cvelistv5 - cve-2015-1116

CVE-2015-1116 (GCVE-0-2015-1116)

Vulnerability from cvelistv5 – Published: 2015-04-10 14:00 – Updated: 2024-08-06 04:33

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.securitytracker.com/id/1032050	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/73978	vdb-entryx_refsource_BID
	https://support.apple.com/HT204661	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:33:20.394Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2015-04-08-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
          },
          {
            "name": "1032050",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032050"
          },
          {
            "name": "73978",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/73978"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT204661"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-30T16:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2015-04-08-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
        },
        {
          "name": "1032050",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032050"
        },
        {
          "name": "73978",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/73978"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT204661"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2015-1116",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2015-04-08-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
            },
            {
              "name": "1032050",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032050"
            },
            {
              "name": "73978",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/73978"
            },
            {
              "name": "https://support.apple.com/HT204661",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT204661"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2015-1116",
    "datePublished": "2015-04-10T14:00:00",
    "dateReserved": "2015-01-16T00:00:00",
    "dateUpdated": "2024-08-06T04:33:20.394Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.2\", \"matchCriteriaId\": \"C0340315-35F7-4736-854B-852916D00673\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen.\"}, {\"lang\": \"es\", \"value\": \"El componente UIKit View en Apple iOS anterior a 8.3 muestra instant\\u00e1neas no borrosas de aplicaciones en Task Switcher, lo que facilita a atacantes f\\u00edsicamente pr\\u00f3ximos obtener informaci\\u00f3n sensible mediante la lectura de la pantalla del sipositivo.\"}]",
      "id": "CVE-2015-1116",
      "lastModified": "2024-11-21T02:24:42.353",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-04-10T14:59:30.887",
      "references": "[{\"url\": \"http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/73978\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://www.securitytracker.com/id/1032050\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://support.apple.com/HT204661\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/73978\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1032050\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT204661\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "product-security@apple.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-1116\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2015-04-10T14:59:30.887\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen.\"},{\"lang\":\"es\",\"value\":\"El componente UIKit View en Apple iOS anterior a 8.3 muestra instant\u00e1neas no borrosas de aplicaciones en Task Switcher, lo que facilita a atacantes f\u00edsicamente pr\u00f3ximos obtener informaci\u00f3n sensible mediante la lectura de la pantalla del sipositivo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.2\",\"matchCriteriaId\":\"C0340315-35F7-4736-854B-852916D00673\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/73978\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securitytracker.com/id/1032050\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/HT204661\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/73978\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032050\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT204661\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2015-1116

Vulnerability from fkie_nvd - Published: 2015-04-10 14:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html	Vendor Advisory
product-security@apple.com	http://www.securityfocus.com/bid/73978
product-security@apple.com	http://www.securitytracker.com/id/1032050
product-security@apple.com	https://support.apple.com/HT204661	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/73978
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032050
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT204661	Vendor Advisory

Impacted products

	Vendor	Product	Version
	apple	iphone_os	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0340315-35F7-4736-854B-852916D00673",
              "versionEndIncluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen."
    },
    {
      "lang": "es",
      "value": "El componente UIKit View en Apple iOS anterior a 8.3 muestra instant\u00e1neas no borrosas de aplicaciones en Task Switcher, lo que facilita a atacantes f\u00edsicamente pr\u00f3ximos obtener informaci\u00f3n sensible mediante la lectura de la pantalla del sipositivo."
    }
  ],
  "id": "CVE-2015-1116",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-04-10T14:59:30.887",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securityfocus.com/bid/73978"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securitytracker.com/id/1032050"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT204661"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/73978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT204661"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-JWQ9-7674-WMGG

Vulnerability from github – Published: 2022-05-17 03:10 – Updated: 2022-05-17 03:10

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-1116"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-04-10T14:59:00Z",
    "severity": "LOW"
  },
  "details": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen.",
  "id": "GHSA-jwq9-7674-wmgg",
  "modified": "2022-05-17T03:10:03Z",
  "published": "2022-05-17T03:10:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1116"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT204661"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/73978"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032050"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTFR-2015-AVI-147

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Apple iOS versions antérieures à 8.3
Apple	N/A	Apple TV versions antérieures à 7.2
Apple	N/A	Apple Xcode versions antérieures à 6.3

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT204662 du 08 avril 2015	None	vendor-advisory
Bulletin de sécurité Apple HT204661 du 08 avril 2015	None	vendor-advisory
Bulletin de sécurité Apple HT204663 du 08 avril 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple iOS versions ant\u00e9rieures \u00e0 8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple TV versions ant\u00e9rieures \u00e0 7.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Xcode versions ant\u00e9rieures \u00e0 6.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1076"
    },
    {
      "name": "CVE-2015-1126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1126"
    },
    {
      "name": "CVE-2015-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1073"
    },
    {
      "name": "CVE-2015-1095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1095"
    },
    {
      "name": "CVE-2015-1098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1098"
    },
    {
      "name": "CVE-2015-1125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1125"
    },
    {
      "name": "CVE-2015-1115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1115"
    },
    {
      "name": "CVE-2015-1084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1084"
    },
    {
      "name": "CVE-2015-1092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1092"
    },
    {
      "name": "CVE-2015-1107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1107"
    },
    {
      "name": "CVE-2015-1122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1122"
    },
    {
      "name": "CVE-2015-1117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1117"
    },
    {
      "name": "CVE-2015-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1078"
    },
    {
      "name": "CVE-2015-1096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1096"
    },
    {
      "name": "CVE-2015-1104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1104"
    },
    {
      "name": "CVE-2015-1105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1105"
    },
    {
      "name": "CVE-2015-1103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1103"
    },
    {
      "name": "CVE-2015-1106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1106"
    },
    {
      "name": "CVE-2015-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1074"
    },
    {
      "name": "CVE-2015-1070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1070"
    },
    {
      "name": "CVE-2015-1113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1113"
    },
    {
      "name": "CVE-2015-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1077"
    },
    {
      "name": "CVE-2015-1093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1093"
    },
    {
      "name": "CVE-2015-1102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1102"
    },
    {
      "name": "CVE-2015-1118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1118"
    },
    {
      "name": "CVE-2015-1085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1085"
    },
    {
      "name": "CVE-2015-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1081"
    },
    {
      "name": "CVE-2015-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1079"
    },
    {
      "name": "CVE-2015-1091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1091"
    },
    {
      "name": "CVE-2015-1068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1068"
    },
    {
      "name": "CVE-2015-1120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1120"
    },
    {
      "name": "CVE-2015-1082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1082"
    },
    {
      "name": "CVE-2015-1100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1100"
    },
    {
      "name": "CVE-2015-1097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1097"
    },
    {
      "name": "CVE-2015-1087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1087"
    },
    {
      "name": "CVE-2015-1088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1088"
    },
    {
      "name": "CVE-2015-1094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1094"
    },
    {
      "name": "CVE-2015-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1071"
    },
    {
      "name": "CVE-2015-1099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1099"
    },
    {
      "name": "CVE-2015-1072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1072"
    },
    {
      "name": "CVE-2015-1101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1101"
    },
    {
      "name": "CVE-2015-1090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1090"
    },
    {
      "name": "CVE-2015-1089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1089"
    },
    {
      "name": "CVE-2015-1080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1080"
    },
    {
      "name": "CVE-2015-1112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1112"
    },
    {
      "name": "CVE-2015-1119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1119"
    },
    {
      "name": "CVE-2015-1110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1110"
    },
    {
      "name": "CVE-2015-1111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1111"
    },
    {
      "name": "CVE-2015-1124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1124"
    },
    {
      "name": "CVE-2015-1086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1086"
    },
    {
      "name": "CVE-2015-1121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1121"
    },
    {
      "name": "CVE-2015-1108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1108"
    },
    {
      "name": "CVE-2015-1123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1123"
    },
    {
      "name": "CVE-2015-1149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1149"
    },
    {
      "name": "CVE-2015-1116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1116"
    },
    {
      "name": "CVE-2015-1083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1083"
    },
    {
      "name": "CVE-2015-1109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1109"
    },
    {
      "name": "CVE-2015-1114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1114"
    },
    {
      "name": "CVE-2015-1069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1069"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-147",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-04-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une\nex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT204662 du 08 avril 2015",
      "url": "https://support.apple.com/en-us/HT204662"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT204661 du 08 avril 2015",
      "url": "https://support.apple.com/en-us/HT204661"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT204663 du 08 avril 2015",
      "url": "https://support.apple.com/en-us/HT204663"
    }
  ]
}

CERTFR-2015-AVI-147

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Apple iOS versions antérieures à 8.3
Apple	N/A	Apple TV versions antérieures à 7.2
Apple	N/A	Apple Xcode versions antérieures à 6.3

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT204662 du 08 avril 2015	None	vendor-advisory
Bulletin de sécurité Apple HT204661 du 08 avril 2015	None	vendor-advisory
Bulletin de sécurité Apple HT204663 du 08 avril 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple iOS versions ant\u00e9rieures \u00e0 8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple TV versions ant\u00e9rieures \u00e0 7.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Xcode versions ant\u00e9rieures \u00e0 6.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1076"
    },
    {
      "name": "CVE-2015-1126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1126"
    },
    {
      "name": "CVE-2015-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1073"
    },
    {
      "name": "CVE-2015-1095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1095"
    },
    {
      "name": "CVE-2015-1098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1098"
    },
    {
      "name": "CVE-2015-1125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1125"
    },
    {
      "name": "CVE-2015-1115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1115"
    },
    {
      "name": "CVE-2015-1084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1084"
    },
    {
      "name": "CVE-2015-1092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1092"
    },
    {
      "name": "CVE-2015-1107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1107"
    },
    {
      "name": "CVE-2015-1122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1122"
    },
    {
      "name": "CVE-2015-1117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1117"
    },
    {
      "name": "CVE-2015-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1078"
    },
    {
      "name": "CVE-2015-1096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1096"
    },
    {
      "name": "CVE-2015-1104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1104"
    },
    {
      "name": "CVE-2015-1105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1105"
    },
    {
      "name": "CVE-2015-1103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1103"
    },
    {
      "name": "CVE-2015-1106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1106"
    },
    {
      "name": "CVE-2015-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1074"
    },
    {
      "name": "CVE-2015-1070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1070"
    },
    {
      "name": "CVE-2015-1113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1113"
    },
    {
      "name": "CVE-2015-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1077"
    },
    {
      "name": "CVE-2015-1093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1093"
    },
    {
      "name": "CVE-2015-1102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1102"
    },
    {
      "name": "CVE-2015-1118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1118"
    },
    {
      "name": "CVE-2015-1085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1085"
    },
    {
      "name": "CVE-2015-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1081"
    },
    {
      "name": "CVE-2015-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1079"
    },
    {
      "name": "CVE-2015-1091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1091"
    },
    {
      "name": "CVE-2015-1068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1068"
    },
    {
      "name": "CVE-2015-1120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1120"
    },
    {
      "name": "CVE-2015-1082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1082"
    },
    {
      "name": "CVE-2015-1100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1100"
    },
    {
      "name": "CVE-2015-1097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1097"
    },
    {
      "name": "CVE-2015-1087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1087"
    },
    {
      "name": "CVE-2015-1088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1088"
    },
    {
      "name": "CVE-2015-1094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1094"
    },
    {
      "name": "CVE-2015-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1071"
    },
    {
      "name": "CVE-2015-1099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1099"
    },
    {
      "name": "CVE-2015-1072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1072"
    },
    {
      "name": "CVE-2015-1101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1101"
    },
    {
      "name": "CVE-2015-1090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1090"
    },
    {
      "name": "CVE-2015-1089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1089"
    },
    {
      "name": "CVE-2015-1080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1080"
    },
    {
      "name": "CVE-2015-1112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1112"
    },
    {
      "name": "CVE-2015-1119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1119"
    },
    {
      "name": "CVE-2015-1110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1110"
    },
    {
      "name": "CVE-2015-1111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1111"
    },
    {
      "name": "CVE-2015-1124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1124"
    },
    {
      "name": "CVE-2015-1086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1086"
    },
    {
      "name": "CVE-2015-1121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1121"
    },
    {
      "name": "CVE-2015-1108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1108"
    },
    {
      "name": "CVE-2015-1123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1123"
    },
    {
      "name": "CVE-2015-1149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1149"
    },
    {
      "name": "CVE-2015-1116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1116"
    },
    {
      "name": "CVE-2015-1083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1083"
    },
    {
      "name": "CVE-2015-1109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1109"
    },
    {
      "name": "CVE-2015-1114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1114"
    },
    {
      "name": "CVE-2015-1069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1069"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-147",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-04-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une\nex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT204662 du 08 avril 2015",
      "url": "https://support.apple.com/en-us/HT204662"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT204661 du 08 avril 2015",
      "url": "https://support.apple.com/en-us/HT204661"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT204663 du 08 avril 2015",
      "url": "https://support.apple.com/en-us/HT204663"
    }
  ]
}

CNVD-2015-02308

Vulnerability from cnvd - Published: 2015-04-13

Title

Apple iOS Task Switcher敏感信息泄露漏洞

Description

Apple iOS是一款运行在苹果iPhone和iPod touch设备上的最新的操作系统。 Apple iOS UIKit存在安全漏洞。远程攻击者可利用漏洞使应用程序快照中的数据暴露到Task Switcher中，从而获取敏感信息。

Severity

低

Patch Name

Apple iOS Task Switcher敏感信息泄露漏洞的补丁

Patch Description

Apple iOS是一款运行在苹果iPhone和iPod touch设备上的最新的操作系统。 Apple iOS UIKit存在安全漏洞。远程攻击者可利用漏洞使应用程序快照中的数据暴露到Task Switcher中，从而获取敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

Apple iOS 8.3已经修复该漏洞，建议用户下载更新： https://www.apple.com

Reference

https://support.apple.com/en-us/HT204661

Impacted products

Name
['Apple iPad >=2', 'Apple iPhone >= 4s', 'Apple iPod Touch >= 5']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-1116"
    }
  },
  "description": "Apple iOS\u662f\u4e00\u6b3e\u8fd0\u884c\u5728\u82f9\u679ciPhone\u548ciPod touch\u8bbe\u5907\u4e0a\u7684\u6700\u65b0\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple iOS UIKit\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5feb\u7167\u4e2d\u7684\u6570\u636e\u66b4\u9732\u5230Task Switcher\u4e2d\uff0c\u4ece\u800c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "HP Security Voltage, Aaron Rogers of Mint.com, David Edwards of Tech4Tomorrow, David Zhang of Dropbox",
  "formalWay": "Apple iOS 8.3\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttps://www.apple.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-02308",
  "openTime": "2015-04-13",
  "patchDescription": "Apple iOS\u662f\u4e00\u6b3e\u8fd0\u884c\u5728\u82f9\u679ciPhone\u548ciPod touch\u8bbe\u5907\u4e0a\u7684\u6700\u65b0\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple iOS UIKit\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5feb\u7167\u4e2d\u7684\u6570\u636e\u66b4\u9732\u5230Task Switcher\u4e2d\uff0c\u4ece\u800c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apple iOS Task Switcher\u654f\u611f\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apple iPad \u003e=2",
      "Apple iPhone \u003e= 4s",
      "Apple iPod Touch \u003e= 5"
    ]
  },
  "referenceLink": "https://support.apple.com/en-us/HT204661",
  "serverity": "\u4f4e",
  "submitTime": "2015-04-09",
  "title": "Apple iOS Task Switcher\u654f\u611f\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

VAR-201504-0132

Vulnerability from variot - Updated: 2023-12-18 10:46

The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen. Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to gain sensitive information, perform unauthorized actions, bypass security restrictions, and perform other attacks. These issues affect iOS versions prior to 8.3. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. UIKit View is one of the lightweight, modular front-end framework components. The vulnerability is caused by the program displaying a clear snapshot of the application in the Task Switcher

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201504-0132",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "iphone os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.3   (ipad 2 or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.3   (iphone 4s or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.3   (ipod touch first  5 after generation )"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "73978"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1116"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-1116"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "TaiG Jailbreak Team, Jarrod Dwenger, Steve Favorito, Paul Reedy of ConocoPhillips, Pedro Tavares of Molecular Biophysics at UCIBIO/FCT/UNL, De Paul Sunny, Christian Still of Evolve Media, Canada, Brent Erickson, Stuart Ryan of University of Technology, Syd",
    "sources": [
      {
        "db": "BID",
        "id": "73978"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-1116",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 2.1,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2015-1116",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-79076",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-1116",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201504-141",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-79076",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1116"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen. Apple iOS is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to gain sensitive information, perform unauthorized actions, bypass security restrictions, and perform other attacks. \nThese issues affect iOS versions prior to 8.3. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. UIKit View is one of the lightweight, modular front-end framework components. The vulnerability is caused by the program displaying a clear snapshot of the application in the Task Switcher",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-1116"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "db": "BID",
        "id": "73978"
      },
      {
        "db": "VULHUB",
        "id": "VHN-79076"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-1116",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "73978",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1032050",
        "trust": 1.1
      },
      {
        "db": "JVN",
        "id": "JVNVU91828320",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-141",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-79076",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79076"
      },
      {
        "db": "BID",
        "id": "73978"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1116"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ]
  },
  "id": "VAR-201504-0132",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79076"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T10:46:48.715000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APPLE-SA-2015-04-08-3 iOS 8.3",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00002.html"
      },
      {
        "title": "HT204661",
        "trust": 0.8,
        "url": "http://support.apple.com/en-us/ht204661"
      },
      {
        "title": "HT204661",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/ht204661"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1116"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00002.html"
      },
      {
        "trust": 1.7,
        "url": "https://support.apple.com/ht204661"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/73978"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1032050"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1116"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu91828320/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1116"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ios/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ipad/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/iphone/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ipodtouch/"
      },
      {
        "trust": 0.3,
        "url": "https://support.apple.com/en-us/ht204661"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79076"
      },
      {
        "db": "BID",
        "id": "73978"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1116"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-79076"
      },
      {
        "db": "BID",
        "id": "73978"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1116"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-04-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-79076"
      },
      {
        "date": "2015-04-08T00:00:00",
        "db": "BID",
        "id": "73978"
      },
      {
        "date": "2015-04-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "date": "2015-04-10T14:59:30.887000",
        "db": "NVD",
        "id": "CVE-2015-1116"
      },
      {
        "date": "2015-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-01-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-79076"
      },
      {
        "date": "2015-05-07T17:36:00",
        "db": "BID",
        "id": "73978"
      },
      {
        "date": "2015-04-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      },
      {
        "date": "2017-01-03T02:59:45.380000",
        "db": "NVD",
        "id": "CVE-2015-1116"
      },
      {
        "date": "2015-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple iOS of  UIKit View Vulnerabilities that can capture important information in components",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002152"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-141"
      }
    ],
    "trust": 0.6
  }
}

GSD-2015-1116

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-1116

Aliases

CVE-2015-1116

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-1116",
    "description": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen.",
    "id": "GSD-2015-1116"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-1116"
      ],
      "details": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen.",
      "id": "GSD-2015-1116",
      "modified": "2023-12-13T01:20:04.912808Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2015-1116",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "APPLE-SA-2015-04-08-3",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
          },
          {
            "name": "1032050",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1032050"
          },
          {
            "name": "73978",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/73978"
          },
          {
            "name": "https://support.apple.com/HT204661",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT204661"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2015-1116"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2015-04-08-3",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
            },
            {
              "name": "https://support.apple.com/HT204661",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT204661"
            },
            {
              "name": "1032050",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1032050"
            },
            {
              "name": "73978",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/73978"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-01-03T02:59Z",
      "publishedDate": "2015-04-10T14:59Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-1116 (GCVE-0-2015-1116)

FKIE_CVE-2015-1116

GHSA-JWQ9-7674-WMGG

CERTFR-2015-AVI-147

Solution

CERTFR-2015-AVI-147

Solution

CNVD-2015-02308

VAR-201504-0132

GSD-2015-1116

Tags

Sightings

Nomenclature