Details of VAR-201508-0406

ID

VAR-201508-0406

CVE

CVE-2015-3762

TITLE

TextEdit Used in Apple OS X of Text Formats Vulnerability in reading arbitrary files in components

Trust: 0.8

sources: JVNDB: JVNDB-2015-004262

DESCRIPTION

The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. Note: The issue described by CVE-2015-3778 has been removed. These issues affect OS X prior to 10.10.5. Both Apple iOS and TextEdit are products of Apple (Apple). Apple iOS is an operating system developed for mobile devices; TextEdit is an open source word processor and text editor. Text Formats is one of the text format components

Trust: 1.98

sources: NVD: CVE-2015-3762 // JVNDB: JVNDB-2015-004262 // BID: 76340 // VULHUB: VHN-81723

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.10.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10 to 10.10.4	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10.4	Trust: 0.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.6	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7.3.4	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	quicktime	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.4	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.0	Trust: 0.3

sources: BID: 76340 // JVNDB: JVNDB-2015-004262 // CNNVD: CNNVD-201508-295 // NVD: CVE-2015-3762

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-3762
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-3762
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201508-295
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-81723
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-3762
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-81723
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-81723 // JVNDB: JVNDB-2015-004262 // CNNVD: CNNVD-201508-295 // NVD: CVE-2015-3762

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-81723 // JVNDB: JVNDB-2015-004262 // NVD: CVE-2015-3762

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201508-295

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201508-295

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004262

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006	url:	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	Trust: 0.8
title:	HT205031	url:	http://support.apple.com/en-us/HT205031	Trust: 0.8
title:	HT205031	url:	http://support.apple.com/ja-jp/HT205031	Trust: 0.8
title:	osxupd10.10.5	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57197	Trust: 0.6
title:	iPhone7,1_8.4.1_12H321_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57198	Trust: 0.6

sources: JVNDB: JVNDB-2015-004262 // CNNVD: CNNVD-201508-295

EXTERNAL IDS

db:	NVD	id:	CVE-2015-3762	Trust: 2.8
db:	BID	id:	76340	Trust: 2.0
db:	SECTRACK	id:	1033276	Trust: 1.1
db:	JVN	id:	JVNVU94440136	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-004262	Trust: 0.8
db:	CNNVD	id:	CNNVD-201508-295	Trust: 0.7
db:	ZDI	id:	ZDI-15-390	Trust: 0.3
db:	VULHUB	id:	VHN-81723	Trust: 0.1

sources: VULHUB: VHN-81723 // BID: 76340 // JVNDB: JVNDB-2015-004262 // CNNVD: CNNVD-201508-295 // NVD: CVE-2015-3762

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/76340	Trust: 1.7
url:	https://support.apple.com/kb/ht205031	Trust: 1.7
url:	http://www.securitytracker.com/id/1033276	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3762	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu94440136/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3762	Trust: 0.8
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-15-390/	Trust: 0.3
url:	http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00004.html	Trust: 0.3
url:	https://support.apple.com/en-ie/ht205031	Trust: 0.3

sources: VULHUB: VHN-81723 // BID: 76340 // JVNDB: JVNDB-2015-004262 // CNNVD: CNNVD-201508-295 // NVD: CVE-2015-3762

CREDITS

An anonymous researcher working with HP's Zero Day Initiative, Jeffrey Paul of EEQJ, Jan Bee of the Google Security Team, Maxime VILLARD of m00nbsd, Ryan Pentney and Richard Johnson of Cisco Talos, Xiaoyong Wu of the Evernote Security Team, JieTao Yang of KeenTeam

Trust: 0.6

sources: CNNVD: CNNVD-201508-295

SOURCES

db:	VULHUB	id:	VHN-81723
db:	BID	id:	76340
db:	JVNDB	id:	JVNDB-2015-004262
db:	CNNVD	id:	CNNVD-201508-295
db:	NVD	id:	CVE-2015-3762

LAST UPDATE DATE

2025-04-13T21:57:53.037000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-81723	date:	2017-09-21T00:00:00
db:	BID	id:	76340	date:	2016-07-05T21:35:00
db:	JVNDB	id:	JVNDB-2015-004262	date:	2015-08-21T00:00:00
db:	CNNVD	id:	CNNVD-201508-295	date:	2015-08-21T00:00:00
db:	NVD	id:	CVE-2015-3762	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-81723	date:	2015-08-16T00:00:00
db:	BID	id:	76340	date:	2015-08-13T00:00:00
db:	JVNDB	id:	JVNDB-2015-004262	date:	2015-08-21T00:00:00
db:	CNNVD	id:	CNNVD-201508-295	date:	2015-08-18T00:00:00
db:	NVD	id:	CVE-2015-3762	date:	2015-08-16T23:59:35.533