ID CVE-2015-5791 Type cve Reporter NVD Modified 2016-12-21T22:00:06
Description
WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
{"title": "CVE-2015-5791", "reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 6.8}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310805989", "OPENVAS:1361412562310806063"]}, {"type": "nessus", "idList": ["MACOSX_SAFARI9_0.NASL", "ITUNES_12_3_0_BANNER.NASL", "ITUNES_12_3_0.NASL", "MACOSX_10_11.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32519", "SECURITYVULNS:VULN:14698", "SECURITYVULNS:VULN:14700", "SECURITYVULNS:DOC:32517", "SECURITYVULNS:DOC:32514", "SECURITYVULNS:VULN:14696"]}, {"type": "kaspersky", "idList": ["KLA10669"]}], "modified": "2017-04-18T15:57:40"}, "vulnersScore": 6.8}, "published": "2015-09-18T06:59:10", "cvelist": ["CVE-2015-5791"], "viewCount": 9, "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5791", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "fdc96af1daa4014ef8b572d579bd6815", "key": "cpe"}, {"hash": "b884a4b0f52bc37ed65db273407ed7ad", "key": "cvelist"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "a5129dce1fb2b31bcab4018a5040c3bd", "key": "description"}, {"hash": "ed35cc2741941d4e5de24133712fd0b4", "key": "href"}, {"hash": "d8c036d552ea849c4cc455aea02d5ec1", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "7484733d15969b5dae51f49e3539c124", "key": "published"}, {"hash": "05b92e251164e97a13ad632e8791baba", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "748f911aa3589f249ed0daa2eaa0054b", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2015-09-18T06:59:10", "cvelist": ["CVE-2015-5791"], "title": "CVE-2015-5791", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5791", "bulletinFamily": "NVD", "id": "CVE-2015-5791", "history": [], "scanner": [], "cpe": ["cpe:/a:apple:itunes:12.2", "cpe:/a:apple:safari:8.0.8", "cpe:/o:apple:iphone_os:8.4.1"], "modified": "2015-10-20T12:16:51", "hash": "d046a8dca881b071d34680c8458d5d24145b595a3ef6566d2a67792bb87c7183", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "viewCount": 0, "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "references": ["https://support.apple.com/HT205221", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html", "https://support.apple.com/HT205212", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html", "https://support.apple.com/HT205265"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "fdc96af1daa4014ef8b572d579bd6815", "key": "cpe"}, {"hash": "748f911aa3589f249ed0daa2eaa0054b", "key": "title"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "b884a4b0f52bc37ed65db273407ed7ad", "key": "cvelist"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "a5129dce1fb2b31bcab4018a5040c3bd", "key": "description"}, {"hash": "ed35cc2741941d4e5de24133712fd0b4", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "14d646cbfc358b3e416dd95fc9249a61", "key": "modified"}, {"hash": "7484733d15969b5dae51f49e3539c124", "key": "published"}, {"hash": "a42e4c038c8309149cac4248f1fa18ad", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}], "lastseen": "2016-09-03T22:57:20", "description": "WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3."}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T22:57:20"}], "scanner": [], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "modified": "2016-12-21T22:00:06", "hash": "baf61c305630bf2e243b30c314ac513396f14f9814d28f688ae0cf7d3d966930", "cpe": ["cpe:/a:apple:itunes:12.2", "cpe:/a:apple:safari:8.0.8", "cpe:/o:apple:iphone_os:8.4.1"], "edition": 2, "description": "WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.", "references": ["https://support.apple.com/HT205221", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html", "http://www.securitytracker.com/id/1033609", "http://www.securityfocus.com/bid/76763", "https://support.apple.com/HT205212", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html", "https://support.apple.com/HT205265"], "id": "CVE-2015-5791", "lastseen": "2017-04-18T15:57:40", "assessment": {"name": "", "href": "", "system": ""}}
{"openvas": [{"lastseen": "2018-11-19T13:01:08", "bulletinFamily": "scanner", "description": "This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.", "modified": "2018-11-16T00:00:00", "published": "2015-10-13T00:00:00", "id": "OPENVAS:1361412562310805989", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805989", "title": "Apple Safari Multiple Vulnerabilities-01 Oct15 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_mult_vuln_oct15_macosx.nasl 12391 2018-11-16 16:12:15Z cfischer $\n#\n# Apple Safari Multiple Vulnerabilities-01 Oct15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805989\");\n script_version(\"$Revision: 12391 $\");\n script_cve_id(\"CVE-2015-5764\", \"CVE-2015-5765\", \"CVE-2015-5767\", \"CVE-2015-5780\",\n \"CVE-2015-5788\", \"CVE-2015-5789\", \"CVE-2015-5790\", \"CVE-2015-5791\",\n \"CVE-2015-5792\", \"CVE-2015-5793\", \"CVE-2015-5794\", \"CVE-2015-5795\",\n \"CVE-2015-5796\", \"CVE-2015-5797\", \"CVE-2015-5798\", \"CVE-2015-5799\",\n \"CVE-2015-5800\", \"CVE-2015-5801\", \"CVE-2015-5802\", \"CVE-2015-5803\",\n \"CVE-2015-5804\", \"CVE-2015-5805\", \"CVE-2015-5806\", \"CVE-2015-5807\",\n \"CVE-2015-5808\", \"CVE-2015-5809\", \"CVE-2015-5810\", \"CVE-2015-5811\",\n \"CVE-2015-5812\", \"CVE-2015-5813\", \"CVE-2015-5814\", \"CVE-2015-5815\",\n \"CVE-2015-5816\", \"CVE-2015-5817\", \"CVE-2015-5818\", \"CVE-2015-5819\",\n \"CVE-2015-5821\", \"CVE-2015-5822\", \"CVE-2015-5823\", \"CVE-2015-3801\",\n \"CVE-2015-5825\", \"CVE-2015-5820\", \"CVE-2015-5826\", \"CVE-2015-5827\",\n \"CVE-2015-5828\");\n script_bugtraq_id(76764, 76766, 76763, 76765);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 17:12:15 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 13:40:06 +0530 (Tue, 13 Oct 2015)\");\n script_name(\"Apple Safari Multiple Vulnerabilities-01 Oct15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists as,\n\n - Multiple user interface inconsistencies exists which can allow a malicious\n website to display an arbitrary URL.\n\n - A validated, user-installed Safari extension could be replaced on disk\n without prompting the user.\n\n - A race condition existed in validation of image origins.\n\n - Multiple memory corruption issues existed in WebKit.\n\n - WebKit would accept multiple cookies to be set in the 'document.cookie' API.\n\n - WebKit's Performance API could have allowed a malicious website to leak\n browsing history, network activity, and mouse movements by measuring time.\n\n - An issue existed in handling of tel://, facetime://, and facetime-audio:// URLs.\n\n - Safari allowed cross-origin stylesheets to be loaded with non-CSS MIME types\n which could be used for cross-origin data exfiltration.\n\n - An object leak issue broke the isolation boundary between origins.\n\n - The Safari plugins API did not communicate to plugins that a server-side\n redirect had happened.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct spoofing attacks, replace genuine extensions, bypass security\n restrictions, conduct denial-of-service attack, arbitrary code execution, gain\n access to sensitive information or url redirection.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 9.0\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 9.0 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT205265\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://www.apple.com/support\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"9.0\"))\n{\n report = 'Installed version: ' + safVer + '\\n' +\n 'Fixed version: ' + \"9.0\" + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:38:27", "bulletinFamily": "scanner", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2015-10-01T00:00:00", "id": "OPENVAS:1361412562310806063", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806063", "title": "Apple iTunes Multiple Vulnerabilities Sep15 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_itunes_mult_vuln_sep15.