CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5842
https://notcve.org/view.php?id=CVE-2015-5842
XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via unknown vectors. Vulnerabilidad en XNU en el kernel en Apple iOS en versiones anteriores a 9, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a usuarios locales obtener información sensible de la estructura de memoria a través de vectores desconocidos. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5847
https://notcve.org/view.php?id=CVE-2015-5847
The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Vulnerabilidad en el componente Disk Images en Apple iOS en versiones anteriores a 9, permite a usuarios locales ganar privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5869
https://notcve.org/view.php?id=CVE-2015-5869
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. Vulnerabilidad en la implementación del protocolo Neighbor Discovery (ND) en la pila IPv6 en Apple iOS en versiones anteriores a 9, permite a atacantes remotos reconfigurar un ajuste de límite de salto a través de un valor hop_limit pequeño en un mensaje Router Advertisement (RA). • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://openwall.com/lists/oss-security/2015/04/04/2 http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5845
https://notcve.org/view.php?id=CVE-2015-5845
IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5844 and CVE-2015-5846. Vulnerabilidad en IOKit en el kernel en Apple iOS en versiones anteriores a 9, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar un a denegación de servicio (corrupción de memoria) a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2015-5844 y CVE-2015-5846. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5898
https://notcve.org/view.php?id=CVE-2015-5898
CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID. Vulnerabilidad en CFNetwork en Apple iOS en versiones anteriores a 9, confía en el UID de hardware para su clave de cifrado caché, lo que facilita a atacantes físicamente próximos obtener información sensible mediante la obtención de este UID . • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •