CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5865
https://notcve.org/view.php?id=CVE-2015-5865
IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. IOGraphics en Apple OS X en versiones anteriores a 10.11 permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5884
https://notcve.org/view.php?id=CVE-2015-5884
The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for attachments, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during transmission of an S/MIME e-mail message with a large attachment. La funcionalidad de Mail Drop en Mail en Apple OS X en versiones anteriores a 10.11 no maneja correctamente los parámetros de cifrado para los documentos adjuntos, lo que hace más fácil para atacantes remotos obtener información sensible rastreando la red durante la transmisión de un mensaje de correo electrónico S/MIME con un anexo largo. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5897
https://notcve.org/view.php?id=CVE-2015-5897
The Address Book framework in Apple OS X before 10.11 allows local users to gain privileges by using an environment variable to inject code into processes that rely on this framework. El framework Address Book en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener privilegios utilizando una variable de entorno para inyectar código en procesos que dependen de este framework. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5871
https://notcve.org/view.php?id=CVE-2015-5871
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890. IOGraphics en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5872, CVE-2015-5873 y CVE-2015-5890. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5854
https://notcve.org/view.php?id=CVE-2015-5854
The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain access to keychain items via unspecified vectors. La implementación de copia de respaldo en Time Machine en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener acceso a los elementos del llavero a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76908 http://www.securitytracker.com/id/1033703 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •