ID

VAR-201509-0038

CVE

CVE-2015-5895

TITLE

Apple iOS Used in SQLite Vulnerability in

DESCRIPTION

Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown impact and attack vectors. Attackers can exploit these issues to bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial-of-service condition, perform unauthorized actions and gain system privileges; this may aid in launching further attacks. Versions prior to iOS 9 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. SQLite is an open source embedded relational database management system based on C language developed by American software developer D.Richard Hipp. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-09-21-1 watchOS 2 watchOS 2 is now available and addresses the following: Apple Pay Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: The transaction log functionality was enabled in certain configurations. This issue was addressed by removing the transaction log functionality. CVE-ID CVE-2015-5916 Audio Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Playing a malicious audio file may lead to an unexpected application termination Description: A memory corruption issue existed in the handling of audio files. This issue issue was addressed through improved memory handling. CVE-ID CVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.: Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea Certificate Trust Policy Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT204873. CFNetwork Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: A certificate validation issue existed in NSURL when a certificate changed. This issue was addressed through improved certificate validation. CVE-ID CVE-2015-5824 : Timothy J. Wood of The Omni Group CFNetwork Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Connecting to a malicious web proxy may set malicious cookies for a website Description: An issue existed in the handling of proxy connect responses. This issue was addressed by removing the set-cookie header while parsing the connect response. CVE-ID CVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University CFNetwork Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An attacker in a privileged network position can track a user's activity Description: A cross-domain cookie issue existed in the handling of top level domains. The issue was address through improved restrictions of cookie creation CVE-ID CVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University CFNetwork Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Malicious FTP servers may be able to cause the client to perform reconnaissance on other hosts Description: An issue existed in FTP clients while checking when proxy was in use. This issue was resolved through improved validation. CVE-ID CVE-2015-5912 : Amit Klein CFNetwork Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A person with physical access to an iOS device may read cache data from Apple apps Description: Cache data was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the cache data with a key protected by the hardware UID and the user's passcode. CVE-ID CVE-2015-5898 : Andreas Kurtz of NESO Security Labs CoreCrypto Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An attacker may be able to determine a private key Description: By observing many signing or decryption attempts, an attacker may have been able to determine the RSA private key. This issue was addressed using improved encryption algorithms. CoreText Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team Data Detectors Engine Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: Memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org) Dev Tools Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in dyld. This was addressed through improved memory handling. CVE-ID CVE-2015-5876 : beist of grayhash dyld Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team Disk Images Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in DiskImages. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5847 : Filippo Bigarella, Luca Todesco GasGauge Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5918 : Apple CVE-2015-5919 : Apple ICU Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Multiple vulnerabilities in ICU Description: Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1. CVE-ID CVE-2014-8146 CVE-2015-1205 IOAcceleratorFamily Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team IOAcceleratorFamily Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5848 : Filippo Bigarella IOKit Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5844 : Filippo Bigarella CVE-2015-5845 : Filippo Bigarella CVE-2015-5846 : Filippo Bigarella IOMobileFrameBuffer Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOMobileFrameBuffer. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5843 : Filippo Bigarella IOStorageFamily Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local attacker may be able to read kernel memory Description: A memory initialization issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5863 : Ilja van Sprundel of IOActive Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team CVE-2015-5896 : Maxime Villard of m00nbsd CVE-2015-5903 : CESG Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local attacker may control the value of stack cookies Description: Multiple weaknesses existed in the generation of user space stack cookies. This was addressed through improved generation of stack cookies. CVE-ID CVE-2013-3951 : Stefan Esser Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local process can modify other processes without entitlement checks Description: An issue existed where root processes using the processor_set_tasks API were allowed to retrieve the task ports of other processes. This issue was addressed through added entitlement checks. CVE-ID CVE-2015-5882 : Pedro Vilaca, working from original research by Ming- chieh Pan and Sung-ting Tsai; Jonathan Levin Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: An attacker in a local LAN segment may disable IPv6 routing Description: An insufficient validation issue existed in handling of IPv6 router advertisements that allowed an attacker to set the hop limit to an arbitrary value. This issue was addressed by enforcing a minimum hop limit. CVE-ID CVE-2015-5869 : Dennis Spindel Ljungmark Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local user may be able to determine kernel memory layout Description: An issue existed in XNU that led to the disclosure of kernel memory. This was addressed through improved initialization of kernel memory structures. CVE-ID CVE-2015-5842 : beist of grayhash Kernel Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local user may be able to cause a system denial of service Description: An issue existed in HFS drive mounting. This was addressed by additional validation checks. CVE-ID CVE-2015-5748 : Maxime Villard of m00nbsd libpthread Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team PluginKit Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: A malicious enterprise application can install extensions before the application has been trusted Description: An issue existed in the validation of extensions during installation. This was addressed through improved app verification. CVE-ID CVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of FireEye, Inc. removefile Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Processing malicious data may lead to unexpected application termination Description: An overflow fault existed in the checkint division routines. This issue was addressed with improved division routines. These issues were addressed by updating SQLite to version 3.8.10.2. CVE-ID CVE-2015-5895 tidy Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in Tidy. This issues was addressed through improved memory handling. CVE-ID CVE-2015-5522 : Fernando Munoz of NULLGroup.com CVE-2015-5523 : Fernando Munoz of NULLGroup.com Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWAD3JAAoJEBcWfLTuOo7tqhIP+wbrK4nNIHsCMFxr+c3JyvLQ QFIsKBJwODOwx8HXF7IVx5qOTUMooR+r2uCtpnB9tdhHeCKE4wl4IjJRKtNmuKo8 cpCJP5jBDk1JGlms7htP9umRwa+J6o5BMiqJRYJWfUZKt5M180F1LwQRo5EexTYm oWoDLwqNXU8gl6xXFNVNsWDtgvhalpT1eTYj2WDts0lnS9lnaTQIBipIlcH+9T8M jOxZAaogwdN7F1WIP+DnoEI8f1rBPgq+WCY9hzYnRzIt8D7QPU3A9UVMPXRptlYD AUA5oynybu+72mlauHL4iZ4RJEMDQNDvCX0F3oDjJv9NxDnrNTYdVXor8IYffkXm u9byknmIKTwxR+FtMk7kS//C2PV8SGfigkvaYQt3OLEa3FeqwIl8+qtVF059QeBL WrBz0hcfOiB0mcm4CpDdtkNZCwROgyMgPv3vK5WqvcIDUe2rmCAP9XIuEgZDriCk U9A7pEwbcRaV3G9G9zCPQOxnXv/Ko2xjZPLEtcNvwBkel4Dd5nRQ5S7yyWF977Ds fx1pzFRtXDCTbjwDDN1XM78IV++nz8xQnaqh193Oq4a+GN3XeM70uE+dNpeOJiQh E/Cp9KI563FhoaZSR/01iiK8DD+YT/d6SnkWq02joP4VGvEpNzZ5Tv/68Peaw/QX W3j/7Rzc/PjuOCP0lDSI =PAVo -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

Unknown

CONFIGURATIONS

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Xiaofeng Zheng, Tsinghua University, Sam Greenhalgh, Andreas Kurtz, Erling Ellingsen, Amit Klein, Timothy J. Wood, Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin Gao, Yingjiu Li, Feng Bao and Jianying Zhou, 1x7e1, beist of grayhash, Filippo Bigarella,

SOURCES

LAST UPDATE DATE

2024-11-23T19:57:32.246000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE