Lucene search
HistoryAug 16, 2015 - 11:59 p.m.
CVE-2015-3774
dictionary
apple os x
cve-2015-3774
https
man-in-the-middle
nvd
4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
7.9 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
29.3%
The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.
Affected configurations
Node
applemac_os_xRange≤10.10.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:mac_os_x | apple mac os x | le | 10.10.4 |
Related
prion
prion
Design/Logic Flaw
2015-08-16 23:59:00
nvd
nvd
CVE-2015-3774
2015-08-16 23:59:47
cvelist
cvelist
CVE-2015-3774
2015-08-16 23:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-03 (Oct 2015)
2015-10-29 00:00:00
securityvulns
securityvulns
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
2015-08-17 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2015-08-17 00:00:00
nessus
nessus
Mac OS X < 10.10.5 Multiple Vulnerabilities
2015-10-16 00:00:00
Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities
2015-08-17 00:00:00
4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
7.9 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
29.3%
Related for CVE-2015-3774