var-201503-0091
Vulnerability from variot
Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1637. This case "FREAK" Vulnerability related to the problem. This vulnerability CVE-2015-0204 and CVE-2015-1637 Is a different vulnerability.Skillfully crafted by a third party TLS Through traffic EXPORT_RSA A cipher suite downgrade attack may be performed on the cipher. SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. Man-in-the-middle attacks against such software (man-in-the-middle attack) Is performed, the key used for encryption is decrypted, SSL/TLS The traffic content may be decrypted. this is" FREAK It is also called “attack”. Algorithm downgrade (CWE-757) CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') https://cwe.mitre.org/data/definitions/757.html Incorrect cipher strength (CWE-326) CWE-326: Inadequate Encryption Strength https://cwe.mitre.org/data/definitions/326.html SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. If a man-in-the-middle attack is performed on such software, it is guided to use a weak key in the negotiation at the start of communication, and as a result, encrypted information may be decrypted. The discoverer has released detailed information about this matter. FREAK: Factoring RSA Export Keys https://www.smacktls.com/#freakMan-in-the-middle attacks (man-in-the-middle attack) By SSL/TLS The contents of the communication may be decrypted. Apple iOS, Mac Os X, and TV are prone to a security-bypass vulnerability. Successfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. in the United States. A security vulnerability exists in the Secure Transport of several Apple products. The vulnerability is caused by the program not properly restricting the transition of TLS state. The following products and versions are affected: Apple iOS versions prior to 8.2, Apple OS X versions prior to 10.10.2, and Apple TV versions prior to 7.1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2015-05-19-1 Watch OS 1.0.1
Watch OS 1.0.1 is now available and addresses the following:
Certificate Trust Policy Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/kb/204873
FontParser Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-1093 : Marc Schoenefeld
Foundation Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An application using NSXMLParser may be misused to disclose information Description: An XML External Entity issue existed in NSXMLParser's handling of XML. This issue was addressed by not loading external entities across origins. CVE-ID CVE-2015-1092 : Ikuya Fukumoto
IOHIDFamily Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in IOHIDFamily that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-1096 : Ilja van Sprundel of IOActive
IOAcceleratorFamily Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in IOAcceleratorFamily that led to the disclosure of kernel memory content. This issue was addressed by removing unneeded code. CVE-ID CVE-2015-1094 : Cererdlong of Alibaba Mobile Security Team
Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may be able to cause a system denial of service Description: A race condition existed in the kernel's setreuid system call. This issue was addressed through improved state management. CVE-ID CVE-2015-1099 : Mark Mentovai of Google Inc.
Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An attacker with a privileged network position may be able to redirect user traffic to arbitrary hosts Description: ICMP redirects were enabled by default. This issue was addressed by disabling ICMP redirects. CVE-ID CVE-2015-1103 : Zimperium Mobile Security Labs
Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A remote attacker may be able to cause a denial of service Description: A state inconsistency issue existed in the handling of TCP out of band data. This issue was addressed through improved state management. CVE-ID CVE-2015-1105 : Kenton Varda of Sandstorm.io
Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may escalate privileges using a compromised service intended to run with reduced privileges Description: setreuid and setregid system calls failed to drop privileges permanently. This issue was addressed by correctly dropping privileges. CVE-ID CVE-2015-1117 : Mark Mentovai of Google Inc.
Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A remote attacker may be able to bypass network filters Description: The system would treat some IPv6 packets from remote network interfaces as local packets. The issue was addressed by rejecting these packets. CVE-ID CVE-2015-1104 : Stephen Roettger of the Google Security Team
Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An attacker with a privileged network position may be able to cause a denial of service Description: A state inconsistency existed in the processing of TCP headers. This issue was addressed through improved state handling. CVE-ID CVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab
Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may be able to cause unexpected system termination or read kernel memory Description: An out of bounds memory access issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-1100 : Maxime Villard of m00nbsd
Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-1101 : lokihardt@ASRT working with HP's Zero Day Initiative
Secure Transport Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: Secure Transport accepted short ephemeral RSA keys, usually used only in export-strength RSA cipher suites, on connections using full-strength RSA cipher suites. This issue, also known as FREAK, only affected connections to servers which support export-strength RSA cipher suites, and was addressed by removing support for ephemeral RSA keys. CVE-ID CVE-2015-1067 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of Prosecco at Inria Paris
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJVW38oAAoJEBcWfLTuOo7tXpIP/3v/tqCIVXg28xQpAK2vRVtw S3clbM17RBsJ1b239DmGUdRNNCVimQCHk1dQ4M3szrXx73VjWroh1hSq2+hObL65 FGa4jYbns7OGbTr9YZW/fScJ9mnAuG1nDHcNLL8W2DyFuxNEJsCB668QPdTTMOoO Xpx8jZUZyXIyX2V3Ch1qasXsSV0IwSA5GPg5IFFFuaNXGC62AXx49UmFTtjBCs4w bvTRPKKBowuP80zmIaxlWpGXhTIe8TwjCDGSejk5kdddcqjXe1yzA1UPM+uBTHZK 7xOX55CctqT2LkO4ND6EWaaPUozDJtEoUf+pFjnJmZxNd6BHPx86KbkUw3lcBXso xZplhgaFlaA4UTxMLFJONId0DYtyXH7CLOYW9BKjyzMMo0YZHdt/2CQ1HQKfzQ9m bT+MT/wdFcgCjr90GLG9OFLCwf5h8bAHRtpvhWrV78ek6V92GuwjZUA8x18avNQO 1th8l49j+JN+OcVv0bvmxVSQpFurTfVRAxZ9lTq4VDdqZanwbvP6INOB8wxhKNbK 8phc4Amh8TwFf2esdmMWawWWAqxXL1+2D+MWxR+C8Hm4CWyxYvKhvHacM20IDTfF 6exVyn4D9FhnT16ggkF6qH9vOOrQk3msHmxdC3fdE4dRhR8W7xRbuNEMXn3CyP6f ssKTqTcaARrUZzOjyx2Z =HMct -----END PGP SIGNATURE----- . CVE-ID CVE-2015-1063 : Roman Digerberg, Sweden
iCloud Keychain Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to execute arbitrary code Description: Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. CVE-ID CVE-2015-1061 : Ian Beer of Google Project Zero
MobileStorageMounter Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to create folders in trusted locations in the file system Description: An issue existed in the developer disk mounting logic which resulted in invalid disk image folders not being deleted. CVE-ID CVE-2015-1067 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of Prosecco at Inria Paris
Springboard Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to see the home screen of the device even if the device is not activated Description: An unexpected application termination during activation could have caused the device to show the home screen. CVE-ID CVE-2015-1064
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "8.2". CVE-ID CVE-2015-1061 : Ian Beer of Google Project Zero
Kernel Available for: OS X Yosemite v10.10.2 Impact: Maliciously crafted or compromised applications may be able to determine addresses in the kernel Description: The mach_port_kobject kernel interface leaked kernel addresses and heap permutation value, which may aid in bypassing address space layout randomization protection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0091",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "capssuite",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v4 to v5.1"
},
{
"model": "csview",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "/faq navigator"
},
{
"model": "csview",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "/web questionnaire"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "ver6.0 to ver8.0"
},
{
"model": "enterpriseidentitymanager",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "infocage",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "security risk management v1.0.2 to v2.1.4"
},
{
"model": "istorage",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "a series"
},
{
"model": "istorage",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "d series"
},
{
"model": "istorage",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "e series"
},
{
"model": "istorage",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "hs series"
},
{
"model": "istorage",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "m series (nas including options )"
},
{
"model": "istorage",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "s series"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "ver3.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "ver3.01"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "ver3.02"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "ver3.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "enterprise edition v4.2 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "standard edition v4.2 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "standard-j edition v4.1 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "uddi registry v1.1 to v7.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "web edition v4.1 to v6.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "enterprise edition v7.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "enterprise v8.2 to v9.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "express v8.2 to v9.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "standard edition v7.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "standard v8.2 to v9.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "standard-j edition v7.1 to v8.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "web edition v7.1 to v8.1"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v6.4 to v9.2"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "webotx sip application server",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "standard edition v7.1 to v8.1"
