CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5934
https://notcve.org/view.php?id=CVE-2015-5934
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5933. Audio en Apple OS X en versiones anteriores a 10.11.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un archivo de audio manipulado, una vulnerabilidad diferente a CVE-2015-5933. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html https://support.apple.com/HT205375 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5938
https://notcve.org/view.php?id=CVE-2015-5938
ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image. ImageIO en Apple OS X en versiones anteriores a 10.11.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de metadatos manipulados en una imagen. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html https://support.apple.com/HT205375 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5932
https://notcve.org/view.php?id=CVE-2015-5932
The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing. El kernel en Apple OS X en versiones anteriores a 10.11.1 permite a usuarios locales obtener privilegios mediante el aprovechamiento de un 'type confusion' no especificado durante el procesamiento de tareas Mach. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html https://support.apple.com/HT205375 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5944
https://notcve.org/view.php?id=CVE-2015-5944
CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. CoreText en Apple OS X en versiones anteriores a 10.11.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un archivo de fuente manipulado. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html https://support.apple.com/HT205375 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5945
https://notcve.org/view.php?id=CVE-2015-5945
The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters. El subsistema Sandbox en Apple OS X en versiones anteriores a 10.11.1 permite a usuarios locales obtener privilegios a través de vectores que involucran parámetros NVRAM. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html https://support.apple.com/HT205375 • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •