CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5774
https://notcve.org/view.php?id=CVE-2015-5774
Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors. Desbordamiento de búfer en IOHIDFamily en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales obtener privilegios a través de vectores no especificados . • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://www.securityfocus.com/bid/76343 http://www.securitytracker.com/id/1033275 https://support.apple.com/kb/HT205030 https://support.apple.com/kb/HT205031 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5782
https://notcve.org/view.php?id=CVE-2015-5782
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image. Vulnerabilidad en ImageIO en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a atacantes remotos obtener información sensible de la memoria del proceso a través de una imagen TIFF manipulada. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://www.securityfocus.com/bid/76343 http://www.securitytracker.com/id/1033275 https://support.apple.com/kb/HT205030 https://support.apple.com/kb/HT205031 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5748
https://notcve.org/view.php?id=CVE-2015-5748
The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume. Vulnerabilidad en el kernel en Apple OS X en versiones anteriores a 10.10.5, no monta adecuadamente volúmenes HFS, lo que permite a usuarios locales causar una denegación de servicio a través de un volumen manipulado. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76340 http://www.securitytracker.com/id/1033276 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/kb/HT205031 • CWE-17: DEPRECATED: Code •
CVSS: 6.8EPSS: 9%CPEs: 2EXPL: 0CVE-2015-5751
https://notcve.org/view.php?id=CVE-2015-5751
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5753, and CVE-2015-5779. Vulnerabilidad en QuickTime 7 en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo manipulado, una vulnerabilidad diferente a CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5753 y CVE-2015-5779. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00004.html http://www.securityfocus.com/bid/76340 http://www.securitytracker.com/id/1033276 https://support.apple.com/HT205046 https://support.apple.com/kb/HT205031 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2015-5754 – Apple Mac OSX Install.Framework - SUID Root Runner Binary Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-5754
Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error. Vulnerabilidad de condición de carrera en hilos corriendo en Install.framework en el componente Install Framework Legacy en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes ejecutar código arbitrario en un contexto con privilegios a través de una aplicación manipulada que aprovecha la caída incorrecta de privilegios asociada a un error de bloqueo. The Install.framework runner suid root binary does not correctly account for the fact that Distributed Objects can be connected to by multiple clients at the same time. By connecting two proxy objects to an IFInstallRunner and calling [IFInstallRunner makeReceiptDirAt:asRoot:] in the first and passing a custom object as the directory name we can get a callback to our code just after the makeReceiptDirAt code has called seteuid(0);setguid(0) to regain privs. Since BSD priviledges are per-process this means that our other proxy object will now have euid 0 without having to provide an authorization reference. • https://www.exploit-db.com/exploits/38136 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://packetstormsecurity.com/files/133550/OS-X-Suid-Privilege-Escalation.html http://www.securityfocus.com/bid/76340 http://www.securitytracker.com/id/1033276 https://support.apple.com/kb/HT205031 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •