN-2742-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2742-1" }, { "name": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240", "refsource": "CONFIRM", "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240" }, { "name": "RHSA-2015:1840", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1840.html" }, { "name": "1033534", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033534" }, { "name": "openSUSE-SU-2016:0261", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html" }, { "name": "SUSE-SU-2016:0262", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html" }, { "name": "openSUSE-SU-2016:0226", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2015-6908", "datePublished": "2015-09-11T16:00:00", "dateReserved": "2015-09-11T00:00:00", "dateUpdated": "2024-08-06T07:36:34.937Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7041 (GCVE-0-2015-7041)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.183Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7041", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7041", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.183Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7074 (GCVE-0-2015-7074)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.267Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7074", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7074", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.267Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7105 (GCVE-0-2015-7105)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:43:44.358Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7105", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7105", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:43:44.358Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7108 (GCVE-0-2015-7108)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:43:44.421Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39372", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39372/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "name": "39372", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39372/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7108", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "39372", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39372/" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7108", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:43:44.421Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7052 (GCVE-0-2015-7052)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.322Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7052", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7052", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.322Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7066 (GCVE-0-2015-7066)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.435Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7066", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7066", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.435Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7804 (GCVE-0-2015-7804)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:58:59.955Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0251", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" }, { "name": "DSA-3380", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3380" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "SSA:2016-034-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.461720" }, { "name": "76959", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/76959" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1ddf72180a52d247db88ea42a3e35f824a8fbda1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.php.net/ChangeLog-5.php" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.php.net/bug.php?id=70433" }, { "name": "[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2015/10/05/8" }, { "name": "USN-2786-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2786-1" }, { "name": "GLSA-201606-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-10-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-05T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0251", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" }, { "name": "DSA-3380", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3380" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "SSA:2016-034-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.461720" }, { "name": "76959", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/76959" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1ddf72180a52d247db88ea42a3e35f824a8fbda1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.php.net/ChangeLog-5.php" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.php.net/bug.php?id=70433" }, { "name": "[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2015/10/05/8" }, { "name": "USN-2786-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2786-1" }, { "name": "GLSA-201606-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-10" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7804", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0251", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" }, { "name": "DSA-3380", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3380" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "SSA:2016-034-04", "refsource": "SLACKWARE", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.461720" }, { "name": "76959", "refsource": "BID", "url": "http://www.securityfocus.com/bid/76959" }, { "name": "http://git.php.net/?p=php-src.git;a=commit;h=1ddf72180a52d247db88ea42a3e35f824a8fbda1", "refsource": "CONFIRM", "url": "http://git.php.net/?p=php-src.git;a=commit;h=1ddf72180a52d247db88ea42a3e35f824a8fbda1" }, { "name": "http://www.php.net/ChangeLog-5.php", "refsource": "CONFIRM", "url": "http://www.php.net/ChangeLog-5.php" }, { "name": "https://bugs.php.net/bug.php?id=70433", "refsource": "CONFIRM", "url": "https://bugs.php.net/bug.php?id=70433" }, { "name": "[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/10/05/8" }, { "name": "USN-2786-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2786-1" }, { "name": "GLSA-201606-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-10" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-7804", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-10-09T00:00:00", "dateUpdated": "2024-08-06T07:58:59.955Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7068 (GCVE-0-2015-7068)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.263Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7068", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7068", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.263Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7112 (GCVE-0-2015-7112)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:43:44.447Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7112", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7112", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:43:44.447Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7075 (GCVE-0-2015-7075)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7075", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7075", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.335Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2012-0876 (GCVE-0-2012-0876)
Vulnerability from cvelistv5
Published
2012-07-03 19:00
Modified
2024-08-06 18:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T18:38:15.063Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "49504", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/49504" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/tracker/?func=detail\u0026atid=110127\u0026aid=3496608\u0026group_id=10127" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.tenable.com/security/tns-2016-20" }, { "name": "USN-1527-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1527-1" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://bugs.python.org/issue13703#msg151870" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "51040", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/51040" }, { "name": "RHSA-2012:0731", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-0731.html" }, { "name": "52379", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/52379" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "name": "RHSA-2016:0062", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html" }, { "name": "APPLE-SA-2013-10-22-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "DSA-2525", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2012/dsa-2525" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "name": "MDVSA-2012:041", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:041" }, { "name": "RHSA-2016:2957", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "name": "USN-1613-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "name": "[Expat-discuss] 