|
272051
|
- |
|
apple
|
mac_os_x
|
Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.
|
CWE-77
Command Injection
|
CVE-2015-3716
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272052
|
- |
|
apple
|
mac_os_x
|
The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrict…
|
CWE-254
7PK - Security Features
|
CVE-2015-3715
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272053
|
- |
|
apple
|
mac_os_x
|
Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app.
|
CWE-254
7PK - Security Features
|
CVE-2015-3714
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272054
|
- |
|
apple
|
mac_os_x
quicktime
|
QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted movie file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3713
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272055
|
- |
|
apple
|
mac_os_x
|
The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3712
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272056
|
- |
|
apple
|
mac_os_x
|
The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
|
CWE-200
Information Exposure
|
CVE-2015-3711
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272057
|
- |
|
apple
|
iphone_os
mac_os_x
|
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
|
CWE-254
7PK - Security Features
|
CVE-2015-3710
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272058
|
- |
|
apple
|
mac_os_x
|
Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation.
|
CWE-362
Race Condition
|
CVE-2015-3709
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272059
|
- |
|
apple
|
mac_os_x
|
kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack.
|
NVD-CWE-Other
|
CVE-2015-3708
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272060
|
- |
|
apple
|
mac_os_x
|
The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a c…
|
NVD-CWE-Other
|
CVE-2015-3707
|
2024-11-21 11:29 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
