Details of VAR-201510-0192

ID

VAR-201510-0192

CVE

CVE-2015-7035

TITLE

Apple OS X Used in products such as Mac EFI Vulnerability reached in unused function

Trust: 0.8

sources: JVNDB: JVNDB-2015-005539

DESCRIPTION

Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. http://cwe.mitre.org/data/definitions/17.htmlBy the attacker, " not being used " Function may be reached. of the United States for Mac computers. An attacker could use this vulnerability to perform unauthorized operations in the context of an affected system. Apple Mac EFI is one of the firmware upgrade interfaces. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 Mac EFI Security Update 2015-002 is now available and addresses the following: EFI Available for: OS X Mavericks v10.9.5 Impact: An attacker can exercise unused EFI functions Description: An issue existed with EFI argument handling. This was addressed by removing the affected functions. CVE-ID CVE-2015-7035 : Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of The MITRE Corporation, coordinated via CERT Installation note: Mac EFI Security Update 2015-002 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWJ9rpAAoJEBcWfLTuOo7tYI4QAKGoNIBxSQDwnZZU2PcR82yu KvLVgrowQqNMRzxygIK6yyxXPEAI3V+W4ZMWVBh60ZvHfB/AS9c8cUntbpgtvtKO ttO6ngmpH6bKRfCtoT99vbEowdlq4GmduCOmRBH5P4fmKbLxJGyLZIgStmMagYqa /bL8w8c+a7xbGwdsVGLQDFcLCplCGyhJxDRDRo1e8HZOdBVpxhKZ0boQYX7T8oat rS7daZIEZekwVqloI+5PHEmGeZo5C5sMTYA3qiCbyPvg2MSeVsQeY/t3YCP7iP7p eShq03cwzZ7UqVys6f1EPUMRg7fz6qOYP7n7rTrdKUJQ3+6N0ktSuKB3ApetzSzN 7BjtyEQnUYmwMAyI51jxsi+lir7pKJcG3X7Wtc4Vf6XKsySQH5LI7GES1O39SOpD bq0lavypGewF9ipMO9nrizc/OXnaUlXKACgJ43OcLuYYfnIOD+c3qaWsQPxfyBZ/ ks4AjbJRp/kt2E7RP7OhvTY116yXsDRjsf/ndd56ZktRiwrLtFG5EsbSlO2QnQ49 +ZaqU9rRW7rUUyRFwCjxSjQxDiWvYuufsLtqZCr1QlHsPG7+XztnFy4FOiEDvCzy 8tUPSVNrm4VGLRooBIoPsh8rmx1AHnKPdjFYl9CS3/lVk0pvkrctbSHekaIu6E1x fppz1h8xtXHMHIROMi76 =Hb9X -----END PGP SIGNATURE-----

Trust: 2.61

sources: NVD: CVE-2015-7035 // JVNDB: JVNDB-2015-005539 // CNNVD: CNNVD-201506-086 // BID: 74971 // VULHUB: VHN-84996 // PACKETSTORM: 134057

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.11.0	Trust: 1.0
vendor:	apple	model:	mac efi	scope:	lt	version:	2015-002	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10.5	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.9.5	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.0	Trust: 0.6

sources: JVNDB: JVNDB-2015-005539 // CNNVD: CNNVD-201510-508 // NVD: CVE-2015-7035

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7035
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-7035
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201510-508
value:	HIGH
Trust: 0.6
VULHUB:	VHN-84996
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-7035
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-84996
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-84996 // JVNDB: JVNDB-2015-005539 // CNNVD: CNNVD-201510-508 // NVD: CVE-2015-7035

PROBLEMTYPE DATA

problemtype:	CWE-17	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-84996 // JVNDB: JVNDB-2015-005539 // NVD: CVE-2015-7035

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201510-508 // CNNVD: CNNVD-201506-086

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-201510-508

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005539

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002	url:	http://lists.apple.com/archives/security-announce/2015/Oct/msg00007.html	Trust: 0.8
title:	APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007	url:	http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html	Trust: 0.8
title:	HT205375	url:	https://support.apple.com/en-us/HT205375	Trust: 0.8
title:	HT205317	url:	https://support.apple.com/en-us/HT205317	Trust: 0.8
title:	HT205375	url:	http://support.apple.com/ja-jp/HT205375	Trust: 0.8
title:	HT205317	url:	http://support.apple.com/ja-jp/HT205317	Trust: 0.8

sources: JVNDB: JVNDB-2015-005539

EXTERNAL IDS

db:	NVD	id:	CVE-2015-7035	Trust: 2.9
db:	BID	id:	74971	Trust: 2.0
db:	SECTRACK	id:	1033921	Trust: 1.1
db:	JVN	id:	JVNVU92655282	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-005539	Trust: 0.8
db:	CNNVD	id:	CNNVD-201510-508	Trust: 0.7
db:	CNNVD	id:	CNNVD-201506-086	Trust: 0.6
db:	PACKETSTORM	id:	134057	Trust: 0.2
db:	VULHUB	id:	VHN-84996	Trust: 0.1

sources: VULHUB: VHN-84996 // BID: 74971 // JVNDB: JVNDB-2015-005539 // PACKETSTORM: 134057 // CNNVD: CNNVD-201510-508 // CNNVD: CNNVD-201506-086 // NVD: CVE-2015-7035

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/oct/msg00005.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/oct/msg00007.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/74971	Trust: 1.7
url:	https://support.apple.com/ht205317	Trust: 1.7
url:	https://support.apple.com/ht205375	Trust: 1.7
url:	http://www.securitytracker.com/id/1033921	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7035	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu92655282/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7035	Trust: 0.8
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	http://support.apple.com/kb/ht1222	Trust: 0.1
url:	https://gpgtools.org	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7035	Trust: 0.1

sources: VULHUB: VHN-84996 // BID: 74971 // JVNDB: JVNDB-2015-005539 // PACKETSTORM: 134057 // CNNVD: CNNVD-201510-508 // CNNVD: CNNVD-201506-086 // NVD: CVE-2015-7035

CREDITS

Pedro Vilaca

Trust: 0.6

sources: CNNVD: CNNVD-201506-086

SOURCES

db:	VULHUB	id:	VHN-84996
db:	BID	id:	74971
db:	JVNDB	id:	JVNDB-2015-005539
db:	PACKETSTORM	id:	134057
db:	CNNVD	id:	CNNVD-201510-508
db:	CNNVD	id:	CNNVD-201506-086
db:	NVD	id:	CVE-2015-7035

LAST UPDATE DATE

2025-04-13T21:57:16.080000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-84996	date:	2016-12-24T00:00:00
db:	BID	id:	74971	date:	2015-11-03T20:08:00
db:	JVNDB	id:	JVNDB-2015-005539	date:	2015-10-26T00:00:00
db:	CNNVD	id:	CNNVD-201510-508	date:	2015-10-26T00:00:00
db:	CNNVD	id:	CNNVD-201506-086	date:	2015-06-05T00:00:00
db:	NVD	id:	CVE-2015-7035	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-84996	date:	2015-10-23T00:00:00
db:	BID	id:	74971	date:	2015-05-29T00:00:00
db:	JVNDB	id:	JVNDB-2015-005539	date:	2015-10-26T00:00:00
db:	PACKETSTORM	id:	134057	date:	2015-10-21T19:44:44
db:	CNNVD	id:	CNNVD-201510-508	date:	2015-10-26T00:00:00
db:	CNNVD	id:	CNNVD-201506-086	date:	2015-05-29T00:00:00
db:	NVD	id:	CVE-2015-7035	date:	2015-10-23T10:59:17.223