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Apple iTunes Multiple Vulnerabilities Sep15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806063\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-1157\", \"CVE-2015-3686\", \"CVE-2015-3687\", \"CVE-2015-3688\",\n \"CVE-2015-5755\", \"CVE-2015-5761\", \"CVE-2015-5874\", \"CVE-2014-8146\",\n \"CVE-2015-1205\", \"CVE-2010-3190\", \"CVE-2015-1152\", \"CVE-2015-1153\",\n \"CVE-2015-3730\", \"CVE-2015-3731\", \"CVE-2015-3733\", \"CVE-2015-3734\",\n \"CVE-2015-3735\", \"CVE-2015-3736\", \"CVE-2015-3737\", \"CVE-2015-3738\",\n \"CVE-2015-3739\", \"CVE-2015-3740\", \"CVE-2015-3741\", \"CVE-2015-3742\",\n \"CVE-2015-3743\", \"CVE-2015-3744\", \"CVE-2015-3745\", \"CVE-2015-3746\",\n \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-5823\", \"CVE-2015-5920\",\n \"CVE-2015-3749\", \"CVE-2015-5789\", \"CVE-2015-5790\", \"CVE-2015-5791\",\n \"CVE-2015-5792\", \"CVE-2015-5793\", \"CVE-2015-5794\", \"CVE-2015-5795\",\n \"CVE-2015-5796\", \"CVE-2015-5797\", \"CVE-2015-5798\", \"CVE-2015-5799\",\n \"CVE-2015-5800\", \"CVE-2015-5801\", \"CVE-2015-5802\", \"CVE-2015-5803\",\n \"CVE-2015-5804\", \"CVE-2015-5805\", \"CVE-2015-5806\", \"CVE-2015-5807\",\n \"CVE-2015-5808\", \"CVE-2015-5809\", \"CVE-2015-5810\", \"CVE-2015-5811\",\n \"CVE-2015-5812\", \"CVE-2015-5813\", \"CVE-2015-5814\", \"CVE-2015-5815\",\n \"CVE-2015-5816\", \"CVE-2015-5817\", \"CVE-2015-5818\", \"CVE-2015-5819\",\n \"CVE-2015-5821\", \"CVE-2015-5822\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 10:34:38 +0530 (Thu, 01 Oct 2015)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities Sep15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple memory corruption issues in the processing of unicode strings.\n\n - Multiple memory corruption issues in the processing of text files.\n\n - A security issue in Microsoft Foundation Class's handling of library loading.\n\n - Multiple memory corruption issues in WebKit.\n\n - A redirection issue in the handling of certain network connections.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attacker to obtain encrypted SMB credentials, to cause unexpected application\n termination or arbitrary code execution, .\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.3 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.3 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT201222\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n script_xref(name:\"URL\", value:\"http://www.apple.com/itunes\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ituneVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\n## Check for Apple iTunes vulnerable versions\nif(version_is_less(version:ituneVer, test_version:\"12.3\"))\n{\n report = 'Installed version: ' + ituneVer + '\\n' +\n 'Fixed version: 12.3 \\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:25:09", "bulletinFamily": "scanner", "description": "The version of Apple Safari installed on the remote Mac OS X host is prior to 9.0. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins", "modified": "2018-07-14T00:00:00", "id": "MACOSX_SAFARI9_0.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86252", "published": "2015-10-02T00:00:00", "title": "Mac OS X : Apple Safari < 9.0 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86252);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2015-3801\",\n \"CVE-2015-5764\",\n \"CVE-2015-5765\",\n \"CVE-2015-5767\",\n \"CVE-2015-5780\",\n \"CVE-2015-5788\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5820\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5825\",\n \"CVE-2015-5826\",\n \"CVE-2015-5827\",\n \"CVE-2015-5828\"\n );\n script_bugtraq_id(76764);\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-30-2\");\n\n script_name(english:\"Mac OS X : Apple Safari < 9.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a web browser installed is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nprior to 9.0. It is, therefore, affected by multiple vulnerabilities\nin the following components :\n\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205265\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari version 9.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.(9|10|11)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.9 / 10.10 / 10.11\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"9.0\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:25:17", "bulletinFamily": "scanner", "description": "The version of Apple iTunes running on the remote host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the WebKit, CoreText, and ICU components, and in the bundled version of the Microsoft Visual Studio C++ Redistributable Package. An attacker can exploit these vulnerabilities to cause a denial of service, execute arbitrary code, or gain access to encrypted SMB credentials.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-07-12T00:00:00", "id": "ITUNES_12_3_0_BANNER.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86601", "published": "2015-10-26T00:00:00", "title": "Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86601);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2010-3190\",\n \"CVE-2014-8146\",\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1157\",\n \"CVE-2015-1205\",\n \"CVE-2015-3686\",\n \"CVE-2015-3687\",\n \"CVE-2015-3688\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-5755\",\n \"CVE-2015-5761\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5874\",\n \"CVE-2015-5920\"\n );\n script_bugtraq_id(\n 42811,\n 72288,\n 74457,\n 74523,\n 74525,\n 75491,\n 76338,\n 76343,\n 76763,\n 76764,\n 76765,\n 76766\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-16-3\");\n script_xref(name:\"IAVB\", value:\"2011-B-0046\");\n\n script_name(english:\"Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote host is prior to\n12.3. It is, therefore, affected by multiple vulnerabilities in the\nWebKit, CoreText, and ICU components, and in the bundled version of\nthe Microsoft Visual Studio C++ Redistributable Package. An attacker\ncan exploit these vulnerabilities to cause a denial of service,\nexecute arbitrary code, or gain access to encrypted SMB credentials.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205221\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb0bd3a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"12.3.0.44\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:25:04", "bulletinFamily": "scanner", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the bundled versions of WebKit, CoreText, the Microsoft Visual Studio C++ Redistributable Package, and ICU.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-07-12T00:00:00", "id": "ITUNES_12_3_0.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86001", "published": "2015-09-18T00:00:00", "title": "Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86001);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/12 19:01:17\");\n\n script_cve_id(\n \"CVE-2010-3190\",\n \"CVE-2014-8146\",\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1157\",\n \"CVE-2015-1205\",\n \"CVE-2015-3686\",\n \"CVE-2015-3687\",\n \"CVE-2015-3688\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-5755\",\n \"CVE-2015-5761\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5874\",\n \"CVE-2015-5920\"\n );\n script_bugtraq_id(\n 42811,\n 72288,\n 74457,\n 74523,\n 74525,\n 75491,\n 76338,\n 76343,\n 76763,\n 76764,\n 76765,\n 76766\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-16-3\");\n script_xref(name:\"IAVB\", value:\"2011-B-0046\");\n\n script_name(english:\"Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.3. It is, therefore, affected by multiple vulnerabilities\nin the bundled versions of WebKit, CoreText, the Microsoft Visual\nStudio C++ Redistributable Package, and ICU.