Details of VAR-201510-0160

ID

VAR-201510-0160

CVE

CVE-2015-6995

TITLE

Apple iOS and OS X Disk image component vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2015-005558

DESCRIPTION

The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app. Apple iOS and Mac OS X are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions, overwrite arbitrary files and cause denial-of-service conditions. in the United States. The former is an operating system developed for mobile devices. The latter is a dedicated operating system developed for Mac computers. Disk Images is one of the disk image format components. The vulnerability is caused by the program not correctly parsing disk images

Trust: 1.98

sources: NVD: CVE-2015-6995 // JVNDB: JVNDB-2015-005558 // BID: 77263 // VULHUB: VHN-84956

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.11.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	9.0.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.1 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.1 (iphone 4s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.1 (ipod touch first 5 after generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	9.0.2	Trust: 0.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.0	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3

sources: BID: 77263 // JVNDB: JVNDB-2015-005558 // CNNVD: CNNVD-201510-543 // NVD: CVE-2015-6995

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-6995
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-6995
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201510-543
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-84956
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-6995
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-84956
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-84956 // JVNDB: JVNDB-2015-005558 // CNNVD: CNNVD-201510-543 // NVD: CVE-2015-6995

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-84956 // JVNDB: JVNDB-2015-005558 // NVD: CVE-2015-6995

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201510-543

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201510-543

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005558

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-84956

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007	url:	http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html	Trust: 0.8
title:	APPLE-SA-2015-10-21-1 iOS 9.1	url:	http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html	Trust: 0.8
title:	HT205370	url:	https://support.apple.com/en-us/HT205370	Trust: 0.8
title:	HT205375	url:	https://support.apple.com/en-us/HT205375	Trust: 0.8
title:	HT205370	url:	http://support.apple.com/ja-jp/HT205370	Trust: 0.8
title:	HT205375	url:	http://support.apple.com/ja-jp/HT205375	Trust: 0.8
title:	Apple iOS and OS X Disk Images Fixes for component security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58387	Trust: 0.6

sources: JVNDB: JVNDB-2015-005558 // CNNVD: CNNVD-201510-543

EXTERNAL IDS

db:	NVD	id:	CVE-2015-6995	Trust: 2.8
db:	BID	id:	77263	Trust: 1.4
db:	SECTRACK	id:	1033929	Trust: 1.1
db:	JVN	id:	JVNVU92655282	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-005558	Trust: 0.8
db:	CNNVD	id:	CNNVD-201510-543	Trust: 0.7
db:	PACKETSTORM	id:	135425	Trust: 0.1
db:	EXPLOIT-DB	id:	39381	Trust: 0.1
db:	VULHUB	id:	VHN-84956	Trust: 0.1

sources: VULHUB: VHN-84956 // BID: 77263 // JVNDB: JVNDB-2015-005558 // CNNVD: CNNVD-201510-543 // NVD: CVE-2015-6995

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/oct/msg00002.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/oct/msg00005.html	Trust: 1.7
url:	https://support.apple.com/ht205370	Trust: 1.7
url:	https://support.apple.com/ht205375	Trust: 1.7
url:	http://www.securityfocus.com/bid/77263	Trust: 1.1
url:	http://www.securitytracker.com/id/1033929	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6995	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu92655282/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6995	Trust: 0.8
url:	http://www.apple.com/ios/	Trust: 0.3
url:	http://www.apple.com/ipad/	Trust: 0.3
url:	http://www.apple.com/iphone/	Trust: 0.3
url:	http://www.apple.com/ipodtouch/	Trust: 0.3

sources: VULHUB: VHN-84956 // BID: 77263 // JVNDB: JVNDB-2015-005558 // CNNVD: CNNVD-201510-543 // NVD: CVE-2015-6995

CREDITS

Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of Tsinghua University, Jian Jiang of University of California, Berkeley, Haixin Duan of Tsinghua University and International Computer Science Institute, Shuo Chen of Microsoft Research Redmond, Tao Wan of Hu

Trust: 0.3

sources: BID: 77263

SOURCES

db:	VULHUB	id:	VHN-84956
db:	BID	id:	77263
db:	JVNDB	id:	JVNDB-2015-005558
db:	CNNVD	id:	CNNVD-201510-543
db:	NVD	id:	CVE-2015-6995

LAST UPDATE DATE

2024-11-23T21:03:41.512000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-84956	date:	2016-12-24T00:00:00
db:	BID	id:	77263	date:	2016-01-12T02:01:00
db:	JVNDB	id:	JVNDB-2015-005558	date:	2015-10-27T00:00:00
db:	CNNVD	id:	CNNVD-201510-543	date:	2015-10-26T00:00:00
db:	NVD	id:	CVE-2015-6995	date:	2024-11-21T02:36:00.877

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-84956	date:	2015-10-23T00:00:00
db:	BID	id:	77263	date:	2015-10-21T00:00:00
db:	JVNDB	id:	JVNDB-2015-005558	date:	2015-10-27T00:00:00
db:	CNNVD	id:	CNNVD-201510-543	date:	2015-10-26T00:00:00
db:	NVD	id:	CVE-2015-6995	date:	2015-10-23T21:59:36.780