6.4 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
77.3%
NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
lists.apple.com/archives/security-announce/2015/Apr/msg00002.html
lists.apple.com/archives/security-announce/2015/Apr/msg00003.html
www.securityfocus.com/bid/73983
www.securitytracker.com/id/1032050
support.apple.com/HT204661
support.apple.com/HT204662
support.apple.com/kb/HT204870