CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2015-6996 – Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference
https://notcve.org/view.php?id=CVE-2015-6996
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app. IOAcceleratorFamily en Apple iOS en versiones anteriores a 9.1, OS X en versiones anteriores a 10.11.1 y watchOS en versiones anteriores a 2.0.1 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. IOUserClient::connectClient is an obscure IOKit method which according to the docs is supposed to "Inform a connection of a second connection." In fact IOKit provides no default implementation and only a handful of userclients actually implement it, and it's pretty much up to them to define the semantics of what "informing the connection of a second connection" actually means. One of the userclients which implements connectClient is IOAccelContext2 which is the parent of the IGAccelContext userclient family (which are the intel GPU accelerator userclients.) • https://www.exploit-db.com/exploits/39380 http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://www.securitytracker.com/id/1033929 https://support.apple.com/HT205370 https://support.apple.com/HT205375 https://support.apple.com/HT205378 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 3%CPEs: 3EXPL: 0CVE-2015-7006
https://notcve.org/view.php?id=CVE-2015-7006
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive. Vulnerabilidad de salto de directorio en el componente BOM (también conocido como Bill of Materials) en Apple iOS en versiones anteriores a 9.1, OS X en versiones anteriores a 10.11.1 y watchOS en versiones anteriores a 2.0.1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo CPIO. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://www.securitytracker.com/id/1033929 https://support.apple.com/HT205370 https://support.apple.com/HT205375 https://support.apple.com/HT205378 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-7015
https://notcve.org/view.php?id=CVE-2015-7015
Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client. Desbordamiento de buffer basado en memoria dinámica en la librería del cliente DNS en configd en Apple iOS en versiones anteriores a 9.1, OS X en versiones anteriores a 10.11.1 y watchOS en versiones anteriores a 2.0.1 permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada que envía una respuesta configd falsificada a un cliente. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://www.securitytracker.com/id/1033929 https://support.apple.com/HT205370 https://support.apple.com/HT205375 https://support.apple.com/HT205378 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5924
https://notcve.org/view.php?id=CVE-2015-5924
The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. La implementación OpenGL en Apple iOS en versiones anteriores a 9.1 y OS X en versiones anteriores a 10.11.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://www.securityfocus.com/bid/77263 http://www.securitytracker.com/id/1033929 https://support.apple.com/HT205370 https://support.apple.com/HT205375 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5925
https://notcve.org/view.php?id=CVE-2015-5925
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926. El componente CoreGraphics en Apple iOS en versiones anteriores a 9.1, OS X en versiones anteriores a 10.11.1 y watchOS en versiones anteriores a 2.0.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2015-5926. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://www.securitytracker.com/id/1033929 https://support.apple.com/HT205370 https://support.apple.com/HT205375 https://support.apple.com/HT205378 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •