Details of VAR-201504-0100

ID

VAR-201504-0100

CVE

CVE-2015-1149

TITLE

Apple Xcode of Swift Integer overflow vulnerability in the simulator

Trust: 0.8

sources: JVNDB: JVNDB-2015-002156

DESCRIPTION

Integer overflow in the simulator in Swift in Apple Xcode before 6.3 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion. Apple Xcode is prone to a remote integer-overflow vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in Xcode 6.3. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. Swift is a programming language used to develop Mac OS X and iOS applications. An attacker could exploit this vulnerability to cause a denial of service. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-04-08-5 Xcode 6.3 Xcode 6.3 is now available and addresses the following: Clang Available for: OS X Mavericks v10.9.4 or later Impact: An attacker may be able to bypass stack guards Description: A register allocation issue existed in clang which sometimes led to stack cookie pointers being stored on the stack itself. This issue was addressed with improved register allocation. Swift Available for: OS X Mavericks v10.9.4 or later Impact: Swift programs performing certain type conversions may receive unexpected values Description: A integer overflow issue existed in the simulator that could lead to conversions returning unexpected values. CVE-ID CVE-2015-1149 Xcode 6.3 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "6.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJVJHMkAAoJEBcWfLTuOo7tXiwQAItddyjaYou2YXMjRu3dc1FR W69zMBR1GHQHqwIG+Cy++dU9+cQMxRgJuMj5GJrcKBdUy36cOXvUEdLGvuikgrmc jcxMDYVvDpvvjdY7N/PWq63w4zPllM+mJ8/n2vtOyHsSTesYu0JwhFGPkSqkN9jQ JcJIU4Mk3IuftR3GW7ryUoWPjeL4ZLqRdYpgglSgYOXhpDYJd97Z2p28FPCQ6K6p ww0uPFXc4RqM1S4EwZWofXfiuUmAR6gCz7sNjXlPsvWFhL4RF+ppnKsW34qA+zrU rsbm/QcIimdzYUsOhsM993uN/l/EWmjuExZ7tJDjWD5PLJtztM2fAEBSs0+g/JSh CFDDMOKUV6/jd0l/V1Y5/OaeR+D3/rx/nMXkwBzq5itYxfFBtzi3SfQ6VFHtfdxR AoKwuijG4y6Ll3joeQ73Ub/UX8suLkKH+WFa1WqDEom6dbmkEuASamwJ45MLHMBV x6vo2pL0mo/9/rCCEz5+qRncauRIVrOt+YwJSpILGqBYRi/61iwW3nIL1pg8jcdj ovWYUzLq4tMhLGlg3VegE5AqaiAmruULqYozZ5CtkydJCdnxiSPjpIJYLYOctGF8 cVB9XvB2Z1UYV4GqG7oZxUJiEVOfveZZqmUH/b5tcPQBIKf6E/PAaNRZ3IJ1Tyle 1uiCuBgp/UXGDrxpxIDu =rNdR -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2015-1149 // JVNDB: JVNDB-2015-002156 // BID: 73988 // VULHUB: VHN-79110 // PACKETSTORM: 131362

AFFECTED PRODUCTS

vendor:	apple	model:	xcode	scope:	lte	version:	6.2	Trust: 1.0
vendor:	apple	model:	xcode	scope:	eq	version:	6.2	Trust: 0.9
vendor:	apple	model:	xcode	scope:	lt	version:	6.3 (os x mavericks v10.9.4 or later )	Trust: 0.8
vendor:	apple	model:	xcode	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	2.4.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.4	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.1.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.2.5	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.2.4	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.2.3	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.1.4	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.1.3	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	2.3	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	2.2	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.1	Trust: 0.3
vendor:	apple	model:	xcode	scope:	ne	version:	6.3	Trust: 0.3

sources: BID: 73988 // JVNDB: JVNDB-2015-002156 // CNNVD: CNNVD-201504-173 // NVD: CVE-2015-1149

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-1149
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-1149
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201504-173
value:	HIGH
Trust: 0.6
VULHUB:	VHN-79110
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-1149
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-79110
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-79110 // JVNDB: JVNDB-2015-002156 // CNNVD: CNNVD-201504-173 // NVD: CVE-2015-1149