},
{
"model": "websam",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "application navigator v3.1.0.x to v4.1.0.x"
},
{
"model": "websam",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "jobcenter cl/web r13.1"
},
{
"model": "websam",
"scope": "eq",
"trust": 1.6,
"vendor": "nec",
"version": "jobcenter cl/web r13.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.4,
"vendor": "apple",
"version": "10.10.2"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.2"
},
{
"model": "tvos",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "research in motion rim",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "tv",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.1 (apple tv first 3 after generation )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "8.2 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "8.2 (iphone 4s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "8.2 (ipod touch first 5 after generation )"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "1.0.1 (apple watch edition)"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "1.0.1 (apple watch sport)"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "1.0.1 (apple watch)"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "BID",
"id": "73009"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-235"
},
{
"db": "NVD",
"id": "CVE-2015-1067"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:watchos",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:capssuite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:csview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:enterprise_directoryserver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:enterpriseidentitymanager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:express5800",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:infocage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_sr100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:istorage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:secureware_pki_application_development_kit",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_enterprise_service_bus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_portal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_sip_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:websam",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "130742"
},
{
"db": "PACKETSTORM",
"id": "131932"
},
{
"db": "PACKETSTORM",
"id": "130741"
},
{
"db": "PACKETSTORM",
"id": "130743"
}
],
"trust": 0.4
},
"cve": "CVE-2015-1067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-1067",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-1067",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 7.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2015-001672",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-79027",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-1067",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-1067",
"trust": 0.8,
"value": "Medium"
},
{
"author": "IPA",
"id": "JVNDB-2015-001672",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-235",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-79027",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-79027"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-235"
},
{
"db": "NVD",
"id": "CVE-2015-1067"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the \"FREAK\" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1637. This case \"FREAK\" Vulnerability related to the problem. This vulnerability CVE-2015-0204 and CVE-2015-1637 Is a different vulnerability.Skillfully crafted by a third party TLS Through traffic EXPORT_RSA A cipher suite downgrade attack may be performed on the cipher. SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. Man-in-the-middle attacks against such software (man-in-the-middle attack) Is performed, the key used for encryption is decrypted, SSL/TLS The traffic content may be decrypted. this is\" FREAK It is also called \u201cattack\u201d. Algorithm downgrade (CWE-757) CWE-757: Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027) https://cwe.mitre.org/data/definitions/757.html Incorrect cipher strength (CWE-326) CWE-326: Inadequate Encryption Strength https://cwe.mitre.org/data/definitions/326.html SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. If a man-in-the-middle attack is performed on such software, it is guided to use a weak key in the negotiation at the start of communication, and as a result, encrypted information may be decrypted. The discoverer has released detailed information about this matter. FREAK: Factoring RSA Export Keys https://www.smacktls.com/#freakMan-in-the-middle attacks (man-in-the-middle attack) By SSL/TLS The contents of the communication may be decrypted. Apple iOS, Mac Os X, and TV are prone to a security-bypass vulnerability. \nSuccessfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. in the United States. A security vulnerability exists in the Secure Transport of several Apple products. The vulnerability is caused by the program not properly restricting the transition of TLS state. The following products and versions are affected: Apple iOS versions prior to 8.2, Apple OS X versions prior to 10.10.2, and Apple TV versions prior to 7.1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2015-05-19-1 Watch OS 1.0.1\n\nWatch OS 1.0.1 is now available and addresses the following:\n\nCertificate Trust Policy\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: Update to the certificate trust policy\nDescription: The certificate trust policy was updated. The complete\nlist of certificates may be viewed at\nhttps://support.apple.com/kb/204873\n\nFontParser\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-1093 : Marc Schoenefeld\n\nFoundation\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: An application using NSXMLParser may be misused to disclose\ninformation\nDescription: An XML External Entity issue existed in NSXMLParser\u0027s\nhandling of XML. This issue was addressed by not loading external\nentities across origins. \nCVE-ID\nCVE-2015-1092 : Ikuya Fukumoto\n\nIOHIDFamily\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in IOHIDFamily that led to the\ndisclosure of kernel memory content. This issue was addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2015-1096 : Ilja van Sprundel of IOActive\n\nIOAcceleratorFamily\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in IOAcceleratorFamily that led to the\ndisclosure of kernel memory content. This issue was addressed by\nremoving unneeded code. \nCVE-ID\nCVE-2015-1094 : Cererdlong of Alibaba Mobile Security Team\n\nKernel\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: A malicious application may be able to cause a system denial\nof service\nDescription: A race condition existed in the kernel\u0027s setreuid\nsystem call. This issue was addressed through improved state\nmanagement. \nCVE-ID\nCVE-2015-1099 : Mark Mentovai of Google Inc. \n\nKernel\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: An attacker with a privileged network position may be able\nto redirect user traffic to arbitrary hosts\nDescription: ICMP redirects were enabled by default. This issue was\naddressed by disabling ICMP redirects. \nCVE-ID\nCVE-2015-1103 : Zimperium Mobile Security Labs\n\nKernel\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A state inconsistency issue existed in the handling of\nTCP out of band data. This issue was addressed through improved state\nmanagement. \nCVE-ID\nCVE-2015-1105 : Kenton Varda of Sandstorm.io\n\nKernel\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: A malicious application may escalate privileges using a\ncompromised service intended to run with reduced privileges\nDescription: setreuid and setregid system calls failed to drop\nprivileges permanently. This issue was addressed by correctly\ndropping privileges. \nCVE-ID\nCVE-2015-1117 : Mark Mentovai of Google Inc. \n\nKernel\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: A remote attacker may be able to bypass network filters\nDescription: The system would treat some IPv6 packets from remote\nnetwork interfaces as local packets. The issue was addressed by\nrejecting these packets. \nCVE-ID\nCVE-2015-1104 : Stephen Roettger of the Google Security Team\n\nKernel\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: An attacker with a privileged network position may be able\nto cause a denial of service\nDescription: A state inconsistency existed in the processing of TCP\nheaders. This issue was addressed through improved state handling. \nCVE-ID\nCVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab\n\nKernel\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: A malicious application may be able to cause unexpected\nsystem termination or read kernel memory\nDescription: An out of bounds memory access issue existed in the\nkernel. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-1100 : Maxime Villard of m00nbsd\n\nKernel\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-1101 : lokihardt@ASRT working with HP\u0027s Zero Day Initiative\n\nSecure Transport\nAvailable for: Apple Watch Sport, Apple Watch,\nand Apple Watch Edition\nImpact: An attacker with a privileged network position may intercept\nSSL/TLS connections\nDescription: Secure Transport accepted short ephemeral RSA keys,\nusually used only in export-strength RSA cipher suites, on\nconnections using full-strength RSA cipher suites. This issue, also\nknown as FREAK, only affected connections to servers which support\nexport-strength RSA cipher suites, and was addressed by removing\nsupport for ephemeral RSA keys. \nCVE-ID\nCVE-2015-1067 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine\nDelignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of\nProsecco at Inria Paris\n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/en-us/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". \n\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJVW38oAAoJEBcWfLTuOo7tXpIP/3v/tqCIVXg28xQpAK2vRVtw\nS3clbM17RBsJ1b239DmGUdRNNCVimQCHk1dQ4M3szrXx73VjWroh1hSq2+hObL65\nFGa4jYbns7OGbTr9YZW/fScJ9mnAuG1nDHcNLL8W2DyFuxNEJsCB668QPdTTMOoO\nXpx8jZUZyXIyX2V3Ch1qasXsSV0IwSA5GPg5IFFFuaNXGC62AXx49UmFTtjBCs4w\nbvTRPKKBowuP80zmIaxlWpGXhTIe8TwjCDGSejk5kdddcqjXe1yzA1UPM+uBTHZK\n7xOX55CctqT2LkO4ND6EWaaPUozDJtEoUf+pFjnJmZxNd6BHPx86KbkUw3lcBXso\nxZplhgaFlaA4UTxMLFJONId0DYtyXH7CLOYW9BKjyzMMo0YZHdt/2CQ1HQKfzQ9m\nbT+MT/wdFcgCjr90GLG9OFLCwf5h8bAHRtpvhWrV78ek6V92GuwjZUA8x18avNQO\n1th8l49j+JN+OcVv0bvmxVSQpFurTfVRAxZ9lTq4VDdqZanwbvP6INOB8wxhKNbK\n8phc4Amh8TwFf2esdmMWawWWAqxXL1+2D+MWxR+C8Hm4CWyxYvKhvHacM20IDTfF\n6exVyn4D9FhnT16ggkF6qH9vOOrQk3msHmxdC3fdE4dRhR8W7xRbuNEMXn3CyP6f\nssKTqTcaARrUZzOjyx2Z\n=HMct\n-----END PGP SIGNATURE-----\n. \nCVE-ID\nCVE-2015-1063 : Roman Digerberg, Sweden\n\niCloud Keychain\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker with a privileged network position may be able\nto execute arbitrary code\nDescription: Multiple buffer overflows existed in the handling of\ndata during iCloud Keychain recovery. \nCVE-ID\nCVE-2015-1061 : Ian Beer of Google Project Zero\n\nMobileStorageMounter\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious application may be able to create folders in\ntrusted locations in the file system\nDescription: An issue existed in the developer disk mounting logic\nwhich resulted in invalid disk image folders not being deleted. \nCVE-ID\nCVE-2015-1067 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine\nDelignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of\nProsecco at Inria Paris\n\nSpringboard\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A person with physical access to the device may be able to\nsee the home screen of the device even if the device is not activated\nDescription: An unexpected application termination during activation\ncould have caused the device to show the home screen. \nCVE-ID\nCVE-2015-1064\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"8.2\". \nCVE-ID\nCVE-2015-1061 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X Yosemite v10.10.2\nImpact: Maliciously crafted or compromised applications may be able\nto determine addresses in the kernel\nDescription: The mach_port_kobject kernel interface leaked kernel\naddresses and heap permutation value, which may aid in bypassing\naddress space layout randomization protection",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1067"
},
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "BID",
"id": "73009"
},
{
"db": "VULHUB",
"id": "VHN-79027"
},
{
"db": "PACKETSTORM",
"id": "130742"
},
{
"db": "PACKETSTORM",
"id": "131932"
},
{
"db": "PACKETSTORM",
"id": "130741"
},
{
"db": "PACKETSTORM",
"id": "130743"
}
],
"trust": 3.78
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-1067",
"trust": 3.2
},
{
"db": "CERT/CC",
"id": "VU#243585",
"trust": 2.4
},
{
"db": "BID",
"id": "73009",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1031830",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1031829",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU99125992",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU93832567",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90171154",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001770",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201503-235",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "131932",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-79027",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130742",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130741",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130743",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "VULHUB",
"id": "VHN-79027"
},
{
"db": "BID",
"id": "73009"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "PACKETSTORM",
"id": "130742"
},
{
"db": "PACKETSTORM",
"id": "131932"
},
{
"db": "PACKETSTORM",
"id": "130741"
},
{
"db": "PACKETSTORM",
"id": "130743"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-235"
},
{
"db": "NVD",
"id": "CVE-2015-1067"
}
]
},
"id": "VAR-201503-0091",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-79027"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:39:18.903000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30a2\u30e9\u30a4\u30c9\u30c6\u30ec\u30b7\u30b9\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
"trust": 1.6,
"url": "http://jvn.jp/vu/JVNVU99125992/522154/index.html"
},
{
"title": "NV15-016",
"trust": 1.6,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-016.html"
},
{
"title": "APPLE-SA-2015-03-09-1 iOS 8.2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00000.html"
},
{
"title": "APPLE-SA-2015-03-09-2 AppleTV 7.1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00001.html"
},
{
"title": "APPLE-SA-2015-03-09-3 Security Update 2015-002",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00002.html"
},
{
"title": "APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"title": "APPLE-SA-2015-05-19-1 Watch OS 1.0.1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/May/msg00001.html"
},
{
"title": "HT204423",
"trust": 0.8,
"url": "http://support.apple.com/en-us/HT204423"
},
{
"title": "HT204413",
"trust": 0.8,
"url": "http://support.apple.com/en-us/HT204413"
},
{
"title": "HT204659",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT204659"
},
{
"title": "HT204426",
"trust": 0.8,
"url": "http://support.apple.com/en-us/HT204426"
},
{
"title": "HT204870",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT204870"
},
{
"title": "HT204870",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT204870"
},
{
"title": "HT204659",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT204659"
},
{
"title": "HT204423",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT204423"
},
{
"title": "HT204413",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT204413"
},
{
"title": "HT204426",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT204426"
},
{
"title": "[08 Jan 2015]",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150108.txt"
},
{
"title": "3046015",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/3046015"
},
{
"title": "iPhone7,1_8.2_12D508_Restore",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54079"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-235"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-79027"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "NVD",
"id": "CVE-2015-1067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://freakattack.com/"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/mar/msg00000.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/mar/msg00002.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/73009"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht204413"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht204423"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht204426"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht204659"
},
{
"trust": 1.7,
"url": "https://support.apple.com/kb/ht204870"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1031829"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1031830"
},
{
"trust": 1.6,
"url": "https://www.smacktls.com/#freak"
},
{
"trust": 1.6,
"url": "http://jvn.jp/vu/jvnvu99125992/index.html"
},
{
"trust": 1.6,
"url": "https://www.kb.cert.org/vuls/id/243585"
},
{
"trust": 0.8,
"url": "http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/757.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/326.html"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc4346#appendix-f.1.1.2"
},
{
"trust": 0.8,
"url": "https://technet.microsoft.com/library/security/3046015.aspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1067"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90171154/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93832567/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1067"
},
{
"trust": 0.4,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1067"
},
{
"trust": 0.4,
"url": "http://gpgtools.org"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/appletv/features.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ipad/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/iphone/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ipodtouch/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "https://support.apple.com/kb/ht1222"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1061"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1062"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1065"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1104"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1093"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1099"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1101"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1096"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/204873"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1102"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1103"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1092"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1100"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht204641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1117"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1094"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1063"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1066"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4496"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "VULHUB",
"id": "VHN-79027"
},
{
"db": "BID",
"id": "73009"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "PACKETSTORM",
"id": "130742"
},
{
"db": "PACKETSTORM",
"id": "131932"
},
{
"db": "PACKETSTORM",
"id": "130741"
},
{
"db": "PACKETSTORM",
"id": "130743"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-235"
},
{
"db": "NVD",
"id": "CVE-2015-1067"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "VULHUB",
"id": "VHN-79027"
},
{
"db": "BID",
"id": "73009"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "PACKETSTORM",
"id": "130742"
},
{
"db": "PACKETSTORM",
"id": "131932"
},
{
"db": "PACKETSTORM",
"id": "130741"
},
{
"db": "PACKETSTORM",
"id": "130743"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-235"
},
{
"db": "NVD",
"id": "CVE-2015-1067"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-06T00:00:00",
"db": "CERT/CC",
"id": "VU#243585"
},
{
"date": "2015-03-11T00:00:00",
"db": "VULHUB",
"id": "VHN-79027"
},
{
"date": "2015-03-09T00:00:00",
"db": "BID",
"id": "73009"
},
{
"date": "2015-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"date": "2015-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"date": "2015-03-10T16:17:57",
"db": "PACKETSTORM",
"id": "130742"
},
{
"date": "2015-05-20T22:44:42",
"db": "PACKETSTORM",
"id": "131932"
},
{
"date": "2015-03-10T16:14:34",
"db": "PACKETSTORM",
"id": "130741"
},
{
"date": "2015-03-10T16:20:32",
"db": "PACKETSTORM",
"id": "130743"
},
{
"date": "2015-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-235"
},
{
"date": "2015-03-11T01:59:00.063000",
"db": "NVD",
"id": "CVE-2015-1067"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-27T00:00:00",
"db": "CERT/CC",
"id": "VU#243585"
},
{
"date": "2019-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-79027"
},
{
"date": "2015-07-15T00:04:00",
"db": "BID",
"id": "73009"
},
{
"date": "2017-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001770"
},
{
"date": "2017-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"date": "2019-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-235"
},
{
"date": "2024-11-21T02:24:35.490000",
"db": "NVD",
"id": "CVE-2015-1067"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SSL/TLS implementations accept export-grade RSA keys (FREAK attack)",
"sources": [
{
"db": "CERT/CC",
"id": "VU#243585"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-235"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.