Details of VAR-201507-0440

ID

VAR-201507-0440

CVE

CVE-2015-3677

TITLE

Apple OS X of AppleFSCompression of LZVN Vulnerability in obtaining important memory layout information of kernel in compression function

Trust: 0.8

sources: JVNDB: JVNDB-2015-003376

DESCRIPTION

The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of DMG files. The issue lies in the handling of LZVN compressed streams. An attacker can leverage this vulnerability to leak the sensitive contents of physical memory. Apple Mac OS X is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4

Trust: 2.7

sources: NVD: CVE-2015-3677 // JVNDB: JVNDB-2015-003376 // ZDI: ZDI-15-286 // BID: 75493 // VULHUB: VHN-81638 // VULMON: CVE-2015-3677

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.10.3	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10 to 10.10.3	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.8.5	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.9.5	Trust: 0.8
vendor:	apple	model:	os x	scope:	-	version:	-	Trust: 0.7
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10.3	Trust: 0.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.6	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7.3.4	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7	Trust: 0.3

sources: ZDI: ZDI-15-286 // BID: 75493 // JVNDB: JVNDB-2015-003376 // CNNVD: CNNVD-201507-038 // NVD: CVE-2015-3677

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-3677
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-3677
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2015-3677
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201507-038
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-81638
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2015-3677
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-3677
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
ZDI:	CVE-2015-3677
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:C/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
VULHUB:	VHN-81638
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: ZDI: ZDI-15-286 // VULHUB: VHN-81638 // VULMON: CVE-2015-3677 // JVNDB: JVNDB-2015-003376 // CNNVD: CNNVD-201507-038 // NVD: CVE-2015-3677

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-81638 // JVNDB: JVNDB-2015-003376 // NVD: CVE-2015-3677

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-038

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201507-038

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003376

PATCH

title:	APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005	url:	http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html	Trust: 0.8
title:	HT204942	url:	http://support.apple.com/en-us/HT204942	Trust: 0.8
title:	HT204942	url:	http://support.apple.com/ja-jp/HT204942	Trust: 0.8
title:	Apple has issued an update to correct this vulnerability.	url:	https://support.apple.com/kb/HT1222	Trust: 0.7
title:	quicktime7.7.7_installer	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56517	Trust: 0.6
title:	osxupd10.10.4	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56516	Trust: 0.6
title:	iPhone7,1_8.4_12H143_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56515	Trust: 0.6
title:	Apple: OS X Yosemite v10.10.4 and Security Update 2015-005	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=50398602701d671602946005c7864211	Trust: 0.1

sources: ZDI: ZDI-15-286 // VULMON: CVE-2015-3677 // JVNDB: JVNDB-2015-003376 // CNNVD: CNNVD-201507-038

EXTERNAL IDS

db:	NVD	id:	CVE-2015-3677	Trust: 3.6
db:	BID	id:	75493	Trust: 1.5
db:	SECTRACK	id:	1032760	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-003376	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-2719	Trust: 0.7
db:	ZDI	id:	ZDI-15-286	Trust: 0.7
db:	CNNVD	id:	CNNVD-201507-038	Trust: 0.7
db:	VULHUB	id:	VHN-81638	Trust: 0.1
db:	VULMON	id:	CVE-2015-3677	Trust: 0.1

sources: ZDI: ZDI-15-286 // VULHUB: VHN-81638 // VULMON: CVE-2015-3677 // BID: 75493 // JVNDB: JVNDB-2015-003376 // CNNVD: CNNVD-201507-038 // NVD: CVE-2015-3677

REFERENCES

url:	http://support.apple.com/kb/ht204942	Trust: 1.9
url:	http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/75493	Trust: 1.2
url:	http://www.securitytracker.com/id/1032760	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3677	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3677	Trust: 0.8
url:	https://support.apple.com/kb/ht1222	Trust: 0.7
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/200.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/apple-osx-adminframework-cve-2015-3718	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=39581	Trust: 0.1

sources: ZDI: ZDI-15-286 // VULHUB: VHN-81638 // VULMON: CVE-2015-3677 // BID: 75493 // JVNDB: JVNDB-2015-003376 // CNNVD: CNNVD-201507-038 // NVD: CVE-2015-3677

CREDITS

Anonymous

Trust: 0.7

sources: ZDI: ZDI-15-286

SOURCES

db:	ZDI	id:	ZDI-15-286
db:	VULHUB	id:	VHN-81638
db:	VULMON	id:	CVE-2015-3677
db:	BID	id:	75493
db:	JVNDB	id:	JVNDB-2015-003376
db:	CNNVD	id:	CNNVD-201507-038
db:	NVD	id:	CVE-2015-3677

LAST UPDATE DATE

2025-04-13T22:46:34.336000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-15-286	date:	2015-07-01T00:00:00
db:	VULHUB	id:	VHN-81638	date:	2017-09-22T00:00:00
db:	VULMON	id:	CVE-2015-3677	date:	2017-09-22T00:00:00
db:	BID	id:	75493	date:	2015-07-15T00:57:00
db:	JVNDB	id:	JVNDB-2015-003376	date:	2015-07-07T00:00:00
db:	CNNVD	id:	CNNVD-201507-038	date:	2015-07-10T00:00:00
db:	NVD	id:	CVE-2015-3677	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-15-286	date:	2015-07-01T00:00:00
db:	VULHUB	id:	VHN-81638	date:	2015-07-03T00:00:00
db:	VULMON	id:	CVE-2015-3677	date:	2015-07-03T00:00:00
db:	BID	id:	75493	date:	2015-06-30T00:00:00
db:	JVNDB	id:	JVNDB-2015-003376	date:	2015-07-07T00:00:00
db:	CNNVD	id:	CNNVD-201507-038	date:	2015-07-03T00:00:00
db:	NVD	id:	CVE-2015-3677	date:	2015-07-03T01:59:33.727