CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5915
https://notcve.org/view.php?id=CVE-2015-5915
Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors. Apple OS X en versiones anteriores a 10.11 no asegura que el estado de bloqueo del llavero se muestre correctamente, lo que tiene un impacto y vectores de ataque no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-17: DEPRECATED: Code •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5893
https://notcve.org/view.php?id=CVE-2015-5893
SMBClient in SMB in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. SMBClient en SMB en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener información sensible de la estructura de memoria del kernel a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5884
https://notcve.org/view.php?id=CVE-2015-5884
The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for attachments, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during transmission of an S/MIME e-mail message with a large attachment. La funcionalidad de Mail Drop en Mail en Apple OS X en versiones anteriores a 10.11 no maneja correctamente los parámetros de cifrado para los documentos adjuntos, lo que hace más fácil para atacantes remotos obtener información sensible rastreando la red durante la transmisión de un mensaje de correo electrónico S/MIME con un anexo largo. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5913
https://notcve.org/view.php?id=CVE-2015-5913
Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request. Heimdal, tal como se utiliza en Apple OS X en versiones anteriores a 10.11, permite a atacantes remotos llevar a cabo ataques de repetición contra el servidor SMB a través de datos en un paquete que representan una petición de autenticación Kerberos. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-284: Improper Access Control •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5888
https://notcve.org/view.php?id=CVE-2015-5888
The Install Framework Legacy component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving a privileged executable file. El componente Install Framework Legacy en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener privilegios de root a través de vectores que implican un archivo ejecutable privilegiado. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-264: Permissions, Privileges, and Access Controls •