Details of VAR-201510-0172

ID

VAR-201510-0172

CVE

CVE-2015-7009

TITLE

Apple iOS and OS X of FontParser Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2015-005560

DESCRIPTION

FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7010, and CVE-2015-7018. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions, overwrite arbitrary files and cause denial-of-service conditions. in the United States. FontParser is a font parsing component

Trust: 1.98

sources: NVD: CVE-2015-7009 // JVNDB: JVNDB-2015-005560 // BID: 77263 // VULHUB: VHN-84970

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.11.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	9.0.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10.5	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.9.5	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.1 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.1 (iphone 4s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.1 (ipod touch first 5 after generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	9.0.2	Trust: 0.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.0	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3

sources: BID: 77263 // JVNDB: JVNDB-2015-005560 // CNNVD: CNNVD-201510-550 // NVD: CVE-2015-7009

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7009
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-7009
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201510-550
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-84970
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-7009
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-84970
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-84970 // JVNDB: JVNDB-2015-005560 // CNNVD: CNNVD-201510-550 // NVD: CVE-2015-7009

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-84970 // JVNDB: JVNDB-2015-005560 // NVD: CVE-2015-7009

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201510-550

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201510-550

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005560

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007	url:	http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html	Trust: 0.8
title:	APPLE-SA-2015-10-21-1 iOS 9.1	url:	http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html	Trust: 0.8
title:	HT205370	url:	https://support.apple.com/en-us/HT205370	Trust: 0.8
title:	HT205375	url:	https://support.apple.com/en-us/HT205375	Trust: 0.8
title:	HT205370	url:	http://support.apple.com/ja-jp/HT205370	Trust: 0.8
title:	HT205375	url:	http://support.apple.com/ja-jp/HT205375	Trust: 0.8

sources: JVNDB: JVNDB-2015-005560

EXTERNAL IDS

db:	NVD	id:	CVE-2015-7009	Trust: 2.8
db:	BID	id:	77263	Trust: 1.4
db:	SECTRACK	id:	1033929	Trust: 1.1
db:	JVN	id:	JVNVU92655282	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-005560	Trust: 0.8
db:	CNNVD	id:	CNNVD-201510-550	Trust: 0.7
db:	VULHUB	id:	VHN-84970	Trust: 0.1

sources: VULHUB: VHN-84970 // BID: 77263 // JVNDB: JVNDB-2015-005560 // CNNVD: CNNVD-201510-550 // NVD: CVE-2015-7009

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/oct/msg00002.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/oct/msg00005.html	Trust: 1.7
url:	https://support.apple.com/ht205370	Trust: 1.7
url:	https://support.apple.com/ht205375	Trust: 1.7
url:	http://www.securityfocus.com/bid/77263	Trust: 1.1
url:	http://www.securitytracker.com/id/1033929	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7009	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu92655282/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7009	Trust: 0.8
url:	http://www.apple.com/ios/	Trust: 0.3
url:	http://www.apple.com/ipad/	Trust: 0.3
url:	http://www.apple.com/iphone/	Trust: 0.3
url:	http://www.apple.com/ipodtouch/	Trust: 0.3

sources: VULHUB: VHN-84970 // BID: 77263 // JVNDB: JVNDB-2015-005560 // CNNVD: CNNVD-201510-550 // NVD: CVE-2015-7009

CREDITS

Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of Tsinghua University, Jian Jiang of University of California, Berkeley, Haixin Duan of Tsinghua University and International Computer Science Institute, Shuo Chen of Microsoft Research Redmond, Tao Wan of Hu

Trust: 0.3

sources: BID: 77263

SOURCES

db:	VULHUB	id:	VHN-84970
db:	BID	id:	77263
db:	JVNDB	id:	JVNDB-2015-005560
db:	CNNVD	id:	CNNVD-201510-550
db:	NVD	id:	CVE-2015-7009

LAST UPDATE DATE

2025-04-13T20:51:20.060000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-84970	date:	2016-12-24T00:00:00
db:	BID	id:	77263	date:	2016-01-12T02:01:00
db:	JVNDB	id:	JVNDB-2015-005560	date:	2015-10-27T00:00:00
db:	CNNVD	id:	CNNVD-201510-550	date:	2015-10-26T00:00:00
db:	NVD	id:	CVE-2015-7009	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-84970	date:	2015-10-23T00:00:00
db:	BID	id:	77263	date:	2015-10-21T00:00:00
db:	JVNDB	id:	JVNDB-2015-005560	date:	2015-10-27T00:00:00
db:	CNNVD	id:	CNNVD-201510-550	date:	2015-10-26T00:00:00
db:	NVD	id:	CVE-2015-7009	date:	2015-10-23T21:59:43.923