Sign-up

ID

VAR-201508-0035


CVE

CVE-2015-5761


TITLE

Apple iOS and OS X of CoreText Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2015-004249

DESCRIPTION

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755. Attackers can exploit these issues to obtain sensitive information, execute arbitrary code with system privileges, perform unauthorized actions, bypass security restrictions, cause denial-of-service conditions, and perform other attacks. Versions prior to iOS 8.4.1 and OS X 10.10.5 are vulnerable. in the United States. CoreText is one of the text engines that can control text formatting and text layout

Trust: 1.98

sources: NVD: CVE-2015-5761 // JVNDB: JVNDB-2015-004249 // BID: 76343 // VULHUB: VHN-83722

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.10.4

Trust: 1.0

vendor:applemodel:iphone osscope:lteversion:8.4

Trust: 1.0

vendor:applemodel:itunesscope:lteversion:12.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.10 to 10.10.4

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.8.5

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.9.5

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.4.1 (ipad 2 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.4.1 (iphone 4s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.4.1 (ipod touch first 5 after generation )

Trust: 0.8

vendor:applemodel:itunesscope:ltversion:12.3 (windows 7 or later )

Trust: 0.8

vendor:applemodel:itunesscope:eqversion:12.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:8.4

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.10.4

Trust: 0.6

vendor:applemodel:keynotescope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:keynotescope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:keynotescope:eqversion:2.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.3.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:6.0.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:6.0.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:6.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.8

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.7.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.6

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.2.72

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.0.2.20

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.6

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.4

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.0

Trust: 0.3

sources: BID: 76343 // JVNDB: JVNDB-2015-004249 // CNNVD: CNNVD-201508-311 // NVD: CVE-2015-5761

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-5761
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-5761
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201508-311
value: MEDIUM

Trust: 0.6

VULHUB: VHN-83722
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-5761
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-83722
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-83722 // JVNDB: JVNDB-2015-004249 // CNNVD: CNNVD-201508-311 // NVD: CVE-2015-5761

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-83722 // JVNDB: JVNDB-2015-004249 // NVD: CVE-2015-5761

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201508-311

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201508-311

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-004249

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2015-09-16-3 iTunes 12.3url:http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html
Trust: 0.8
title:APPLE-SA-2015-08-13-3 iOS 8.4.1url:http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html
Trust: 0.8
title:APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006url:http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
Trust: 0.8
title:HT205221url:https://support.apple.com/en-us/HT205221
Trust: 0.8
title:HT205030url:http://support.apple.com/en-us/HT205030
Trust: 0.8
title:HT205031url:http://support.apple.com/en-us/HT205031
Trust: 0.8
title:HT205221url:http://support.apple.com/ja-jp/HT205221
Trust: 0.8
title:HT205030url:http://support.apple.com/ja-jp/HT205030
Trust: 0.8
title:HT205031url:http://support.apple.com/ja-jp/HT205031
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-004249

EXTERNAL IDS
db:NVDid:CVE-2015-5761
Trust: 2.8
db:BIDid:76343
Trust: 2.0
db:SECTRACKid:1033275
Trust: 1.1
db:JVNid:JVNVU99970459
Trust: 0.8
db:JVNid:JVNVU94440136
Trust: 0.8
db:JVNDBid:JVNDB-2015-004249
Trust: 0.8
db:CNNVDid:CNNVD-201508-311
Trust: 0.7
db:VULHUBid:VHN-83722
Trust: 0.1
sources:
            
            
            VULHUB: VHN-83722 // 
            
            
            
            BID: 76343 // 
            
            
            
            JVNDB: JVNDB-2015-004249 // 
            
            
            
            CNNVD: CNNVD-201508-311 // 
            
            
            
            NVD: CVE-2015-5761

REFERENCES
url:http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2015/aug/msg00002.html
Trust: 1.7
url:http://www.securityfocus.com/bid/76343
Trust: 1.7
url:https://support.apple.com/kb/ht205030
Trust: 1.7
url:https://support.apple.com/kb/ht205031
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2015/sep/msg00003.html
Trust: 1.1
url:https://support.apple.com/ht205221
Trust: 1.1
url:http://www.securitytracker.com/id/1033275
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5761
Trust: 0.8
url:http://jvn.jp/vu/jvnvu94440136/index.html
Trust: 0.8
url:http://jvn.jp/vu/jvnvu99970459/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5761
Trust: 0.8
url:http://www.apple.com/ios/
Trust: 0.3
url:http://www.apple.com/ipad/
Trust: 0.3
url:http://www.apple.com/iphone/
Trust: 0.3
url:http://www.apple.com/ipodtouch/
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
url:https://support.apple.com/en-us/ht205221
Trust: 0.3
sources:
            
            
            VULHUB: VHN-83722 // 
            
            
            
            BID: 76343 // 
            
            
            
            JVNDB: JVNDB-2015-004249 // 
            
            
            
            CNNVD: CNNVD-201508-311 // 
            
            
            
            NVD: CVE-2015-5761

CREDITS
Apple, TaiG Jailbreak Team, Michal Zalewski, John Villamil (@day6reak) from Yahoo Pentest Team, Ilja van Sprundel, Ian Beer of Google Project Zero, Frank Graziano of the Yahoo Pentest Team, Lufeng Li of Qihoo 360, Mathew Rowley, Bruno Morisson of INTEGRIT S.A.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201508-311

SOURCES
db:VULHUBid:VHN-83722
db:BIDid:76343
db:JVNDBid:JVNDB-2015-004249
db:CNNVDid:CNNVD-201508-311
db:NVDid:CVE-2015-5761

LAST UPDATE DATE
2025-04-13T21:04:01.754000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-83722date:2016-12-24T00:00:00
db:BIDid:76343date:2016-07-06T13:27:00
db:JVNDBid:JVNDB-2015-004249date:2015-10-05T00:00:00
db:CNNVDid:CNNVD-201508-311date:2015-08-21T00:00:00
db:NVDid:CVE-2015-5761date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-83722date:2015-08-17T00:00:00
db:BIDid:76343date:2015-08-13T00:00:00
db:JVNDBid:JVNDB-2015-004249date:2015-08-21T00:00:00
db:CNNVDid:CNNVD-201508-311date:2015-08-18T00:00:00
db:NVDid:CVE-2015-5761date:2015-08-17T00:00:44.220