20120304 Announcement: Expat 2.1.0 Beta can be tested", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html" }, { "name": "51024", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/51024" }, { "name": "USN-1613-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1613-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2012-03-04T00:00:00", "descriptions": [ { "lang": "en", "value": "The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-31T07:06:47", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "49504", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/49504" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/tracker/?func=detail\u0026atid=110127\u0026aid=3496608\u0026group_id=10127" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.tenable.com/security/tns-2016-20" }, { "name": "USN-1527-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1527-1" }, { "tags": [ "x_refsource_MISC" ], "url": "http://bugs.python.org/issue13703#msg151870" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "51040", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/51040" }, { "name": "RHSA-2012:0731", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-0731.html" }, { "name": "52379", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/52379" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "name": "RHSA-2016:0062", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html" }, { "name": "APPLE-SA-2013-10-22-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "DSA-2525", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2012/dsa-2525" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "name": "MDVSA-2012:041", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:041" }, { "name": "RHSA-2016:2957", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "name": "USN-1613-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "name": "[Expat-discuss] 20120304 Announcement: Expat 2.1.0 Beta can be tested", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html" }, { "name": "51024", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/51024" }, { "name": "USN-1613-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1613-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-0876", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "49504", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49504" }, { "name": "http://sourceforge.net/tracker/?func=detail\u0026atid=110127\u0026aid=3496608\u0026group_id=10127", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/?func=detail\u0026atid=110127\u0026aid=3496608\u0026group_id=10127" }, { "name": "https://www.tenable.com/security/tns-2016-20", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2016-20" }, { "name": "USN-1527-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1527-1" }, { "name": "http://bugs.python.org/issue13703#msg151870", "refsource": "MISC", "url": "http://bugs.python.org/issue13703#msg151870" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "51040", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51040" }, { "name": "RHSA-2012:0731", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2012-0731.html" }, { "name": "52379", "refsource": "BID", "url": "http://www.securityfocus.com/bid/52379" }, { "name": "http://sourceforge.net/projects/expat/files/expat/2.1.0/", "refsource": "CONFIRM", "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "name": "RHSA-2016:0062", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html" }, { "name": "APPLE-SA-2013-10-22-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "DSA-2525", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2525" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "name": "MDVSA-2012:041", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:041" }, { "name": "RHSA-2016:2957", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "name": "USN-1613-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "name": "[Expat-discuss] 20120304 Announcement: Expat 2.1.0 Beta can be tested", "refsource": "MLIST", "url": "http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html" }, { "name": "51024", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51024" }, { "name": "USN-1613-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1613-1" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-0876", "datePublished": "2012-07-03T19:00:00", "dateReserved": "2012-01-19T00:00:00", "dateUpdated": "2024-08-06T18:38:15.063Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-5334 (GCVE-0-2015-5334)
Vulnerability from cvelistv5
Published
2020-01-23 19:56
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Other
Summary
Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an incorrect fix for CVE-2014-3508.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T06:41:09.546Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2015/Oct/75" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "LibreSSL", "vendor": "LibreSSL", "versions": [ { "status": "affected", "version": "before 2.3.1" } ] } ], "datePublic": "2015-10-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an incorrect fix for CVE-2014-3508." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-01-23T19:56:11", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://seclists.org/fulldisclosure/2015/Oct/75" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-5334", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "LibreSSL", "version": { "version_data": [ { "version_value": "before 2.3.1" } ] } } ] }, "vendor_name": "LibreSSL" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an incorrect fix for CVE-2014-3508." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Other" } ] } ] }, "references": { "reference_data": [ { "name": "http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html" }, { "name": "http://seclists.org/fulldisclosure/2015/Oct/75", "refsource": "MISC", "url": "http://seclists.org/fulldisclosure/2015/Oct/75" }, { "name": "http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded" }, { "name": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html" }, { "name": "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt", "refsource": "MISC", "url": "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-5334", "datePublished": "2020-01-23T19:56:11", "dateReserved": "2015-07-01T00:00:00", "dateUpdated": "2024-08-06T06:41:09.546Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7044 (GCVE-0-2015-7044)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The System Integrity Protection feature in Apple OS X before 10.11.2 mishandles union mounts, which allows attackers to execute arbitrary code in a privileged context via a crafted app with root privileges.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.328Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The System Integrity Protection feature in Apple OS X before 10.11.2 mishandles union mounts, which allows attackers to execute arbitrary code in a privileged context via a crafted app with root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7044", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The System Integrity Protection feature in Apple OS X before 10.11.2 mishandles union mounts, which allows attackers to execute arbitrary code in a privileged context via a crafted app with root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7044", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.328Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7046 (GCVE-0-2015-7046)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.284Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7046", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7046", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.284Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7111 (GCVE-0-2015-7111)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:43:44.901Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7111", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7111", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:43:44.901Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7094 (GCVE-0-2015-7094)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.269Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7094", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7094", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7059 (GCVE-0-2015-7059)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.336Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7059", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7059", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.336Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7077 (GCVE-0-2015-7077)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.272Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "39368", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39368/" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "39368", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39368/" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7077", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "39368", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39368/" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7077", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.272Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7081 (GCVE-0-2015-7081)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.244Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7081", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7081", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.244Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7073 (GCVE-0-2015-7073)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.460Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7073", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7073", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.460Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7109 (GCVE-0-2015-7109)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:43:44.437Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7109", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7109", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:43:44.437Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7076 (GCVE-0-2015-7076)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.348Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7076", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7076", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.348Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7803 (GCVE-0-2015-7803)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:58:59.967Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0251", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.php.net/bug.php?id=69720" }, { "name": "DSA-3380", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3380" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "SSA:2016-034-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.461720" }, { "name": "76959", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/76959" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d698f0ae51f67c9cce870b09c59df3d6ba959244" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.php.net/ChangeLog-5.php" }, { "name": "[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2015/10/05/8" }, { "name": "openSUSE-SU-2016:0366", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html" }, { "name": "USN-2786-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2786-1" }, { "name": "SUSE-SU-2016:1145", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html" }, { "name": "GLSA-201606-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201606-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-10-01T00:00:00", "descriptions": [ { "lang": "en", "value": "The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-05T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0251", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.php.net/bug.php?id=69720" }, { "name": "DSA-3380", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3380" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "SSA:2016-034-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.461720" }, { "name": "76959", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/76959" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d698f0ae51f67c9cce870b09c59df3d6ba959244" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.php.net/ChangeLog-5.php" }, { "name": "[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2015/10/05/8" }, { "name": "openSUSE-SU-2016:0366", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html" }, { "name": "USN-2786-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2786-1" }, { "name": "SUSE-SU-2016:1145", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html" }, { "name": "GLSA-201606-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201606-10" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7803", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "openSUSE-SU-2016:0251", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" }, { "name": "https://bugs.php.net/bug.php?id=69720", "refsource": "CONFIRM", "url": "https://bugs.php.net/bug.php?id=69720" }, { "name": "DSA-3380", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3380" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "SSA:2016-034-04", "refsource": "SLACKWARE", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.461720" }, { "name": "76959", "refsource": "BID", "url": "http://www.securityfocus.com/bid/76959" }, { "name": "http://git.php.net/?p=php-src.git;a=commit;h=d698f0ae51f67c9cce870b09c59df3d6ba959244", "refsource": "CONFIRM", "url": "http://git.php.net/?p=php-src.git;a=commit;h=d698f0ae51f67c9cce870b09c59df3d6ba959244" }, { "name": "http://www.php.net/ChangeLog-5.php", "refsource": "CONFIRM", "url": "http://www.php.net/ChangeLog-5.php" }, { "name": "[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/10/05/8" }, { "name": "openSUSE-SU-2016:0366", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html" }, { "name": "USN-2786-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2786-1" }, { "name": "SUSE-SU-2016:1145", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html" }, { "name": "GLSA-201606-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-10" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-7803", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-10-09T00:00:00", "dateUpdated": "2024-08-06T07:58:59.967Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2012-1147 (GCVE-0-2012-1147)
Vulnerability from cvelistv5
Published
2012-07-03 19:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
References
URL | Tags | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T18:45:27.392Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "52379", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/52379" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?r1=1.14\u0026r2=1.15" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2895533\u0026group_id=10127\u0026atid=110127" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://trac.wxwidgets.org/ticket/11432" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://trac.wxwidgets.org/ticket/11194" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2012-03-09T00:00:00", "descriptions": [ { "lang": "en", "value": "readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "52379", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/52379" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?r1=1.14\u0026r2=1.15" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2895533\u0026group_id=10127\u0026atid=110127" }, { "tags": [ "x_refsource_MISC" ], "url": "http://trac.wxwidgets.org/ticket/11432" }, { "tags": [ "x_refsource_MISC" ], "url": "http://trac.wxwidgets.org/ticket/11194" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-1147", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "52379", "refsource": "BID", "url": "http://www.securityfocus.com/bid/52379" }, { "name": "http://sourceforge.net/projects/expat/files/expat/2.1.0/", "refsource": "CONFIRM", "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "name": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?r1=1.14\u0026r2=1.15", "refsource": "CONFIRM", "url": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?r1=1.14\u0026r2=1.15" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "http://sourceforge.net/tracker/?func=detail\u0026aid=2895533\u0026group_id=10127\u0026atid=110127", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=2895533\u0026group_id=10127\u0026atid=110127" }, { "name": "http://trac.wxwidgets.org/ticket/11432", "refsource": "MISC", "url": "http://trac.wxwidgets.org/ticket/11432" }, { "name": "http://trac.wxwidgets.org/ticket/11194", "refsource": "MISC", "url": "http://trac.wxwidgets.org/ticket/11194" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-1147", "datePublished": "2012-07-03T19:00:00", "dateReserved": "2012-02-14T00:00:00", "dateUpdated": "2024-08-06T18:45:27.392Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7038 (GCVE-0-2015-7038)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.160Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7038", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7038", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.160Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7054 (GCVE-0-2015-7054)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.271Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7054", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7054", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.271Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7039 (GCVE-0-2015-7039)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038.
References
URL | Tags | ||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.281Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "38917", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/38917/" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "38917", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/38917/" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7039", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "38917", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/38917/" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7039", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.281Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7061 (GCVE-0-2015-7061)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.176Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7061", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7061", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.176Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7071 (GCVE-0-2015-7071)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.272Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7071", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7071", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.272Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7078 (GCVE-0-2015-7078)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.292Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39370", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39370/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39370", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39370/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7078", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39370", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39370/" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7078", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.292Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-5333 (GCVE-0-2015-5333)
Vulnerability from cvelistv5
Published
2020-01-23 20:12
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Leak
Summary
Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T06:41:09.344Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "LibreSSL", "vendor": "LibreSSL", "versions": [ { "status": "affected", "version": "before 2.3.1" } ] } ], "datePublic": "2015-10-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Leak", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-01-23T20:12:54", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-5333", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "LibreSSL", "version": { "version_data": [ { "version_value": "before 2.3.1" } ] } } ] }, "vendor_name": "LibreSSL" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory Leak" } ] } ] }, "references": { "reference_data": [ { "name": "http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html" }, { "name": "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt", "refsource": "CONFIRM", "url": "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt" }, { "name": "http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded" }, { "name": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-5333", "datePublished": "2020-01-23T20:12:54", "dateReserved": "2015-07-01T00:00:00", "dateUpdated": "2024-08-06T06:41:09.344Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7083 (GCVE-0-2015-7083)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.426Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7083", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7083", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.426Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7053 (GCVE-0-2015-7053)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.256Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7053", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7053", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.256Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2012-1148 (GCVE-0-2012-1148)
Vulnerability from cvelistv5
Published
2012-07-03 19:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T18:45:27.498Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "49504", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/49504" }, { "name": "USN-1527-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1527-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166\u0026r2=1.167" }, { "name": "51040", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/51040" }, { "name": "RHSA-2012:0731", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-0731.html" }, { "name": "52379", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/52379" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "name": "RHSA-2016:0062", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "DSA-2525", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2012/dsa-2525" }, { "name": "MDVSA-2012:041", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:041" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/tracker/?func=detail\u0026atid=110127\u0026aid=2958794\u0026group_id=10127" }, { "name": "RHSA-2016:2957", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "name": "USN-1613-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "name": "51024", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/51024" }, { "name": "USN-1613-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1613-1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2012-03-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "49504", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/49504" }, { "name": "USN-1527-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1527-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166\u0026r2=1.167" }, { "name": "51040", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/51040" }, { "name": "RHSA-2012:0731", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-0731.html" }, { "name": "52379", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/52379" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "name": "RHSA-2016:0062", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "DSA-2525", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2012/dsa-2525" }, { "name": "MDVSA-2012:041", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:041" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/tracker/?func=detail\u0026atid=110127\u0026aid=2958794\u0026group_id=10127" }, { "name": "RHSA-2016:2957", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "name": "USN-1613-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "name": "51024", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/51024" }, { "name": "USN-1613-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1613-1" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-1148", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "49504", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49504" }, { "name": "USN-1527-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1527-1" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166\u0026r2=1.167", "refsource": "CONFIRM", "url": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166\u0026r2=1.167" }, { "name": "51040", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51040" }, { "name": "RHSA-2012:0731", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2012-0731.html" }, { "name": "52379", "refsource": "BID", "url": "http://www.securityfocus.com/bid/52379" }, { "name": "http://sourceforge.net/projects/expat/files/expat/2.1.0/", "refsource": "CONFIRM", "url": "http://sourceforge.net/projects/expat/files/expat/2.1.0/" }, { "name": "RHSA-2016:0062", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "DSA-2525", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2525" }, { "name": "MDVSA-2012:041", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:041" }, { "name": "http://sourceforge.net/tracker/?func=detail\u0026atid=110127\u0026aid=2958794\u0026group_id=10127", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/?func=detail\u0026atid=110127\u0026aid=2958794\u0026group_id=10127" }, { "name": "RHSA-2016:2957", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "name": "USN-1613-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "name": "51024", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51024" }, { "name": "USN-1613-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1613-1" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-1148", "datePublished": "2012-07-03T19:00:00", "dateReserved": "2012-02-14T00:00:00", "dateUpdated": "2024-08-06T18:45:27.498Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7067 (GCVE-0-2015-7067)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service (NULL pointer dereference) via an unspecified userclient type.