CVSS: 6.8EPSS: 6%CPEs: 3EXPL: 0CVE-2015-6978 – Apple Safari TTF Out-Of-Bounds Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6978
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018. FontParser en Apple iOS en versiones anteriores a 9.1 y OS X en versiones anteriores a 10.11.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un archivo de fuente manipulado, una vulnerabilidad diferente a CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010 y CVE-2015-7018. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of fonts embedded in PDFs. An attacker could leverage this vulnerability to execute arbitrary code under the context of the current process. • http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://www.securityfocus.com/bid/77263 http://www.securitytracker.com/id/1033929 http://www.zerodayinitiative.com/advisories/ZDI-15-533 https://support.apple.com/HT205370 https://support.apple.com/HT205375 https://support.apple.com/HT205641 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3785
https://notcve.org/view.php?id=CVE-2015-3785
The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors. El componente Telephony en Apple OS X en versiones anteriores a 10.11, cuando la funcionalidad Continuity está habilitada, permite a usuarios locales eludir las restricciones destinadas a llamadas telefónicas a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5849
https://notcve.org/view.php?id=CVE-2015-5849
The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send events to a different user, which allows attackers to bypass intended access restrictions by leveraging a screen-sharing connection. La implementación de filtrado en AppleEvents en Apple OS X en versiones anterioes a 10.11 no maneja correctamente los intentos de enviar eventos a un usuario diferente, lo que permite a atacantes eludir las restricciones destinadas al acceso aprovechando una conexión de pantalla compartida. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5883
https://notcve.org/view.php?id=CVE-2015-5883
The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 10.11 interpret directional override formatting characters differently, which allows remote attackers to spoof the content of a text document via a crafted character sequence. Las implementaciones de visualización de texto bidireccional y selección de texto en Terminal en Apple OS X en versiones anteriores 10.11 interpreta caracteres de formato de sobreescritura de dirección de manera distinta, lo que permite a atacantes remotos falsificar el contenido de un documento de texto a través de una secuencia de caracteres manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5887
https://notcve.org/view.php?id=CVE-2015-5887
The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data. La implementación del Handshake Protocol de TLS en Secure Transport en Apple OS X en versiones anteriores a 10.11 acepta un mensaje Certificate Request en una sesión en la cual no ha sido enviado un mensaje Server Key Exchange, lo que permite a atacantes remotos tener un impacto no especificado a través de datos TLS manipulados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-17: DEPRECATED: Code •