Details of VAR-201507-0442

ID

VAR-201507-0442

CVE

CVE-2015-3679

TITLE

Apple OS X of Apple Type Services Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2015-003378

DESCRIPTION

Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3680, CVE-2015-3681, and CVE-2015-3682. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of font collection files. The issue lies in the parsing of the 'morx' table. An attacker can leverage this vulnerability to execute code under the context of the current user. Apple Mac OS X is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4

Trust: 2.7

sources: NVD: CVE-2015-3679 // JVNDB: JVNDB-2015-003378 // ZDI: ZDI-15-287 // BID: 75493 // VULHUB: VHN-81640 // VULMON: CVE-2015-3679

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.10.3	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10 to 10.10.3	Trust: 0.8
vendor:	apple	model:	os x	scope:	-	version:	-	Trust: 0.7
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10.3	Trust: 0.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.6	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7.3.4	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7	Trust: 0.3

sources: ZDI: ZDI-15-287 // BID: 75493 // JVNDB: JVNDB-2015-003378 // CNNVD: CNNVD-201507-040 // NVD: CVE-2015-3679

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-3679
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-3679
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2015-3679
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201507-040
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-81640
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2015-3679
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-3679
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.6
VULHUB:	VHN-81640
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: ZDI: ZDI-15-287 // VULHUB: VHN-81640 // VULMON: CVE-2015-3679 // JVNDB: JVNDB-2015-003378 // CNNVD: CNNVD-201507-040 // NVD: CVE-2015-3679

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-81640 // JVNDB: JVNDB-2015-003378 // NVD: CVE-2015-3679

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-040

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201507-040

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003378

PATCH

title:	APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005	url:	http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html	Trust: 0.8
title:	HT204942	url:	http://support.apple.com/en-us/HT204942	Trust: 0.8
title:	HT204942	url:	http://support.apple.com/ja-jp/HT204942	Trust: 0.8
title:	Apple has issued an update to correct this vulnerability.	url:	http://support.apple.com/kb/HT201222	Trust: 0.7
title:	quicktime7.7.7_installer	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56517	Trust: 0.6
title:	osxupd10.10.4	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56516	Trust: 0.6
title:	iPhone7,1_8.4_12H143_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56515	Trust: 0.6
title:	Apple: OS X Yosemite v10.10.4 and Security Update 2015-005	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=50398602701d671602946005c7864211	Trust: 0.1

sources: ZDI: ZDI-15-287 // VULMON: CVE-2015-3679 // JVNDB: JVNDB-2015-003378 // CNNVD: CNNVD-201507-040

EXTERNAL IDS

db:	NVD	id:	CVE-2015-3679	Trust: 3.6
db:	BID	id:	75493	Trust: 1.5
db:	SECTRACK	id:	1032760	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-003378	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-2735	Trust: 0.7
db:	ZDI	id:	ZDI-15-287	Trust: 0.7
db:	CNNVD	id:	CNNVD-201507-040	Trust: 0.7
db:	VULHUB	id:	VHN-81640	Trust: 0.1
db:	VULMON	id:	CVE-2015-3679	Trust: 0.1

sources: ZDI: ZDI-15-287 // VULHUB: VHN-81640 // VULMON: CVE-2015-3679 // BID: 75493 // JVNDB: JVNDB-2015-003378 // CNNVD: CNNVD-201507-040 // NVD: CVE-2015-3679

REFERENCES

url:	http://support.apple.com/kb/ht204942	Trust: 1.9
url:	http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/75493	Trust: 1.2
url:	http://www.securitytracker.com/id/1032760	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3679	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3679	Trust: 0.8
url:	http://support.apple.com/kb/ht201222	Trust: 0.7
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/apple-osx-adminframework-cve-2015-3718	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=39581	Trust: 0.1

sources: ZDI: ZDI-15-287 // VULHUB: VHN-81640 // VULMON: CVE-2015-3679 // BID: 75493 // JVNDB: JVNDB-2015-003378 // CNNVD: CNNVD-201507-040 // NVD: CVE-2015-3679

CREDITS

Pawel Wylecial

Trust: 0.7

sources: ZDI: ZDI-15-287

SOURCES

db:	ZDI	id:	ZDI-15-287
db:	VULHUB	id:	VHN-81640
db:	VULMON	id:	CVE-2015-3679
db:	BID	id:	75493
db:	JVNDB	id:	JVNDB-2015-003378
db:	CNNVD	id:	CNNVD-201507-040
db:	NVD	id:	CVE-2015-3679

LAST UPDATE DATE

2025-04-13T20:17:36.551000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-15-287	date:	2015-07-01T00:00:00
db:	VULHUB	id:	VHN-81640	date:	2017-09-22T00:00:00
db:	VULMON	id:	CVE-2015-3679	date:	2017-09-22T00:00:00
db:	BID	id:	75493	date:	2015-07-15T00:57:00
db:	JVNDB	id:	JVNDB-2015-003378	date:	2015-07-07T00:00:00
db:	CNNVD	id:	CNNVD-201507-040	date:	2015-07-10T00:00:00
db:	NVD	id:	CVE-2015-3679	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-15-287	date:	2015-07-01T00:00:00
db:	VULHUB	id:	VHN-81640	date:	2015-07-03T00:00:00
db:	VULMON	id:	CVE-2015-3679	date:	2015-07-03T00:00:00
db:	BID	id:	75493	date:	2015-06-30T00:00:00
db:	JVNDB	id:	JVNDB-2015-003378	date:	2015-07-07T00:00:00
db:	CNNVD	id:	CNNVD-201507-040	date:	2015-07-03T00:00:00
db:	NVD	id:	CVE-2015-3679	date:	2015-07-03T01:59:35.323