Lucene search

[email protected]CVE-2015-5863

HistorySep 18, 2015 - 12:00 p.m.

CVE-2015-5863

2015-09-1812:00:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2015-5863

apple

ios

kernel memory

information security

nvd

4.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via unknown vectors.

CPENameOperatorVersion
apple:iphone_osapple iphone osle8.4.1
apple:mac_os_xapple mac os xle10.10.5
apple:watchosapple watchoseq1.0

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	le	8.4.1
apple:mac_os_x	apple mac os x	le	10.10.5
apple:watchos	apple watchos	eq	1.0

References

lists.apple.com/archives/security-announce/2015/Sep/msg00001.html

lists.apple.com/archives/security-announce/2015/Sep/msg00005.html

lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

www.securityfocus.com/bid/76764

www.securitytracker.com/id/1033609

support.apple.com/HT205212

support.apple.com/HT205213

support.apple.com/HT205267

4.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2015-5863

prion1 securityvulns6 nessus1