Details of VAR-201512-0115

ID

VAR-201512-0115

CVE

CVE-2015-7081

TITLE

Apple iOS and Apple OS X of iBooks Vulnerable to reading arbitrary files

Trust: 0.8

sources: JVNDB: JVNDB-2015-006322

DESCRIPTION

iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. This case XML External entity (XXE) Vulnerability related to the problem. A security-bypass vulnerability 2. An information-disclosure vulnerability 3. A memory-corruption vulnerability An attacker can leverage these issues to obtain sensitive information, execute arbitrary code, bypass security restrictions. Failed exploit attempts will likely result in denial-of-service conditions. in the United States. The former is an operating system developed for mobile devices; the latter is a dedicated operating system developed for Mac computers. iBooks is one of the e-book reading components

Trust: 1.98

sources: NVD: CVE-2015-7081 // JVNDB: JVNDB-2015-006322 // BID: 78730 // VULHUB: VHN-85042

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.1	Trust: 1.4
vendor:	apple	model:	mac os x	scope:	lte	version:	10.11.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	9.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (iphone 4s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (ipod touch first 5 after generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	9.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.11.2	Trust: 0.3
vendor:	apple	model:	mac os security update	scope:	ne	version:	x2015	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	9.2	Trust: 0.3

sources: BID: 78730 // JVNDB: JVNDB-2015-006322 // CNNVD: CNNVD-201512-369 // NVD: CVE-2015-7081

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7081
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-7081
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201512-369
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-85042
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-7081
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-85042
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-85042 // JVNDB: JVNDB-2015-006322 // CNNVD: CNNVD-201512-369 // NVD: CVE-2015-7081

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2015-006322 // NVD: CVE-2015-7081

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-369

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201512-369

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-006322

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html	Trust: 0.8
title:	APPLE-SA-2015-12-08-1 iOS 9.2	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html	Trust: 0.8
title:	HT205635	url:	https://support.apple.com/en-us/HT205635	Trust: 0.8
title:	HT205637	url:	https://support.apple.com/en-us/HT205637	Trust: 0.8
title:	HT205635	url:	http://support.apple.com/ja-jp/HT205635	Trust: 0.8
title:	HT205637	url:	http://support.apple.com/ja-jp/HT205637	Trust: 0.8
title:	Apple iOS and OS X iBooks Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59187	Trust: 0.6

sources: JVNDB: JVNDB-2015-006322 // CNNVD: CNNVD-201512-369

EXTERNAL IDS

db:	NVD	id:	CVE-2015-7081	Trust: 2.8
db:	SECTRACK	id:	1034344	Trust: 1.1
db:	JVN	id:	JVNVU97526033	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-006322	Trust: 0.8
db:	CNNVD	id:	CNNVD-201512-369	Trust: 0.7
db:	BID	id:	78730	Trust: 0.3
db:	VULHUB	id:	VHN-85042	Trust: 0.1

sources: VULHUB: VHN-85042 // BID: 78730 // JVNDB: JVNDB-2015-006322 // CNNVD: CNNVD-201512-369 // NVD: CVE-2015-7081

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00000.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00005.html	Trust: 1.7
url:	https://support.apple.com/ht205635	Trust: 1.7
url:	https://support.apple.com/ht205637	Trust: 1.7
url:	http://www.securitytracker.com/id/1034344	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7081	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu97526033/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7081	Trust: 0.8
url:	http://www.apple.com/ios/	Trust: 0.3
url:	https://www.apple.com/osx/	Trust: 0.3
url:	http://www.apple.com/ipad/	Trust: 0.3
url:	http://www.apple.com/iphone/	Trust: 0.3
url:	http://www.apple.com/ipodtouch/	Trust: 0.3

sources: VULHUB: VHN-85042 // BID: 78730 // JVNDB: JVNDB-2015-006322 // CNNVD: CNNVD-201512-369 // NVD: CVE-2015-7081

CREDITS

Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea) and Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard)

Trust: 0.3

sources: BID: 78730

SOURCES

db:	VULHUB	id:	VHN-85042
db:	BID	id:	78730
db:	JVNDB	id:	JVNDB-2015-006322
db:	CNNVD	id:	CNNVD-201512-369
db:	NVD	id:	CVE-2015-7081

LAST UPDATE DATE

2025-04-13T20:05:53.121000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-85042	date:	2017-09-13T00:00:00
db:	BID	id:	78730	date:	2015-12-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-006322	date:	2015-12-15T00:00:00
db:	CNNVD	id:	CNNVD-201512-369	date:	2015-12-14T00:00:00
db:	NVD	id:	CVE-2015-7081	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-85042	date:	2015-12-11T00:00:00
db:	BID	id:	78730	date:	2015-12-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-006322	date:	2015-12-15T00:00:00
db:	CNNVD	id:	CNNVD-201512-369	date:	2015-12-14T00:00:00
db:	NVD	id:	CVE-2015-7081	date:	2015-12-11T11:59:46.580