ID

VAR-201508-0452


CVE

CVE-2015-3807


TITLE

Apple iOS and OS X of libxml2 Vulnerability in which important information is obtained from process memory

Trust: 0.8

sources: JVNDB: JVNDB-2015-004244

DESCRIPTION

libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document. Apple Mac OS X and iOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to obtain sensitive information, execute arbitrary code with system privileges, perform unauthorized actions, bypass security restrictions, cause denial-of-service conditions, and perform other attacks. Versions prior to iOS 8.4.1 and OS X 10.10.5 are vulnerable. in the United States. Libxml2 is one of the function library components based on C language for parsing XML documents. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses the following: apache_mod_php Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30. CVE-ID CVE-2015-7803 CVE-2015-7804 AppSandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt Bluetooth Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7108 : Ian Beer of Google Project Zero CFNetwork HTTPProtocol Available for: OS X El Capitan v10.11 and v10.11.1 Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) Compression Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru Configuration Profiles Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local attacker may be able to install a configuration profile without admin privileges Description: An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-7062 : David Mulder of Dell Software CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team CoreMedia Playback Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7074 : Apple CVE-2015-7075 Disk Images Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7110 : Ian Beer of Google Project Zero EFI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7063 : Apple File Bookmark Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7071 : Apple Hypervisor Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management. CVE-ID CVE-2015-7078 : Ian Beer of Google Project Zero iBooks Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A null pointer dereference issue was addressed through improved input validation. CVE-ID CVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7077 : Ian Beer of Google Project Zero IOAcceleratorFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7109 : Juwei Lin of TrendMicro IOHIDFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero IOKit SCSI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero IOThunderboltFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts. CVE-ID CVE-2015-7067 : Juwei Lin of TrendMicro Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool) Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero kext tools Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A validation issue existed during the loading of kernel extensions. This issue was addressed through additional verification. CVE-ID CVE-2015-7052 : Apple Keychain Access Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to masquerade as the Keychain Server. Description: An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality. CVE-ID CVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi- Min Hu of Tsinghua University, and Xinhui Han of Peking University libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift libc Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM) libexpat Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in expat Description: Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks OpenLDAP Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote unauthenticated client may be able to cause a denial of service Description: An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation. CVE-ID CVE-2015-6908 OpenSSH Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in LibreSSL Description: Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8. CVE-ID CVE-2015-5333 CVE-2015-5334 QuickLook Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107 Sandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc. Security Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google Security Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058 System Integrity Protection Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to execute arbitrary code with system privileges Description: A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7044 : MacDefender Installation note: Security Update 2015-008 is recommended for all users and improves the security of OS X. After installing this update, the QuickTime 7 web browser plug-in will no longer be enabled by default. Learn what to do if you still need this legacy plug-in. https://support.apple.com/en-us/HT205081 OS X El Capitan v10.11.2 includes the security content of Safari 9.0.2: https://support.apple.com/en-us/HT205639 OS X El Capitan 10.11.2 and Security Update 2015-008 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWZzzVAAoJEBcWfLTuOo7tQsMQAIBHD6EQQmEBqEqNqszdNS4j PE0wrKpgJUe79i5bUVXF3e8bK41+QGQzouceIaKK/r0aizEmUFbgvKG0BFCYacjn +XiDt0V4Itnf2VVvcjodEjVM8Os1BVl0G4tsrXfqJNJ8UmzqQfSFZZ0l+/yQW0rQ jtGYuBIezeWJ/2aA2l5qC89KgiWjmN9YzwpBUx3+02maWIJaKKIvUZy4b7xbQ4fz 0AKMHHh8u/xoPjAIpgXEpYuXM9XILabXkex3m5fp5roBipyimto/OomSsv/CuM5g OjMLz1ZL/dPf7yGaxSD+cTfdKJStTsm89VRWuE9MfAgWdFqjH8CpM9CT4nxX1Q8s Ima2Vk7R+VbyOJksB2fygBtfqBmIjX+fwm52WxhW0B5HabfKMbPjoBKLGIcPsH36 Num/gxdQ+0eswLLUzzorq3Qm2ptxoY6t/ceRAm0HE497+1+YVAKETwTbQTaBZqlB BhDfxk85wYfi7uuKJUH5NPP6j7sXrkJvMAuPJOXcY0QLhyxb96oD6yWaYGWjOGEY Z9zphs8o57l6YW1DWjvVNbZOon05bjIrepzkq6F9Q3TzCGTRgYL5BEAlgaREIZVx rfmFZHP3xM60SIHRKPiiADXo4dg6TvDJ6h8n+L/6OTdylxUf6bxQdoO5cmBhny1T gvIdn3N1k8hWpmYDjxZd =Yi/n -----END PGP SIGNATURE----- . CVE-ID CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks Installation note: Apple TV will periodically check for software updates. CVE-ID CVE-2015-7107 Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. CVE-ID CVE-2015-7058 Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. CVE-ID CVE-2015-7048 : Apple CVE-2015-7095 : Apple CVE-2015-7096 : Apple CVE-2015-7097 : Apple CVE-2015-7098 : Apple CVE-2015-7099 : Apple CVE-2015-7100 : Apple CVE-2015-7101 : Apple CVE-2015-7102 : Apple CVE-2015-7103 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: An insufficient input validation issue existed in content blocking. CVE-ID CVE-2015-7050 : Luke Li and Jonathan Metzman Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About

Trust: 2.25

sources: NVD: CVE-2015-3807 // JVNDB: JVNDB-2015-004244 // BID: 76343 // VULHUB: VHN-81768 // PACKETSTORM: 134748 // PACKETSTORM: 134749 // PACKETSTORM: 134745

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:lteversion:8.4

Trust: 1.0

vendor:applemodel:tvosscope:lteversion:9.0

Trust: 1.0

vendor:applemodel:iphone osscope:lteversion:9.1

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.10.4

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.11.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.10 to 10.10.4 (ht205031)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.10.5 (ht205637)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.11 (ht205637)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.11.1 (ht205637)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.8.5 (ht205031)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.9.5 (ht205637/ht205031)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.4.1 (ipad 2 or later ) (ht205030)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.4.1 (iphone 4s or later ) (ht205030)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.4.1 (ipod touch first 5 after generation ) (ht205030)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.2 (ipad 2 or later ) (ht205635)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.2 (iphone 4s or later ) (ht205635)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.2 (ipod touch first 5 after generation ) (ht205635)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:9.1 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:9.1

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.11.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:8.4

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.10.4

Trust: 0.6

vendor:applemodel:tvscope:eqversion:9.0

Trust: 0.6

vendor:applemodel:keynotescope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:keynotescope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:keynotescope:eqversion:2.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.3.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:6.0.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:6.0.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:6.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.8

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.7.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.6

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.2.72

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.0.2.20

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.6

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.4

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.0

Trust: 0.3

sources: BID: 76343 // JVNDB: JVNDB-2015-004244 // CNNVD: CNNVD-201508-304 // NVD: CVE-2015-3807

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-3807
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-3807
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201508-304
value: MEDIUM

Trust: 0.6

VULHUB: VHN-81768
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-3807
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-81768
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-81768 // JVNDB: JVNDB-2015-004244 // CNNVD: CNNVD-201508-304 // NVD: CVE-2015-3807

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-81768 // JVNDB: JVNDB-2015-004244 // NVD: CVE-2015-3807

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201508-304

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201508-304

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004244

PATCH

title:Apple security updatesurl:https://support.apple.com/en-us/HT201222

Trust: 0.8

title:APPLE-SA-2015-12-08-1 iOS 9.2url:http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html

Trust: 0.8

title:APPLE-SA-2015-12-08-2 tvOS 9.1url:http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html

Trust: 0.8

title:APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008url:http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html

Trust: 0.8

title:APPLE-SA-2015-08-13-3 iOS 8.4.1url:http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html

Trust: 0.8

title:APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006url:http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

Trust: 0.8

title:HT205030url:http://support.apple.com/en-us/HT205030

Trust: 0.8

title:HT205031url:http://support.apple.com/en-us/HT205031

Trust: 0.8

title:HT205635url:https://support.apple.com/en-us/HT205635

Trust: 0.8

title:HT205637url:https://support.apple.com/en-us/HT205637

Trust: 0.8

title:HT205640url:https://support.apple.com/en-us/HT205640

Trust: 0.8

title:HT205637url:https://support.apple.com/ja-jp/HT205637

Trust: 0.8

title:HT205640url:https://support.apple.com/ja-jp/HT205640

Trust: 0.8

title:HT205030url:http://support.apple.com/ja-jp/HT205030

Trust: 0.8

title:HT205031url:http://support.apple.com/ja-jp/HT205031

Trust: 0.8

title:HT205635url:https://support.apple.com/ja-jp/HT205635

Trust: 0.8

title:osxupd10.10.5url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57197

Trust: 0.6

title:iPhone7,1_8.4.1_12H321_Restoreurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57198

Trust: 0.6

sources: JVNDB: JVNDB-2015-004244 // CNNVD: CNNVD-201508-304

EXTERNAL IDS

db:NVDid:CVE-2015-3807

Trust: 3.1

db:BIDid:76343

Trust: 2.0

db:SECTRACKid:1033275

Trust: 1.7

db:JVNid:JVNVU97526033

Trust: 0.8

db:JVNid:JVNVU94440136

Trust: 0.8

db:JVNDBid:JVNDB-2015-004244

Trust: 0.8

db:CNNVDid:CNNVD-201508-304

Trust: 0.7

db:VULHUBid:VHN-81768

Trust: 0.1

db:PACKETSTORMid:134748

Trust: 0.1

db:PACKETSTORMid:134749

Trust: 0.1

db:PACKETSTORMid:134745

Trust: 0.1

sources: VULHUB: VHN-81768 // BID: 76343 // JVNDB: JVNDB-2015-004244 // PACKETSTORM: 134748 // PACKETSTORM: 134749 // PACKETSTORM: 134745 // CNNVD: CNNVD-201508-304 // NVD: CVE-2015-3807

