CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1141
https://notcve.org/view.php?id=CVE-2015-1141
The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors. La funcionalidad mach_vm_read en el kernel en Apple OS X anterior a 10.10.3 permite a usuarios locales causar una denegación de servicio (caída del sistema) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1133
https://notcve.org/view.php?id=CVE-2015-1133
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135. fontd en Apple Type Services (ATS) en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, y CVE-2015-1135. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1143
https://notcve.org/view.php?id=CVE-2015-1143
LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue. LaunchServices en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de una cadena de texto localizada manipulada, relacionado con un problema de 'type confusion'. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1140 – Apple OS X IOHIDSecurePromptClient Untrusted Pointer Dereference Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1140
Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors. Desbordamiento de buffer en IOHIDFamily en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de vectores no especificados. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of calls to IOHIDSecurePromptClient. The issue lies in the failure to properly sanitize user-supplied pointers before they are dereferenced. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1135
https://notcve.org/view.php?id=CVE-2015-1135
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1134. fontd en Apple Type Services (ATS) en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, y CVE-2015-1134. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 • CWE-20: Improper Input Validation •