CVSS: 6.8EPSS: 5%CPEs: 3EXPL: 0CVE-2015-3686
https://notcve.org/view.php?id=CVE-2015-3686
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabilidad diferente a CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, y CVE-2015-3689. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75491 http://www.securitytracker.com/id/1032760 https://support.apple.com/HT205221 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 5%CPEs: 3EXPL: 0CVE-2015-3687
https://notcve.org/view.php?id=CVE-2015-3687
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabilidad diferente a CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, y CVE-2015-3689. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75491 http://www.securitytracker.com/id/1032760 https://support.apple.com/HT205221 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 5%CPEs: 3EXPL: 0CVE-2015-3688
https://notcve.org/view.php?id=CVE-2015-3688
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabilidad diferente a CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, y CVE-2015-3689. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75491 http://www.securitytracker.com/id/1032760 https://support.apple.com/HT205221 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 12%CPEs: 10EXPL: 4CVE-2015-1157
https://notcve.org/view.php?id=CVE-2015-1157
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message. CoreText en Apple iOS 8.x hasta 8.3 permite a atacantes remotos causar una denegación de servicio (reinicio y interrupción de mensaje) a través de texto Unicode manipulado que no se maneja correctamente durante la truncación de la pantalla en la característica Notifications, tal y como fue demostrado por caracteres arábigos en (1) un mensaje de SMS o (2) un mensaje de WhatsApp. • https://github.com/perillamint/CVE-2015-1157 http://9to5mac.com/2015/05/27/how-to-fix-ios-text-message-bug-crash-reboot http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 http://www.ibtimes.co.uk/apple-ios-bug-sees-message-app-crash-iph • CWE-17: DEPRECATED: Code •
CVSS: 6.8EPSS: 2%CPEs: 22EXPL: 0CVE-2015-1152
https://notcve.org/view.php?id=CVE-2015-1152
WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154. WebKit, utilizado en Apple Safari anterior a 6.2.6, 7.x anterior a 7.1.6, y 8.x anterior a 8.0.6, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2015-1153 y CVE-2015-1154. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/May/msg00000.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html http://support.apple.com/kb/HT204941 http://www.securityfocus.com/bid/74525 http://www.securitytracker.com/id/1032270 https://suppor •