CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7761
https://notcve.org/view.php?id=CVE-2015-7761
Mail in Apple OS X before 10.11 does not properly recognize user preferences, which allows attackers to obtain sensitive information via an unspecified action during the printing of an e-mail message, a different vulnerability than CVE-2015-7760. Mail en Apple OS X en versiones anteriores a 10.11 no reconoce correctamente las preferencias de usuario, lo que permite a atacantes obtener información sensible a través de una acción no especificada durante la impresión de un mensaje de correo electrónico, una vulnerabilidad diferente a CVE-2015-7760. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5866
https://notcve.org/view.php?id=CVE-2015-5866
IOHIDFamily in Apple OS X before 10.11 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. IOHIDFamily en Apple OS X en versiones anteriores a 10.11 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5887
https://notcve.org/view.php?id=CVE-2015-5887
The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data. La implementación del Handshake Protocol de TLS en Secure Transport en Apple OS X en versiones anteriores a 10.11 acepta un mensaje Certificate Request en una sesión en la cual no ha sido enviado un mensaje Server Key Exchange, lo que permite a atacantes remotos tener un impacto no especificado a través de datos TLS manipulados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-17: DEPRECATED: Code •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5901
https://notcve.org/view.php?id=CVE-2015-5901
The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive. La funcionalidad Secure Empty Trash en Apple OS X en versiones anteriores a 10.11 no borra adecuadamente los archivos Trash, lo que podría permitir a usuarios locales obtener información sensible medainte la lectura del almacenamiento multimedia, según lo demostrado mediante la lectura de una unidad flash. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5902
https://notcve.org/view.php?id=CVE-2015-5902
The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local users to cause a denial of service via unspecified vectors. La funcionalidad de depuración en el kernel en Apple OS X en versiones anteriores a 10.11 no gestiona correctamente el estado, lo que permite a usuarios locales provocar una denegación de servicio a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 •