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205221\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb0bd3a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_id = 'iTunes Version';\ninstall = get_single_install(app_name:app_id, exit_if_unknown_ver:TRUE);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nfixed_version = \"12.3.0.44\";\nif (ver_compare(ver:version, fix:fixed_version) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:25:09", "bulletinFamily": "scanner", "description": "The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Address Book\n - AirScan\n - apache_mod_php\n - Apple Online Store Kit\n - AppleEvents\n - Audio\n - bash\n - Certificate Trust Policy\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork HTTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CoreCrypto\n - CoreText\n - Dev Tools\n - Disk Images\n - dyld\n - EFI\n - Finder\n - Game Center\n - Heimdal\n - ICU\n - Install Framework Legacy\n - Intel Graphics Driver\n - IOAudioFamily\n - IOGraphics\n - IOHIDFamily\n - IOStorageFamily\n - Kernel\n - libc\n - libpthread\n - libxpc\n - Login Window\n - lukemftpd\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - Notes\n - OpenSSH\n - OpenSSL\n - procmail\n - remote_cmds\n - removefile\n - Ruby\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - Security\n - SMB\n - SQLite\n - Telephony\n - Terminal\n - tidy\n - Time Machine\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "modified": "2018-07-14T00:00:00", "id": "MACOSX_10_11.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86270", "published": "2015-10-05T00:00:00", "title": "Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86270);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2013-3951\",\n \"CVE-2014-2532\",\n \"CVE-2014-3618\",\n \"CVE-2014-6277\",\n \"CVE-2014-7186\",\n \"CVE-2014-7187\",\n \"CVE-2014-8080\",\n \"CVE-2014-8090\",\n \"CVE-2014-8146\",\n \"CVE-2014-8147\",\n \"CVE-2014-8611\",\n \"CVE-2014-9425\",\n \"CVE-2014-9427\",\n \"CVE-2014-9652\",\n \"CVE-2014-9705\",\n \"CVE-2014-9709\",\n \"CVE-2015-0231\",\n \"CVE-2015-0232\",\n \"CVE-2015-0235\",\n \"CVE-2015-0273\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-1351\",\n \"CVE-2015-1352\",\n \"CVE-2015-1855\",\n \"CVE-2015-2301\",\n \"CVE-2015-2305\",\n \"CVE-2015-2331\",\n \"CVE-2015-2348\",\n \"CVE-2015-2783\",\n \"CVE-2015-2787\",\n \"CVE-2015-3329\",\n \"CVE-2015-3330\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3785\",\n \"CVE-2015-3801\",\n \"CVE-2015-5522\",\n \"CVE-2015-5523\",\n \"CVE-2015-5764\",\n \"CVE-2015-5765\",\n \"CVE-2015-5767\",\n \"CVE-2015-5780\",\n \"CVE-2015-5788\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5820\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5824\",\n \"CVE-2015-5825\",\n \"CVE-2015-5826\",\n \"CVE-2015-5827\",\n \"CVE-2015-5828\",\n \"CVE-2015-5830\",\n \"CVE-2015-5831\",\n \"CVE-2015-5833\",\n \"CVE-2015-5836\",\n \"CVE-2015-5839\",\n \"CVE-2015-5840\",\n \"CVE-2015-5841\",\n \"CVE-2015-5842\",\n \"CVE-2015-5847\",\n \"CVE-2015-5849\",\n \"CVE-2015-5851\",\n \"CVE-2015-5853\",\n \"CVE-2015-5854\",\n \"CVE-2015-5855\",\n \"CVE-2015-5858\",\n \"CVE-2015-5860\",\n \"CVE-2015-5862\",\n \"CVE-2015-5863\",\n \"CVE-2015-5864\",\n \"CVE-2015-5865\",\n \"CVE-2015-5866\",\n \"CVE-2015-5867\",\n \"CVE-2015-5868\",\n \"CVE-2015-5869\",\n \"CVE-2015-5870\",\n \"CVE-2015-5871\",\n \"CVE-2015-5872\",\n \"CVE-2015-5873\",\n \"CVE-2015-5874\",\n \"CVE-2015-5875\",\n \"CVE-2015-5876\",\n \"CVE-2015-5877\",\n \"CVE-2015-5878\",\n \"CVE-2015-5879\",\n \"CVE-2015-5881\",\n \"CVE-2015-5882\",\n \"CVE-2015-5883\",\n \"CVE-2015-5884\",\n \"CVE-2015-5885\",\n \"CVE-2015-5887\",\n \"CVE-2015-5888\",\n \"CVE-2015-5889\",\n \"CVE-2015-5890\",\n \"CVE-2015-5891\",\n \"CVE-2015-5893\",\n \"CVE-2015-5894\",\n \"CVE-2015-5896\",\n \"CVE-2015-5897\",\n \"CVE-2015-5899\",\n \"CVE-2015-5900\",\n \"CVE-2015-5901\",\n \"CVE-2015-5902\",\n \"CVE-2015-5903\",\n \"CVE-2015-5912\",\n \"CVE-2015-5913\",\n \"CVE-2015-5914\",\n \"CVE-2015-5915\",\n \"CVE-2015-5917\",\n \"CVE-2015-5922\"\n );\n script_bugtraq_id(\n 60440,\n 66355,\n 69573,\n 70152,\n 70154,\n 70165,\n 70935,\n 71230,\n 71621,\n 71800,\n 71833,\n 71929,\n 71932,\n 72325,\n 72505,\n 72539,\n 72541,\n 72611,\n 72701,\n 73031,\n 73037,\n 73182,\n 73225,\n 73227,\n 73306,\n 73431,\n 73434,\n 74204,\n 74228,\n 74239,\n 74240,\n 74446,\n 74457,\n 75037,\n 76763,\n 76764,\n 76765,\n 76766\n );\n script_xref(name:\"CERT\", value:\"967332\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-30-3\");\n\n script_name(english:\"Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)\");\n script_summary(english:\"Checks the version of Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.6.8 or\nlater but prior to 10.11. It is, therefore, affected by multiple\nvulnerabilities in the following components :\n\n - Address Book\n - AirScan\n - apache_mod_php\n - Apple Online Store Kit\n - AppleEvents\n - Audio\n - bash\n - Certificate Trust Policy\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork HTTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CoreCrypto\n - CoreText\n - Dev Tools\n - Disk Images\n - dyld\n - EFI\n - Finder\n - Game Center\n - Heimdal\n - ICU\n - Install Framework Legacy\n - Intel Graphics Driver\n - IOAudioFamily\n - IOGraphics\n - IOHIDFamily\n - IOStorageFamily\n - Kernel\n - libc\n - libpthread\n - libxpc\n - Login Window\n - lukemftpd\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - Notes\n - OpenSSH\n - OpenSSL\n - procmail\n - remote_cmds\n - removefile\n - Ruby\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - Security\n - SMB\n - SQLite\n - Telephony\n - Terminal\n - tidy\n - Time Machine\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205267\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76b3b492\");\n # https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7a6ddbd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nmatch = eregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(match)) exit(1, \"Failed to parse the Mac OS X version ('\" + os + \"').\");\n\nversion = match[1];\nif (\n version !~ \"^10\\.6\\.([89]|[1-9][0-9]+)\" &&\n version !~ \"^10\\.([7-9]|10)\\.\"\n) audit(AUDIT_OS_NOT, \"Mac OS X 10.6.8 or later\", \"Mac OS X \"+version);\n\nfixed_version = \"10.11\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected since it is running Mac OS X \"+version+\".\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:11:01", "bulletinFamily": "software", "description": "\r\n\r\nAPPLE-SA-2015-09-30-2 Safari 9\r\n\r\nSafari 9 is now available and addresses the following:\r\n\r\nSafari\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Multiple user interface inconsistencies may have\r\nallowed a malicious website to display an arbitrary URL. These issues\r\nwere addressed through improved URL display logic.\r\nCVE-ID\r\nCVE-2015-5764 : Antonio Sanso (@asanso) of Adobe\r\nCVE-2015-5765 : Ron Masas\r\nCVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa\r\n\r\nSafari Downloads\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: LaunchServices' quarantine history may reveal browsing\r\nhistory\r\nDescription: Access to LaunchServices' quarantine history may have\r\nrevealed browsing history based on file downloads. This issue was\r\naddressed through improved deletion of quarantine history.\r\n\r\nSafari Extensions\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Local communication between Safari extensions and companion\r\napps may be compromised\r\nDescription: The local communication between Safari extensions such\r\nas password managers and their native companion apps could be\r\ncomprised by another native app. This issue was addressed through a\r\nnew, authenticated communications channel between Safari extensions\r\nand companion apps.\r\n\r\nSafari Extensions\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Safari extensions may be replaced on disk\r\nDescription: A validated, user-installed Safari extension could be\r\nreplaced on disk without prompting the user. This issue was addressed\r\nby improved validation of extensions.\r\nCVE-ID\r\nCVE-2015-5780 : Ben Toms of macmule.com\r\n\r\nSafari Safe Browsing\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Navigating to the IP address of a known malicious website\r\nmay not trigger a security warning\r\nDescription: Safari's Safe Browsing feature did not warn users when\r\nvisiting known malicious websites by their IP addresses. The issue\r\nwas addressed through improved malicious site detection.\r\nRahul M (@rahulmfg) of TagsDock\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Partially loaded images may exfiltrate data across origins\r\nDescription: A race condition existed in validation of image\r\norigins. This issue was addressed by improved validation of resource\r\norigins.\r\nCVE-ID\r\nCVE-2015-5788 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5789 : Apple\r\nCVE-2015-5790 : Apple\r\nCVE-2015-5791 : Apple\r\nCVE-2015-5792 : Apple\r\nCVE-2015-5793 : Apple\r\nCVE-2015-5794 : Apple\r\nCVE-2015-5795 : Apple\r\nCVE-2015-5796 : Apple\r\nCVE-2015-5797 : Apple\r\nCVE-2015-5798 : Apple\r\nCVE-2015-5799 : Apple\r\nCVE-2015-5800 : Apple\r\nCVE-2015-5801 : Apple\r\nCVE-2015-5802 : Apple\r\nCVE-2015-5803 : Apple\r\nCVE-2015-5804 : Apple\r\nCVE-2015-5805\r\nCVE-2015-5806 : Apple\r\nCVE-2015-5807 : Apple\r\nCVE-2015-5808 : Joe Vennix\r\nCVE-2015-5809 : Apple\r\nCVE-2015-5810 : Apple\r\nCVE-2015-5811 : Apple\r\nCVE-2015-5812 : Apple\r\nCVE-2015-5813 : Apple\r\nCVE-2015-5814 : Apple\r\nCVE-2015-5815 : Apple\r\nCVE-2015-5816 : Apple\r\nCVE-2015-5817 : Apple\r\nCVE-2015-5818 : Apple\r\nCVE-2015-5819 : Apple\r\nCVE-2015-5821 : Apple\r\nCVE-2015-5822 : Mark S. Miller of Google\r\nCVE-2015-5823 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: An attacker may be able to create unintended cookies for a\r\nwebsite\r\nDescription: WebKit would accept multiple cookies to be set in the\r\ndocument.cookie API. This issue was addressed through improved\r\nparsing.\r\nCVE-ID\r\nCVE-2015-3801 : Erling Ellingsen of Facebook\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: The Performance API may allow a malicious website to leak\r\nbrowsing history, network activity, and mouse movements\r\nDescription: WebKit's Performance API could have allowed a malicious\r\nwebsite to leak browsing history, network activity, and mouse\r\nmovements by measuring time. This issue was addressed by limiting\r\ntime resolution.\r\nCVE-ID\r\nCVE-2015-5825 : Yossi Oren et al. of Columbia University's Network\r\nSecurity Lab\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Visiting a malicious website may lead to unintended dialing\r\nDescription: An issue existed in handling of tel://, facetime://,\r\nand facetime-audio:// URLs. This issue was addressed through improved\r\nURL handling.\r\nCVE-ID\r\nCVE-2015-5820 : Guillaume Ross, Andrei Neculaesei\r\n\r\nWebKit CSS\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: A malicious website may exfiltrate data cross-origin\r\nDescription: Safari allowed cross-origin stylesheets to be loaded\r\nwith non-CSS MIME types which could be used for cross-origin data\r\nexfiltration. This issue was addressed by limiting MIME types for\r\ncross-origin stylesheets.\r\nCVE-ID\r\nCVE-2015-5826 : filedescriptior, Chris Evans\r\n\r\nWebKit JavaScript Bindings\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Object references may be leaked between isolated origins on\r\ncustom events, message events and pop state events\r\nDescription: An object leak issue broke the isolation boundary\r\nbetween origins. This issue was addressed through improved isolation\r\nbetween origins.\r\nCVE-ID\r\nCVE-2015-5827 : Gildas\r\n\r\nWebKit Page Loading\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: WebSockets may bypass mixed content policy enforcement\r\nDescription: An insufficient policy enforcement issue allowed\r\nWebSockets to load mixed content. This issue was addressed by\r\nextending mixed content policy enforcement to WebSockets.\r\nKevin G Jones of Higher Logic\r\n\r\nWebKit Plug-ins\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Safari plugins may send an HTTP request without knowing the\r\nrequest was redirected\r\nDescription: The Safari plugins API did not communicate to plugins\r\nthat a server-side redirect had happened. This could lead to\r\nunauthorized requests. This issue was addressed through improved API\r\nsupport.\r\nCVE-ID\r\nCVE-2015-5828 : Lorenzo Fontana\r\n\r\nSafari 9 may be obtained from the Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "modified": "2015-10-05T00:00:00", "published": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32519", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32519", "title": "APPLE-SA-2015-09-30-2 Safari 9", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "description": "Multiple memory corruptions, DLL injections, multiple WebKit vulnerabilities, information disclosure.", "modified": "2015-10-25T00:00:00", "published": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14698", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14698", "title": "Apple iTunes multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "description": "Information spoofing, information disclosure, restriction bypass, race conditions, memory corruptions.", "modified": "2015-10-25T00:00:00", "published": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14700", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14700", "title": "Apple Safari / Webkit multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:01", "bulletinFamily": "software", "description": "\r\n\r\nAPPLE-SA-2015-09-16-3 iTunes 12.3\r\n\r\niTunes 12.3 is now available and addresses the following:\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Applications that use CoreText may be vulnerable to\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of text files. These issues were addressed through\r\nimproved memory handling.\r\nCVE-ID\r\nCVE-2015-1157 : Apple\r\nCVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Applications that use ICU may be vulnerable to unexpected\r\napplication termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of unicode strings. These issues were addressed by\r\nupdating ICU to version 55.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2015-1205\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Opening a media file may lead to arbitrary code execution\r\nDescription: A security issue existed in Microsoft Foundation\r\nClass's handling of library loading. This issue was addressed by\r\nupdating to the latest version of the Microsoft Visual C++\r\nRedistributable Package.\r\nCVE-ID\r\nCVE-2010-3190 : Stefan Kanthak\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may result in unexpected application termination or\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1152 : Apple\r\nCVE-2015-1153 : Apple\r\nCVE-2015-3730 : Apple\r\nCVE-2015-3731 : Apple\r\nCVE-2015-3733 : Apple\r\nCVE-2015-3734 : Apple\r\nCVE-2015-3735 : Apple\r\nCVE-2015-3736 : Apple\r\nCVE-2015-3737 : Apple\r\nCVE-2015-3738 : Apple\r\nCVE-2015-3739 : Apple\r\nCVE-2015-3740 : Apple\r\nCVE-2015-3741 : Apple\r\nCVE-2015-3742 : Apple\r\nCVE-2015-3743 : Apple\r\nCVE-2015-3744 : Apple\r\nCVE-2015-3745 : Apple\r\nCVE-2015-3746 : Apple\r\nCVE-2015-3747 : Apple\r\nCVE-2015-3748 : Apple\r\nCVE-2015-3749 : Apple\r\nCVE-2015-5789 : Apple\r\nCVE-2015-5790 : Apple\r\nCVE-2015-5791 : Apple\r\nCVE-2015-5792 : Apple\r\nCVE-2015-5793 : Apple\r\nCVE-2015-5794 : Apple\r\nCVE-2015-5795 : Apple\r\nCVE-2015-5796 : Apple\r\nCVE-2015-5797 : Apple\r\nCVE-2015-5798 : Apple\r\nCVE-2015-5799 : Apple\r\nCVE-2015-5800 : Apple\r\nCVE-2015-5801 : Apple\r\nCVE-2015-5802 : Apple\r\nCVE-2015-5803 : Apple\r\nCVE-2015-5804 : Apple\r\nCVE-2015-5805\r\nCVE-2015-5806 : Apple\r\nCVE-2015-5807 : Apple\r\nCVE-2015-5808 : Joe Vennix\r\nCVE-2015-5809 : Apple\r\nCVE-2015-5810 : Apple\r\nCVE-2015-5811 : Apple\r\nCVE-2015-5812 : Apple\r\nCVE-2015-5813 : Apple\r\nCVE-2015-5814 : Apple\r\nCVE-2015-5815 : Apple\r\nCVE-2015-5816 : Apple\r\nCVE-2015-5817 : Apple\r\nCVE-2015-5818 : Apple\r\nCVE-2015-5819 : Apple\r\nCVE-2015-5821 : Apple\r\nCVE-2015-5822 : Mark S. Miller of Google\r\nCVE-2015-5823 : Apple\r\n\r\nSoftware Update\r\nImpact: An attacker in a privileged network position may be able to\r\nobtain encrypted SMB credentials\r\nDescription: A redirection issue existed in the handling of certain\r\nnetwork connections. This issue was addressed through improved\r\nresource validation.\r\nCVE-ID\r\nCVE-2015-5920 : Cylance\r\n\r\n\r\niTunes 12.3 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nYou may also update to the latest version of iTunes via Apple\r\nSoftware Update, which can be found in the Start menu.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "modified": "2015-10-05T00:00:00", "published": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32517", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32517", "title": "APPLE-SA-2015-09-16-3 iTunes 12.3", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:01", "bulletinFamily": "software", "description": "\r\n\r\nAPPLE-SA-2015-09-16-1 iOS 9\r\n\r\niOS 9 is now available and addresses the following:\r\n\r\nApple Pay\r\nAvailable for: iPhone 6, iPad mini 3, and iPad Air 2\r\nImpact: Some cards may allow a terminal to retrieve limited recent\r\ntransaction information when making a payment\r\nDescription: The transaction log functionality was enabled in\r\ncertain configurations. This issue was addressed by removing the\r\ntransaction log functionality.\r\nCVE-ID\r\nCVE-2015-5916\r\n\r\nAppleKeyStore\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to reset failed passcode\r\nattempts with an iOS backup\r\nDescription: An issue existed in resetting failed passcode attempts\r\nwith a backup of the iOS device. This was addressed through improved\r\npasscode failure logic.\r\nCVE-ID\r\nCVE-2015-5850 : an anonymous researcher\r\n\r\nApplication Store\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Clicking a malicious ITMS link may lead to a denial of\r\nservice in an enterprise-signed application\r\nDescription: An issue existed with installation through ITMS links.\r\nThis was addressed through additional installation verification.\r\nCVE-ID\r\nCVE-2015-5856 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\r\nFireEye, Inc.\r\n\r\nAudio\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Playing a malicious audio file may lead to an unexpected\r\napplication termination\r\nDescription: A memory corruption issue existed in the handling of\r\naudio files. This issue issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\r\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\r\n\r\nCertificate Trust Policy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT204132.\r\n\r\nCFNetwork\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device may read\r\ncache data from Apple apps\r\nDescription: Cache data was encrypted with a key protected only by\r\nthe hardware UID. This issue was addressed by encrypting the cache\r\ndata with a key protected by the hardware UID and the user's\r\npasscode.\r\nCVE-ID\r\nCVE-2015-5898 : Andreas Kurtz of NESO Security Labs\r\n\r\nCFNetwork Cookies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position can track a\r\nuser's activity\r\nDescription: A cross-domain cookie issue existed in the handling of\r\ntop level domains. The issue was address through improved\r\nrestrictions of cookie creation.\r\nCVE-ID\r\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork Cookies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to create unintended cookies for a\r\nwebsite\r\nDescription: WebKit would accept multiple cookies to be set in the\r\ndocument.cookie API. This issue was addressed through improved\r\nparsing.\r\nCVE-ID\r\nCVE-2015-3801 : Erling Ellingsen of Facebook\r\n\r\nCFNetwork FTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Malicious FTP servers may be able to cause the client to\r\nperform reconnaissance on other hosts\r\nDescription: An issue existed in FTP packet handling if clients were\r\nusing an FTP proxy.\r\nCVE-ID\r\nCVE-2015-5912 : Amit Klein\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A maliciously crafted URL may be able to bypass HTTP Strict\r\nTransport Security (HSTS) and leak sensitive data\r\nDescription: A URL parsing vulnerability existed in HSTS handling.\r\nThis issue was addressed through improved URL parsing.\r\nCVE-ID\r\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website may be able to track users in Safari\r\nprivate browsing mode\r\nDescription: An issue existed in the handling of HSTS state in\r\nSafari private browsing mode. This issue was addressed through\r\nimproved state handling.\r\nCVE-ID\r\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\r\n\r\nCFNetwork Proxies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Connecting to a malicious web proxy may set malicious\r\ncookies for a website\r\nDescription: An issue existed in the handling of proxy connect\r\nresponses. This issue was addressed by removing the set-cookie header\r\nwhile parsing the connect response.\r\nCVE-ID\r\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork SSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may intercept\r\nSSL/TLS connections\r\nDescription: A certificate validation issue existed in NSURL when a\r\ncertificate changed. This issue was addressed through improved\r\ncertificate validation.\r\nCVE-ID\r\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\r\n\r\nCFNetwork SSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of RC4.\r\nAn attacker could force the use of RC4, even if the server preferred\r\nbetter ciphers, by blocking TLS 1.0 and higher connections until\r\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\r\naddressed by removing the fallback to SSL 3.0.\r\n\r\nCoreAnimation\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to leak sensitive user\r\ninformation\r\nDescription: Applications could access the screen framebuffer while\r\nthey were in the background. This issue was addressed with improved\r\naccess control on IOSurfaces.\r\nCVE-ID\r\nCVE-2015-5880 : Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin\r\nGao, Yingjiu Li of School of Information Systems Singapore Management\r\nUniversity, Feng Bao and Jianying Zhou of Cryptography and Security\r\nDepartment Institute for Infocomm Research\r\n\r\nCoreCrypto\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to determine a private key\r\nDescription: By observing many signing or decryption attempts, an\r\nattacker may have been able to determine the RSA private key. This\r\nissue was addressed using improved encryption algorithms.\r\n\r\nCoreText\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nData Detectors Engine\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted text file may lead to\r\narbitrary code execution\r\nDescription: Memory corruption issues existed in the processing of\r\ntext files. These issues were addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)\r\n\r\nDev Tools\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in dyld. This was\r\naddressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5876 : beist of grayhash\r\n\r\ndyld\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An application may be able to bypass code signing\r\nDescription: An issue existed with validation of the code signature\r\nof executables. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team\r\n\r\nDisk Images\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in DiskImages. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\r\n\r\nGame Center\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious Game Center application may be able to access a\r\nplayer's email address\r\nDescription: An issue existed in Game Center in the handling of a\r\nplayer's email. This issue was addressed through improved access\r\nrestrictions.\r\nCVE-ID\r\nCVE-2015-5855 : Nasser Alnasser\r\n\r\nICU\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in ICU\r\nDescription: Multiple vulnerabilities existed in ICU versions prior\r\nto 53.1.0. These issues were addressed by updating ICU to version\r\n55.1.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2015-1205\r\n\r\nIOAcceleratorFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed that led to the disclosure of kernel\r\nmemory content. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team\r\n\r\nIOAcceleratorFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOAcceleratorFamily. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5848 : Filippo Bigarella\r\n\r\nIOHIDFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in IOHIDFamily. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5867 : moony li of Trend Micro\r\n\r\nIOKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5844 : Filippo Bigarella\r\nCVE-2015-5845 : Filippo Bigarella\r\nCVE-2015-5846 : Filippo Bigarella\r\n\r\nIOMobileFrameBuffer\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOMobileFrameBuffer. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5843 : Filippo Bigarella\r\n\r\nIOStorageFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to read kernel memory\r\nDescription: A memory initialization issue existed in the kernel.\r\nThis issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5863 : Ilja van Sprundel of IOActive\r\n\r\niTunes Store\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: AppleID credentials may persist in the keychain after sign\r\nout\r\nDescription: An issue existed in keychain deletion. This issue was\r\naddressed through improved account cleanup.\r\nCVE-ID\r\nCVE-2015-5832 : Kasif Dekel from Check Point Software Technologies\r\n\r\nJavaScriptCore\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Memory corruption issues existed in WebKit. These\r\nissues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5791 : Apple\r\nCVE-2015-5793 : Apple\r\nCVE-2015-5814 : Apple\r\nCVE-2015-5816 : Apple\r\nCVE-2015-5822 : Mark S. Miller of Google\r\nCVE-2015-5823 : Apple\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\r\nCVE-2015-5896 : Maxime Villard of m00nbsd\r\nCVE-2015-5903 : CESG\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may control the value of stack cookies\r\nDescription: Multiple weaknesses existed in the generation of user\r\nspace stack cookies. This was addressed through improved generation\r\nof stack cookies.\r\nCVE-ID\r\nCVE-2013-3951 : Stefan Esser\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local process can modify other processes without\r\nentitlement checks\r\nDescription: An issue existed where root processes using the\r\nprocessor_set_tasks API were allowed to retrieve the task ports of\r\nother processes. This issue was addressed through added entitlement\r\nchecks.\r\nCVE-ID\r\nCVE-2015-5882 : Pedro Vilaca, working from original research by Ming-\r\nchieh Pan and Sung-ting Tsai; Jonathan Levin\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to launch denial of service attacks\r\non targeted TCP connections without knowing the correct sequence\r\nnumber\r\nDescription: An issue existed in xnu's validation of TCP packet\r\nheaders. This issues was addressed through improved TCP packet header\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5879 : Jonathan Looney\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a local LAN segment may disable IPv6 routing\r\nDescription: An insufficient validation issue existed in handling of\r\nIPv6 router advertisements that allowed an attacker to set the hop\r\nlimit to an arbitrary value. This issue was addressed by enforcing a\r\nminimum hop limit.\r\nCVE-ID\r\nCVE-2015-5869 : Dennis Spindel Ljungmark\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in XNU that led to the disclosure of\r\nkernel memory. This was addressed through improved initialization of\r\nkernel memory structures.\r\nCVE-ID\r\nCVE-2015-5842 : beist of grayhash\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: An issue existed in HFS drive mounting. This was\r\naddressed by additional validation checks.\r\nCVE-ID\r\nCVE-2015-5748 : Maxime Villard of m00nbsd\r\n\r\nlibc\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\r\nCorporation\r\n\r\nlibpthread\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\r\n\r\nMail\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker can send an email that appears to come from a\r\ncontact in the recipient's address book\r\nDescription: An issue existed in the handling of the sender's\r\naddress. This issue was addressed through improved validation.\r\nCVE-ID\r\nCVE-2015-5857 : Emre Saglam of salesforce.com\r\n\r\nMultipeer Connectivity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to observe unprotected\r\nmultipeer data\r\nDescription: An issue existed in convenience initializer handling in\r\nwhich encryption could be actively downgraded to a non-encrypted\r\nsession. This issue was addressed by changing the convenience\r\ninitializer to require encryption.\r\nCVE-ID\r\nCVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem\r\n\r\nNetworkExtension\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An uninitialized memory issue in the kernel led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nmemory initialization.\r\nCVE-ID\r\nCVE-2015-5831 : Maxime Villard of m00nbsd\r\n\r\nOpenSSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL versions\r\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\r\n0.9.8zg.\r\nCVE-ID\r\nCVE-2015-0286\r\nCVE-2015-0287\r\n\r\nPluginKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious enterprise application can install extensions\r\nbefore the application has been trusted\r\nDescription: An issue existed in the validation of extensions during\r\ninstallation. This was addressed through improved app verification.\r\nCVE-ID\r\nCVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\r\nFireEye, Inc.\r\n\r\nremovefile\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing malicious data may lead to unexpected application\r\ntermination\r\nDescription: An overflow fault existed in the checkint division\r\nroutines. This issue was addressed with improved division routines.\r\nCVE-ID\r\nCVE-2015-5840 : an anonymous researcher\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to read Safari bookmarks on a\r\nlocked iOS device without a passcode\r\nDescription: Safari bookmark data was encrypted with a key protected\r\nonly by the hardware UID. This issue was addressed by encrypting the\r\nSafari bookmark data with a key protected by the hardware UID and the\r\nuser's passcode.\r\nCVE-ID\r\nCVE-2015-5903 : Jonathan Zdziarski\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: An issue may have allowed a website to display content\r\nwith a URL from a different website. This issue was addressed through\r\nimproved URL handling.\r\nCVE-ID\r\nCVE-2015-5904 : Erling Ellingsen of Facebook, Lukasz Pilorz\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Navigating to a malicious website with a malformed\r\nwindow opener may have allowed the display of arbitrary URLs. This\r\nissue was addressed through improved handling of window openers.\r\nCVE-ID\r\nCVE-2015-5905 : Keita Haga of keitahaga.com\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Users may be tracked by malicious websites using client\r\ncertificates\r\nDescription: An issue existed in Safari's client certificate\r\nmatching for SSL authentication. This issue was addressed through\r\nimproved matching of valid client certificates.\r\nCVE-ID\r\nCVE-2015-1129 : Stefan Kraus of fluid Operations AG, Sylvain Munaut\r\nof Whatever s.a.\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Multiple user interface inconsistencies may have\r\nallowed a malicious website to display an arbitrary URL. These issues\r\nwere addressed through improved URL display logic.\r\nCVE-ID\r\nCVE-2015-5764 : Antonio Sanso (@asanso) of Adobe\r\nCVE-2015-5765 : Ron Masas\r\nCVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa\r\n\r\nSafari Safe Browsing\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Navigating to the IP address of a known malicious website\r\nmay not trigger a security warning\r\nDescription: Safari's Safe Browsing feature did not warn users when\r\nvisiting known malicious websites by their IP addresses. The issue\r\nwas addressed through improved malicious site detection.\r\nRahul M of TagsDoc\r\n\r\nSecurity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious app may be able to intercept communication\r\nbetween apps\r\nDescription: An issue existed that allowed a malicious app to\r\nintercept URL scheme communication between apps. This was mitigated\r\nby displaying a dialog when a URL scheme is used for the first time.\r\nCVE-ID\r\nCVE-2015-5835 : Teun van Run of FiftyTwoDegreesNorth B.V.; XiaoFeng\r\nWang of Indiana University, Luyi Xing of Indiana University, Tongxin\r\nLi of Peking University, Tongxin Li of Peking University, Xiaolong\r\nBai of Tsinghua University\r\n\r\nSiri\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device may be able\r\nto use Siri to read notifications of content that is set not to be\r\ndisplayed at the lock screen\r\nDescription: When a request was made to Siri, client side\r\nrestrictions were not being checked by the server. This issue was\r\naddressed through improved restriction checking.\r\nCVE-ID\r\nCVE-2015-5892 : Robert S Mozayeni, Joshua Donvito\r\n\r\nSpringBoard\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device can reply to\r\nan audio message from the lock screen when message previews from the\r\nlock screen are disabled\r\nDescription: A lock screen issue allowed users to reply to audio\r\nmessages when message previews were disabled. This issue was\r\naddressed through improved state management.\r\nCVE-ID\r\nCVE-2015-5861 : Daniel Miedema of Meridian Apps\r\n\r\nSpringBoard\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to spoof another\r\napplication's dialog windows\r\nDescription: An access issue existed with privileged API calls. This\r\nissue was addressed through additional restrictions.\r\nCVE-ID\r\nCVE-2015-5838 : Min (Spark) Zheng, Hui Xue, Tao (Lenx) Wei, John C.S.\r\nLui\r\n\r\nSQLite\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in SQLite v3.8.5\r\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5.\r\nThese issues were addressed by updating SQLite to version 3.8.10.2.\r\nCVE-ID\r\nCVE-2015-5895\r\n\r\ntidy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in Tidy. This issues\r\nwas addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\r\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Object references may be leaked between isolated origins on\r\ncustom events, message events and pop state events\r\nDescription: An object leak issue broke the isolation boundary\r\nbetween origins. This issue was addressed through improved isolation\r\nbetween origins.\r\nCVE-ID\r\nCVE-2015-5827 : Gildas\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Memory corruption issues existed in WebKit. These\r\nissues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5789 : Apple\r\nCVE-2015-5790 : Apple\r\nCVE-2015-5792 : Apple\r\nCVE-2015-5794 : Apple\r\nCVE-2015-5795 : Apple\r\nCVE-2015-5796 : Apple\r\nCVE-2015-5797 : Apple\r\nCVE-2015-5799 : Apple\r\nCVE-2015-5800 : Apple\r\nCVE-2015-5801 : Apple\r\nCVE-2015-5802 : Apple\r\nCVE-2015-5803 : Apple\r\nCVE-2015-5804 : Apple\r\nCVE-2015-5805\r\nCVE-2015-5806 : Apple\r\nCVE-2015-5807 : Apple\r\nCVE-2015-5809 : Apple\r\nCVE-2015-5810 : Apple\r\nCVE-2015-5811 : Apple\r\nCVE-2015-5812 : Apple\r\nCVE-2015-5813 : Apple\r\nCVE-2015-5817 : Apple\r\nCVE-2015-5818 : Apple\r\nCVE-2015-5819 : Apple\r\nCVE-2015-5821 : Apple\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to unintended dialing\r\nDescription: An issue existed in handling of tel://, facetime://,\r\nand facetime-audio:// URLs. This issue was addressed through improved\r\nURL handling.\r\nCVE-ID\r\nCVE-2015-5820 : Andrei Neculaesei, Guillaume Ross\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: QuickType may learn the last character of a password in a\r\nfilled-in web form\r\nDescription: An issue existed in WebKit's handling of password input\r\ncontext. This issue was addressed through improved input context\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5906 : Louis Romero of Google Inc.\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position may be able to\r\nredirect to a malicious domain\r\nDescription: An issue existed in the handling of resource caches on\r\nsites with invalid certificates. The issue was addressed by rejecting\r\nthe application cache of domains with invalid certificates.\r\nCVE-ID\r\nCVE-2015-5907 : Yaoqi Jia of National University of Singapore (NUS)\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website may exfiltrate data cross-origin\r\nDescription: Safari allowed cross-origin stylesheets to be loaded\r\nwith non-CSS MIME types which could be used for cross-origin data\r\nexfiltration. This issue was addressed by limiting MIME types for\r\ncross-origin stylesheets.\r\nCVE-ID\r\nCVE-2015-5826 : filedescriptor, Chris Evans\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: The Performance API may allow a malicious website to leak\r\nbrowsing history, network activity, and mouse movements\r\nDescription: WebKit's Performance API could have allowed a malicious\r\nwebsite to leak browsing history, network activity, and mouse\r\nmovements by measuring time. This issue was addressed by limiting\r\ntime resolution.\r\nCVE-ID\r\nCVE-2015-5825 : Yossi Oren et al. of Columbia University's Network\r\nSecurity Lab\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position may be able to\r\nleak sensitive user information\r\nDescription: An issue existed with Content-Disposition headers\r\ncontaining type attachment. This issue was addressed by disallowing\r\nsome functionality for type attachment pages.\r\nCVE-ID\r\nCVE-2015-5921 : Mickey Shkatov of the Intel(r) Advanced Threat\r\nResearch Team, Daoyuan Wu of Singapore Management University, Rocky\r\nK. C. Chang of Hong Kong Polytechnic University, Lukasz Pilorz,\r\nsuperhei of www.knownsec.com\r\n\r\nWebKit Canvas\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may disclose image data from\r\nanother website\r\nDescription: A cross-origin issue existed with "canvas" element\r\nimages in WebKit. This was addressed through improved tracking of\r\nsecurity origins.\r\nCVE-ID\r\nCVE-2015-5788 : Apple\r\n\r\nWebKit Page Loading\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: WebSockets may bypass mixed content policy enforcement\r\nDescription: An insufficient policy enforcement issue allowed\r\nWebSockets to load mixed content. This issue was addressed by\r\nextending mixed content policy enforcement to WebSockets.\r\nKevin G Jones of Higher Logic\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "9".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "modified": "2015-10-05T00:00:00", "published": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32514", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32514", "title": "APPLE-SA-2015-09-16-1 iOS 9", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "description": "Screen unlock, information disclosure, restrictions bypass, multiple memory corruptions, weak encryption, multiple vulnerabilities in different libraries.", "modified": "2015-10-25T00:00:00", "published": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14696", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14696", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2019-02-19T17:02:18", "bulletinFamily": "info", "description": "### *Detect date*:\n09/16/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information.\n\n### *Affected products*:\nApple iTunes versions earlier than 12.3\n\n### *Solution*:\nUpdate to the latest version \n[Get iTunes](<http://www.apple.com/itunes/download/>)\n\n### *Original advisories*:\n[Apple advisory](<https://support.apple.com/en-us/HT205221>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iTunes](<https://threats.kaspersky.com/en/product/Apple-iTunes/>)\n\n### *CVE-IDS*:\n[CVE-2015-1152](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1152>) \n[CVE-2015-1153](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153>) \n[CVE-2015-3741](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741>) \n[CVE-2015-3746](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3746>) \n[CVE-2015-3743](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743>) \n[CVE-2015-5755](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5755>) \n[CVE-2015-3688](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3688>) \n[CVE-2015-1205](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1205>) \n[CVE-2015-3747](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747>) \n[CVE-2015-3744](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3744>) \n[CVE-2015-5806](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5806>) \n[CVE-2015-3734](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3734>) \n[CVE-2015-3748](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748>) \n[CVE-2015-3742](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3742>) \n[CVE-2015-3738](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3738>) \n[CVE-2015-3740](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3740>) \n[CVE-2015-3733](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3733>) \n[CVE-2015-5822](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822>) \n[CVE-2015-5803](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5803>) \n[CVE-2015-5823](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5823>) \n[CVE-2015-5804](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5804>) \n[CVE-2015-5797](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5797>) \n[CVE-2015-5796](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5796>) \n[CVE-2015-1157](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1157>) \n[CVE-2015-3745](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745>) \n[CVE-2015-5790](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5790>) \n[CVE-2015-5810](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5810>) \n[CVE-2015-5811](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5811>) \n[CVE-2015-5795](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5795>) \n[CVE-2015-5794](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794>) \n[CVE-2015-5793](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5793>) \n[CVE-2015-5792](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5792>) \n[CVE-2015-5920](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5920>) \n[CVE-2015-5805](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5805>) \n[CVE-2015-3730](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3730>) \n[CVE-2015-5761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5761>) \n[CVE-2015-5813](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5813>) \n[CVE-2015-5812](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5812>) \n[CVE-2015-5791](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5791>) \n[CVE-2015-5789](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5789>) \n[CVE-2015-5814](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5814>) \n[CVE-2015-5819](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5819>) \n[CVE-2015-5799](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5799>) \n[CVE-2015-3686](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3686>) \n[CVE-2015-3687](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3687>) \n[CVE-2015-5815](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5815>) \n[CVE-2015-5807](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5807>) \n[CVE-2015-5817](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5817>) \n[CVE-2015-5816](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5816>) \n[CVE-2015-3735](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3735>) \n[CVE-2015-3736](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3736>) \n[CVE-2015-5801](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801>) \n[CVE-2015-5802](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5802>) \n[CVE-2015-5798](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5798>) \n[CVE-2015-5808](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5808>) \n[CVE-2015-5818](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5818>) \n[CVE-2015-3749](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749>) \n[CVE-2015-3737](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3737>) \n[CVE-2015-3731](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731>) \n[CVE-2015-3739](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3739>) \n[CVE-2014-8146](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146>) \n[CVE-2010-3190](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3190>) \n[CVE-2015-5800](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5800>) \n[CVE-2015-5821](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5821>) \n[CVE-2015-5874](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5874>) \n[CVE-2015-5809](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809>)", "modified": "2019-02-15T00:00:00", "published": "2015-09-16T00:00:00", "id": "KLA10669", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10669", "title": "\r KLA10669Multiple vulnerabilities in Apple iTunes ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
