Lucene search
HistoryAug 17, 2015 - 12:01 a.m.
CVE-2015-5784
cve-2015-5784
apple os x
privilege escalation
install.framework
10.10.5
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
67.8%
runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
Affected configurations
Node
applemac_os_xRange≤10.10.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:mac_os_x | apple mac os x | le | 10.10.4 |
Related
prion
prion
Design/Logic Flaw
2015-08-17 00:01:00
cvelist
cvelist
CVE-2015-5784
2015-08-16 23:00:00
zdt
zdt
nvd
nvd
CVE-2015-5784
2015-08-17 00:01:12
googleprojectzero
googleprojectzero
Revisiting Apple IPC: (1) Distributed Objects
2015-09-28 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-03 (Oct 2015)
2015-10-29 00:00:00
securityvulns
securityvulns
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
2015-08-17 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2015-08-17 00:00:00
nessus
nessus
Mac OS X < 10.10.5 Multiple Vulnerabilities
2015-10-16 00:00:00
Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities
2015-08-17 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
67.8%
Related for CVE-2015-5784