Lucene search
AppleCVELIST:CVE-2015-1117HistoryApr 10, 2015 - 2:00 p.m.
CVE-2015-1117
2015-04-1014:00:00
apple
www.cve.org
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app.
References
lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
lists.apple.com/archives/security-announce/2015/Apr/msg00002.html
lists.apple.com/archives/security-announce/2015/Apr/msg00003.html
www.securitytracker.com/id/1032048
support.apple.com/HT204659
support.apple.com/HT204661
support.apple.com/HT204662
support.apple.com/kb/HT204870
Related
prion
prion
Code injection
2015-04-10 14:59:00
cve
cve
CVE-2015-1117
2015-04-10 14:59:31
nvd
nvd
CVE-2015-1117
2015-04-10 14:59:31
securityvulns
securityvulns
APPLE-SA-2015-05-19-1 Watch OS 1.0.1
2015-05-25 00:00:00
Apple Watch multiple security vulnerabilities
2015-05-25 00:00:00
APPLE-SA-2015-04-08-4 Apple TV 7.2
2015-04-09 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-01 (Apr 2015)
2015-04-24 00:00:00
nessus
nessus
Apple TV < 7.2 Multiple Vulnerabilities
2015-04-10 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)
2015-04-10 00:00:00
Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)
2015-04-10 00:00:00