REFERENCES

url:http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2015/aug/msg00002.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2015/dec/msg00000.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2015/dec/msg00001.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2015/dec/msg00005.html

Trust: 1.7

url:http://www.securityfocus.com/bid/76343

Trust: 1.7

url:https://support.apple.com/ht205635

Trust: 1.7

url:https://support.apple.com/ht205637

Trust: 1.7

url:https://support.apple.com/ht205640

Trust: 1.7

url:https://support.apple.com/kb/ht205030

Trust: 1.7

url:https://support.apple.com/kb/ht205031

Trust: 1.7

url:http://www.securitytracker.com/id/1033275

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3807

Trust: 0.8

url:http://jvn.jp/vu/jvnvu94440136/index.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu97526033/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3807

Trust: 0.8

url:http://www.apple.com/ios/

Trust: 0.3

url:http://www.apple.com/ipad/

Trust: 0.3

url:http://www.apple.com/iphone/

Trust: 0.3

url:http://www.apple.com/ipodtouch/

Trust: 0.3

url:http://www.apple.com/macosx/

Trust: 0.3

url:https://support.apple.com/en-us/ht205221

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-3807

Trust: 0.3

url:https://gpgtools.org

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7047

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7046

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7043

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7058

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7053

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7042

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2895

Trust: 0.3

url:https://www.apple.com/support/security/pgp/

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7001

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7039

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7040

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7054

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7041

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7038

Trust: 0.3

url:https://support.apple.com/kb/ht201222

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7045

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7060

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7059

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7062

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7061

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7064

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7055

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7048

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7068

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7072

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7051

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7065

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7073

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7066

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7052

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7044

Trust: 0.1

url:http://www.apple.com/support/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-6908

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0876

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-5334

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7063

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-5333

Trust: 0.1

url:https://support.apple.com/en-us/ht205081

Trust: 0.1

url:https://support.apple.com/en-us/ht205639

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1148

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1147

Trust: 0.1

url:https://support.apple.com/kb/ht1222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7050

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7070

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7037

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7069

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7074

Trust: 0.1

url:https://www.linkedin.com/profile/view?id=33912591)

Trust: 0.1

url:https://www.tencent.com)

Trust: 0.1

sources: VULHUB: VHN-81768 // BID: 76343 // JVNDB: JVNDB-2015-004244 // PACKETSTORM: 134748 // PACKETSTORM: 134749 // PACKETSTORM: 134745 // CNNVD: CNNVD-201508-304 // NVD: CVE-2015-3807

CREDITS

TaiG Jailbreak Team, Mathew Rowley,Apple, John Villamil (@day6reak) from Yahoo Pentest Team, Ilja van Sprundel, Bruno Morisson of INTEGRIT S.A., Frank Graziano of the Yahoo Pentest Team, Ian Beer of Google Project Zero, Michal Zalewski, Lufeng Li of Qihoo 360

Trust: 0.6

sources: CNNVD: CNNVD-201508-304

SOURCES

db:VULHUBid:VHN-81768
db:BIDid:76343
db:JVNDBid:JVNDB-2015-004244
db:PACKETSTORMid:134748
db:PACKETSTORMid:134749
db:PACKETSTORMid:134745
db:CNNVDid:CNNVD-201508-304
db:NVDid:CVE-2015-3807

LAST UPDATE DATE

2025-04-13T21:56:01.687000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-81768date:2019-03-08T00:00:00
db:BIDid:76343date:2016-07-06T13:27:00
db:JVNDBid:JVNDB-2015-004244date:2015-12-15T00:00:00
db:CNNVDid:CNNVD-201508-304date:2019-03-13T00:00:00
db:NVDid:CVE-2015-3807date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:VULHUBid:VHN-81768date:2015-08-17T00:00:00
db:BIDid:76343date:2015-08-13T00:00:00
db:JVNDBid:JVNDB-2015-004244date:2015-08-21T00:00:00
db:PACKETSTORMid:134748date:2015-12-10T17:16:36
db:PACKETSTORMid:134749date:2015-12-10T17:18:31
db:PACKETSTORMid:134745date:2015-12-10T17:02:06
db:CNNVDid:CNNVD-201508-304date:2015-08-18T00:00:00
db:NVDid:CVE-2015-3807date:2015-08-17T00:00:22.830