PROBLEMTYPE DATA

problemtype:

CWE-189

Trust: 1.9

sources: VULHUB: VHN-79110 // JVNDB: JVNDB-2015-002156 // NVD: CVE-2015-1149

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201504-173

TYPE

digital error

Trust: 0.6

sources: CNNVD: CNNVD-201504-173

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-002156

PATCH

title:	APPLE-SA-2015-04-08-5 Xcode 6.3	url:	http://lists.apple.com/archives/security-announce/2015/Apr/msg00004.html	Trust: 0.8
title:	HT204663	url:	http://support.apple.com/en-us/HT204663	Trust: 0.8
title:	HT204663	url:	http://support.apple.com/ja-jp/HT204663	Trust: 0.8

sources: JVNDB: JVNDB-2015-002156

EXTERNAL IDS

db:	NVD	id:	CVE-2015-1149	Trust: 2.9
db:	SECTRACK	id:	1032049	Trust: 1.1
db:	JVN	id:	JVNVU91828320	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-002156	Trust: 0.8
db:	CNNVD	id:	CNNVD-201504-173	Trust: 0.7
db:	BID	id:	73988	Trust: 0.4
db:	PACKETSTORM	id:	131362	Trust: 0.2
db:	VULHUB	id:	VHN-79110	Trust: 0.1

sources: VULHUB: VHN-79110 // BID: 73988 // JVNDB: JVNDB-2015-002156 // PACKETSTORM: 131362 // CNNVD: CNNVD-201504-173 // NVD: CVE-2015-1149

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/apr/msg00004.html	Trust: 1.7
url:	https://support.apple.com/ht204663	Trust: 1.7
url:	http://www.securitytracker.com/id/1032049	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1149	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu91828320/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1149	Trust: 0.8
url:	https://developer.apple.com/xcode/	Trust: 0.3
url:	https://support.apple.com/en-us/ht204663	Trust: 0.3
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://gpgtools.org	Trust: 0.1
url:	https://developer.apple.com/xcode/downloads/	Trust: 0.1
url:	https://support.apple.com/kb/ht1222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1149	Trust: 0.1

sources: VULHUB: VHN-79110 // BID: 73988 // JVNDB: JVNDB-2015-002156 // PACKETSTORM: 131362 // CNNVD: CNNVD-201504-173 // NVD: CVE-2015-1149

CREDITS

Apple

Trust: 0.4

sources: BID: 73988 // PACKETSTORM: 131362

SOURCES

db:	VULHUB	id:	VHN-79110
db:	BID	id:	73988
db:	JVNDB	id:	JVNDB-2015-002156
db:	PACKETSTORM	id:	131362
db:	CNNVD	id:	CNNVD-201504-173
db:	NVD	id:	CVE-2015-1149

LAST UPDATE DATE

2024-08-14T12:19:18.572000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-79110	date:	2015-09-11T00:00:00
db:	BID	id:	73988	date:	2015-04-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-002156	date:	2015-04-13T00:00:00
db:	CNNVD	id:	CNNVD-201504-173	date:	2015-04-13T00:00:00
db:	NVD	id:	CVE-2015-1149	date:	2015-09-11T17:58:43.063

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-79110	date:	2015-04-10T00:00:00
db:	BID	id:	73988	date:	2015-04-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-002156	date:	2015-04-13T00:00:00
db:	PACKETSTORM	id:	131362	date:	2015-04-09T16:42:53
db:	CNNVD	id:	CNNVD-201504-173	date:	2015-04-13T00:00:00
db:	NVD	id:	CVE-2015-1149	date:	2015-04-10T14:59:59.100