CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2015-3673 – Apple OS X Entitlements Rootpipe Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-3673
Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility. Admin Framework en Apple OS X anterior a 10.10.4 no restringe correctamente la localización de los clientes writeconfig, lo que permite a usuarios locales obtener privilegios root mediante el traslado y posterior modificación de Directory Utility. • https://www.exploit-db.com/exploits/38036 http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75493 http://www.securitytracker.com/id/1032760 https://truesecdev.wordpress.com/2015/07/01/exploiting-rootpipe-again https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/osx/local/rootpipe_entitlements.rb • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3672
https://notcve.org/view.php?id=CVE-2015-3672
Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors, which allows local users to obtain admin privileges via unspecified vectors. Admin Framework en Apple OS X anterior a 10.10.4 no maneja correctamente los errores de autenticación, lo que permite a usuarios locales obtener privilegios de la administración a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75493 http://www.securitytracker.com/id/1032760 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0CVE-2015-3694
https://notcve.org/view.php?id=CVE-2015-3694
FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719. FontParser en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción memoria) a través de un fichero de fuentes manipulado, una vulnerabilidad diferente a CVE-2015-3719. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75491 http://www.securitytracker.com/id/1032760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0CVE-2015-3719
https://notcve.org/view.php?id=CVE-2015-3719
TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694. TrueTypeScaler en FontParser en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de fuentes manipulado, una vulnerabilidad diferente a CVE-2015-3694. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75491 http://www.securitytracker.com/id/1032760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0CVE-2015-3685
https://notcve.org/view.php?id=CVE-2015-3685
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabilidad diferente a CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, y CVE-2015-3689. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75491 http://www.securitytracker.com/id/1032760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •