var-201512-0156
Vulnerability from variot
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. Apple Xcode is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2015-12-08-6 Xcode 7.2
Xcode 7.2 is now available and addresses the following:
Git Available for: OS X Yosemite v10.10.5 or later Impact: Multiple vulnerabilities existed in Git Description: Multiple vulnerabilities existed in Git versions prior to 2.5.4. These were addressed by updating Git to version 2.5.4. CVE-ID CVE-2015-7082
IDE SCM Available for: OS X Yosemite v10.10.5 or later Impact: Intentionally untracked files may be uploaded to repositories Description: Xcode did not honor the .gitignore directive. This issue was addressed by adding support to honor .gitignore file. CVE-ID CVE-2015-7056 : Stephen Lardieri
otools Available for: OS X Yosemite v10.10.5 or later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of mach-o files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team CVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team
Installation note:
Xcode 7.2 may be obtained from: https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
- The version after applying this update will be "7.2".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau FNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4 Ofg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t 6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h 1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT rnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr HCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu PQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI gPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O pPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi 5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH ObtqW74YB0YXaiw1ckGl =FxUB -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0156", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "xcode", "scope": "lte", "trust": 1.0, "vendor": "apple", "version": "7.1.1" }, { "model": "xcode", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "7.2 (os x yosemite v10.10.5 or later )" }, { "model": "xcode", "scope": "eq", "trust": 0.6, "vendor": "apple", "version": "7.1.1" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.5.3" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.5.2" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.5.1" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.5" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.2.1" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.2" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.1.4" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.1.3" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.1" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.0.5" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.0.4" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "2.0" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.9.5" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.9.4" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.9" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.8.56" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.7.2" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.6.3.2" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.66" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.65" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.66" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.65" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.6.4" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.6.3" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.6" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.56" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.55" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.5" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.47" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.46" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.5.24" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.1.5" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.1.4" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.8.5.5" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.8.5.0" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.8.1.4" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.8.1.3" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.8" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.7.3.4" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.7.3.3" }, { "model": "git", "scope": "eq", "trust": 0.3, "vendor": "git", "version": "1.4.4.5" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "6.0.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.4.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "7.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "7.0" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "6.3" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "6.2" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "6.0" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.4" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.3" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.2" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.5" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.4" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.3" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.2" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.4" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.3" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.2" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.0" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.3" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.1" }, { "model": "xcode", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.11.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.10.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.11" }, { "model": "git", "scope": "ne", "trust": 0.3, "vendor": "git", "version": "2.5.4" }, { "model": "xcode", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "7.2" } ], "sources": [ { "db": "BID", "id": "78727" }, { "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "db": "NVD", "id": "CVE-2015-7057" }, { "db": "CNNVD", "id": "CNNVD-201512-346" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.1.1", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2015-7057" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Stephen Lardieri and Proteas of Qihoo 360 Nirvan Team", "sources": [ { "db": "BID", "id": "78727" } ], "trust": 0.3 }, "cve": "CVE-2015-7057", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 4.6, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2015-7057", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-85018", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2015-7057", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201512-346", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-85018", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2015-7057", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-85018" }, { "db": "VULMON", "id": "CVE-2015-7057" }, { "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "db": "NVD", "id": "CVE-2015-7057" }, { "db": "CNNVD", "id": "CNNVD-201512-346" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. Apple Xcode is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2015-12-08-6 Xcode 7.2\n\nXcode 7.2 is now available and addresses the following:\n\nGit\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Multiple vulnerabilities existed in Git\nDescription: Multiple vulnerabilities existed in Git versions prior\nto 2.5.4. These were addressed by updating Git to version 2.5.4. \nCVE-ID\nCVE-2015-7082\n\nIDE SCM\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Intentionally untracked files may be uploaded to\nrepositories\nDescription: Xcode did not honor the .gitignore directive. This\nissue was addressed by adding support to honor .gitignore file. \nCVE-ID\nCVE-2015-7056 : Stephen Lardieri\n\notools\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nprocessing of mach-o files. These issues were addressed through\nimproved memory handling. \nCVE-ID\nCVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team\nCVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team\n\nInstallation note:\n\nXcode 7.2 may be obtained from:\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"7.2\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau\nFNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4\nOfg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t\n6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h\n1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT\nrnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr\nHCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu\nPQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI\ngPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O\npPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi\n5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH\nObtqW74YB0YXaiw1ckGl\n=FxUB\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2015-7057" }, { "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "db": "BID", "id": "78727" }, { "db": "VULHUB", "id": "VHN-85018" }, { "db": "VULMON", "id": "CVE-2015-7057" }, { "db": "PACKETSTORM", "id": "134747" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2015-7057", "trust": 3.0 }, { "db": "SECTRACK", "id": "1034340", "trust": 1.2 }, { "db": "JVN", "id": "JVNVU97526033", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2015-006363", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201512-346", "trust": 0.7 }, { "db": "BID", "id": "78727", "trust": 0.4 }, { "db": "VULHUB", "id": "VHN-85018", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2015-7057", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "134747", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-85018" }, { "db": "VULMON", "id": "CVE-2015-7057" }, { "db": "BID", "id": "78727" }, { "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "db": "PACKETSTORM", "id": "134747" }, { "db": "NVD", "id": "CVE-2015-7057" }, { "db": "CNNVD", "id": "CNNVD-201512-346" } ] }, "id": "VAR-201512-0156", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-85018" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:40:51.243000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Apple security updates", "trust": 0.8, "url": "https://support.apple.com/en-us/ht201222" }, { "title": "APPLE-SA-2015-12-08-6 Xcode 7.2", "trust": 0.8, "url": "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html" }, { "title": "HT205642", "trust": 0.8, "url": "https://support.apple.com/en-us/ht205642" }, { "title": "HT205642", "trust": 0.8, "url": "http://support.apple.com/ja-jp/ht205642" }, { "title": "Apple Xcode otools Buffer Overflow Vulnerability Fix", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59164" }, { "title": "Apple: Xcode 7.2", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=b0f396ef6a900924a1f83c1172e037b6" } ], "sources": [ { "db": "VULMON", "id": "CVE-2015-7057" }, { "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "db": "CNNVD", "id": "CNNVD-201512-346" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-85018" }, { "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "db": "NVD", "id": "CVE-2015-7057" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html" }, { "trust": 1.8, "url": "https://support.apple.com/ht205642" }, { "trust": 1.2, "url": "http://www.securitytracker.com/id/1034340" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7057" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu97526033/" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7057" }, { "trust": 0.3, "url": "http://git.or.cz/" }, { "trust": 0.3, "url": "http://www.apple.com/macosx/" }, { "trust": 0.3, "url": "https://developer.apple.com/xcode/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/119.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://support.apple.com/kb/ht205642" }, { "trust": 0.1, "url": "https://www.securityfocus.com/bid/78727" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7057" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7082" }, { "trust": 0.1, "url": "https://support.apple.com/kb/ht201222" }, { "trust": 0.1, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.1, "url": "https://gpgtools.org" }, { "trust": 0.1, "url": "https://developer.apple.com/xcode/downloads/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7049" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7056" } ], "sources": [ { "db": "VULHUB", "id": "VHN-85018" }, { "db": "VULMON", "id": "CVE-2015-7057" }, { "db": "BID", "id": "78727" }, { "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "db": "PACKETSTORM", "id": "134747" }, { "db": "NVD", "id": "CVE-2015-7057" }, { "db": "CNNVD", "id": "CNNVD-201512-346" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-85018" }, { "db": "VULMON", "id": "CVE-2015-7057" }, { "db": "BID", "id": "78727" }, { "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "db": "PACKETSTORM", "id": "134747" }, { "db": "NVD", "id": "CVE-2015-7057" }, { "db": "CNNVD", "id": "CNNVD-201512-346" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2015-12-11T00:00:00", "db": "VULHUB", "id": "VHN-85018" }, { "date": "2015-12-11T00:00:00", "db": "VULMON", "id": "CVE-2015-7057" }, { "date": "2015-12-08T00:00:00", "db": "BID", "id": "78727" }, { "date": "2015-12-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "date": "2015-12-10T17:11:47", "db": "PACKETSTORM", "id": "134747" }, { "date": "2015-12-11T11:59:23.117000", "db": "NVD", "id": "CVE-2015-7057" }, { "date": "2015-12-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201512-346" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-12-07T00:00:00", "db": "VULHUB", "id": "VHN-85018" }, { "date": "2016-12-07T00:00:00", "db": "VULMON", "id": "CVE-2015-7057" }, { "date": "2015-12-08T00:00:00", "db": "BID", "id": "78727" }, { "date": "2015-12-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-006363" }, { "date": "2016-12-07T18:22:22.417000", "db": "NVD", "id": "CVE-2015-7057" }, { "date": "2015-12-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201512-346" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201512-346" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apple Xcode of otools Vulnerability gained in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-006363" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer overflow", "sources": [ { "db": "CNNVD", "id": "CNNVD-201512-346" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.