Lucene search

[email protected]CVE-2015-1097

HistoryApr 10, 2015 - 2:59 p.m.

CVE-2015-1097

2015-04-1014:59:13

CWE-200

[email protected]

web.nvd.nist.gov

cve-2015-1097

apple

ios

apple tv

security vulnerability

sensitive information

kernel memory

crafted app

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

4.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.9%

JSON

IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

Affected configurations

NVD

Node

appleiphone_osRange≤8.2

Node

appletvosRange≤7.1

CPENameOperatorVersion
apple:iphone_osapple iphone osle8.2

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	le	8.2

References

lists.apple.com/archives/security-announce/2015/Apr/msg00002.html

lists.apple.com/archives/security-announce/2015/Apr/msg00003.html

www.securityfocus.com/bid/73983

www.securitytracker.com/id/1032050

support.apple.com/HT204661

support.apple.com/HT204662

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

4.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.9%

JSON

Related for CVE-2015-1097

prion1 cvelist1 nvd1 securityvulns4 nessus1