VAR-201507-0443
Vulnerability from variot - Updated: 2023-12-18 10:52Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-3682. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of data fork font suitcase files. The issue lies in the parsing of the 'FOND' table. An attacker can leverage this vulnerability to execute code under the context of the current user. Apple Mac OS X is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201507-0443",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.3"
},
{
"model": "os x",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.10.3"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.4"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "quicktime",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"db": "BID",
"id": "75493"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"db": "NVD",
"id": "CVE-2015-3680"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.10.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3680"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pawel Wylecial",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-284"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3680",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-3680",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-81641",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-3680",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2015-3680",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-041",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81641",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-3680",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"db": "VULHUB",
"id": "VHN-81641"
},
{
"db": "VULMON",
"id": "CVE-2015-3680"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"db": "NVD",
"id": "CVE-2015-3680"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-3682. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of data fork font suitcase files. The issue lies in the parsing of the \u0027FOND\u0027 table. An attacker can leverage this vulnerability to execute code under the context of the current user. Apple Mac OS X is prone to multiple security vulnerabilities. \nThe update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. \nAttackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. \nThese issues affect OS X prior to 10.10.4",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3680"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"db": "BID",
"id": "75493"
},
{
"db": "VULHUB",
"id": "VHN-81641"
},
{
"db": "VULMON",
"id": "CVE-2015-3680"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3680",
"trust": 3.6
},
{
"db": "BID",
"id": "75493",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1032760",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2781",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-284",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201507-041",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81641",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3680",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"db": "VULHUB",
"id": "VHN-81641"
},
{
"db": "VULMON",
"id": "CVE-2015-3680"
},
{
"db": "BID",
"id": "75493"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"db": "NVD",
"id": "CVE-2015-3680"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
]
},
"id": "VAR-201507-0443",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81641"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:52:12.799000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html"
},
{
"title": "HT204942",
"trust": 0.8,
"url": "http://support.apple.com/en-us/ht204942"
},
{
"title": "HT204942",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/ht204942"
},
{
"title": "Apple has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://support.apple.com/kb/ht201222"
},
{
"title": "quicktime7.7.7_installer",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=56517"
},
{
"title": "osxupd10.10.4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=56516"
},
{
"title": "iPhone7,1_8.4_12H143_Restore",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=56515"
},
{
"title": "Apple: OS X Yosemite v10.10.4 and Security Update 2015-005",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=50398602701d671602946005c7864211"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"db": "VULMON",
"id": "CVE-2015-3680"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81641"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"db": "NVD",
"id": "CVE-2015-3680"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://support.apple.com/kb/ht204942"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/75493"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032760"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3680"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3680"
},
{
"trust": 0.7,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/apple-osx-adminframework-cve-2015-3718"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39581"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"db": "VULHUB",
"id": "VHN-81641"
},
{
"db": "VULMON",
"id": "CVE-2015-3680"
},
{
"db": "BID",
"id": "75493"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"db": "NVD",
"id": "CVE-2015-3680"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"db": "VULHUB",
"id": "VHN-81641"
},
{
"db": "VULMON",
"id": "CVE-2015-3680"
},
{
"db": "BID",
"id": "75493"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"db": "NVD",
"id": "CVE-2015-3680"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-01T00:00:00",
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"date": "2015-07-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81641"
},
{
"date": "2015-07-03T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3680"
},
{
"date": "2015-06-30T00:00:00",
"db": "BID",
"id": "75493"
},
{
"date": "2015-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"date": "2015-07-03T01:59:36.150000",
"db": "NVD",
"id": "CVE-2015-3680"
},
{
"date": "2015-07-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-01T00:00:00",
"db": "ZDI",
"id": "ZDI-15-284"
},
{
"date": "2017-09-22T00:00:00",
"db": "VULHUB",
"id": "VHN-81641"
},
{
"date": "2017-09-22T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3680"
},
{
"date": "2015-07-15T00:57:00",
"db": "BID",
"id": "75493"
},
{
"date": "2015-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003379"
},
{
"date": "2017-09-22T01:29:13.217000",
"db": "NVD",
"id": "CVE-2015-3680"
},
{
"date": "2015-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple OS X of Apple Type Services Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003379"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-041"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…