Lucene search

PRIOn knowledge basePRION:CVE-2015-1086

HistoryApr 10, 2015 - 2:59 p.m.

Code injection

2015-04-1014:59:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.7%

JSON

The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

CPENameOperatorVersion
iphone_osle8.2
tvosle7.1

CPE	Name	Operator	Version
	iphone_os	le	8.2
	tvos	le	7.1

References

lists.apple.com/archives/security-announce/2015/Apr/msg00002.html

lists.apple.com/archives/security-announce/2015/Apr/msg00003.html

www.securitytracker.com/id/1032050

support.apple.com/HT204661

support.apple.com/HT204662

7.1 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.7%

JSON

Related for PRION:CVE-2015-1086