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.428Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service (NULL pointer dereference) via an unspecified userclient type." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7067", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service (NULL pointer dereference) via an unspecified userclient type." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7067", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.428Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7106 (GCVE-0-2015-7106)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:43:44.879Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "39369", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39369/" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "39369", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39369/" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7106", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "39369", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39369/" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7106", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:43:44.879Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7060 (GCVE-0-2015-7060)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.280Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7060", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7060", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.280Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7084 (GCVE-0-2015-7084)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.540Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39357", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39357/" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "39366", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39366/" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39357", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39357/" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "39366", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39366/" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7084", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39357", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39357/" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "39366", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39366/" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7084", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.540Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7058 (GCVE-0-2015-7058)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.429Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7058", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7058", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.429Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7040 (GCVE-0-2015-7040)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.293Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7040", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7040", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.293Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7001 (GCVE-0-2015-7001)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.172Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7001", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7001", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.172Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-3807 (GCVE-0-2015-3807)
Vulnerability from cvelistv5
Published
2015-08-16 23:00
Modified
2024-08-06 05:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T05:56:15.757Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT205030" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "1033275", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1033275" }, { "name": "APPLE-SA-2015-08-13-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "name": "APPLE-SA-2015-08-13-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT205031" }, { "name": "76343", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/76343" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-08-13T00:00:00", "descriptions": [ { "lang": "en", "value": "libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-22T18:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT205030" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "1033275", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1033275" }, { "name": "APPLE-SA-2015-08-13-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "name": "APPLE-SA-2015-08-13-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT205031" }, { "name": "76343", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/76343" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-3807", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "https://support.apple.com/kb/HT205030", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT205030" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "1033275", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033275" }, { "name": "APPLE-SA-2015-08-13-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "name": "APPLE-SA-2015-08-13-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "https://support.apple.com/kb/HT205031", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT205031" }, { "name": "76343", "refsource": "BID", "url": "http://www.securityfocus.com/bid/76343" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-3807", "datePublished": "2015-08-16T23:00:00", "dateReserved": "2015-05-07T00:00:00", "dateUpdated": "2024-08-06T05:56:15.757Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7064 (GCVE-0-2015-7064)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7066.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.350Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7066." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7064", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7066." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "78719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78719" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" }, { "name": "https://support.apple.com/HT205641", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205641" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7064", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.350Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7110 (GCVE-0-2015-7110)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
References
URL | Tags | |||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:43:44.890Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39365", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/39365/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39365", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/39365/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7110", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "39365", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39365/" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7110", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:43:44.890Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7045 (GCVE-0-2015-7045)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:36:35.176Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7045", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "https://support.apple.com/HT205640", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205640" }, { "name": "APPLE-SA-2015-12-08-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7045", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.176Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7107 (GCVE-0-2015-7107)
Vulnerability from cvelistv5
Published
2015-12-11 11:00
Modified
2024-08-06 07:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:43:44.438Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-08T00:00:00", "descriptions": [ { "lang": "en", "value": "QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-12T09:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205635" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-7107", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/HT205635", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205635" }, { "name": "https://support.apple.com/HT205637", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205637" }, { "name": "1034344", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034344" }, { "name": "APPLE-SA-2015-12-08-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" }, { "name": "APPLE-SA-2015-12-08-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-7107", "datePublished": "2015-12-11T11:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:43:44.438Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…