Details of VAR-201512-0182

ID

VAR-201512-0182

CVE

CVE-2015-7112

TITLE

plural Apple Product IOHIDFamily API Vulnerable to arbitrary code execution in a privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2015-006353

DESCRIPTION

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.2, watchOS 2.1, OS X 10.11.2, and tvOS 9.1 are vulnerable. Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. The IOHIDFamily API is one of the kernel extensions (Abstract Interface for Human Interface Devices) API components. A security vulnerability exists in the IOHIDFamily API component of several Apple products

Trust: 1.98

sources: NVD: CVE-2015-7112 // JVNDB: JVNDB-2015-006353 // BID: 78719 // VULHUB: VHN-85073

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.1	Trust: 1.4
vendor:	apple	model:	mac os x	scope:	lte	version:	10.11.1	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lte	version:	9.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	9.1	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lte	version:	2.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (iphone 4s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	9.2 (ipod touch first 5 after generation )	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	9.1 (apple tv first 4 generation )	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	2.1 (apple watch edition)	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	2.1 (apple watch hermes)	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	2.1 (apple watch sport)	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	2.1 (apple watch)	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	9.1	Trust: 0.6
vendor:	apple	model:	watchos	scope:	eq	version:	2.0	Trust: 0.6
vendor:	apple	model:	tv	scope:	eq	version:	9.0	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3

sources: BID: 78719 // JVNDB: JVNDB-2015-006353 // CNNVD: CNNVD-201512-392 // NVD: CVE-2015-7112

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7112
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-7112
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201512-392
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-85073
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-7112
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-85073
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-85073 // JVNDB: JVNDB-2015-006353 // CNNVD: CNNVD-201512-392 // NVD: CVE-2015-7112

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-85073 // JVNDB: JVNDB-2015-006353 // NVD: CVE-2015-7112

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-392

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201512-392

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-006353

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-85073

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2015-12-08-1 iOS 9.2	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html	Trust: 0.8
title:	APPLE-SA-2015-12-08-4 watchOS 2.1	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html	Trust: 0.8
title:	APPLE-SA-2015-12-08-2 tvOS 9.1	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html	Trust: 0.8
title:	APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008	url:	http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html	Trust: 0.8
title:	HT205635	url:	https://support.apple.com/en-us/HT205635	Trust: 0.8
title:	HT205641	url:	https://support.apple.com/en-us/HT205641	Trust: 0.8
title:	HT205640	url:	https://support.apple.com/en-us/HT205640	Trust: 0.8
title:	HT205637	url:	https://support.apple.com/en-us/HT205637	Trust: 0.8
title:	HT205641	url:	http://support.apple.com/ja-jp/HT205641	Trust: 0.8
title:	HT205640	url:	http://support.apple.com/ja-jp/HT205640	Trust: 0.8
title:	HT205637	url:	http://support.apple.com/ja-jp/HT205637	Trust: 0.8
title:	HT205635	url:	http://support.apple.com/ja-jp/HT205635	Trust: 0.8
title:	Multiple Apple product IOHIDFamily API Fixes for component buffer overflow vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59210	Trust: 0.6

sources: JVNDB: JVNDB-2015-006353 // CNNVD: CNNVD-201512-392

EXTERNAL IDS

db:	NVD	id:	CVE-2015-7112	Trust: 2.8
db:	BID	id:	78719	Trust: 2.0
db:	SECTRACK	id:	1034344	Trust: 1.7
db:	JVN	id:	JVNVU97526033	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-006353	Trust: 0.8
db:	CNNVD	id:	CNNVD-201512-392	Trust: 0.7
db:	PACKETSTORM	id:	135427	Trust: 0.1
db:	EXPLOIT-DB	id:	39379	Trust: 0.1
db:	VULHUB	id:	VHN-85073	Trust: 0.1

sources: VULHUB: VHN-85073 // BID: 78719 // JVNDB: JVNDB-2015-006353 // CNNVD: CNNVD-201512-392 // NVD: CVE-2015-7112

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00000.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00001.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00005.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/dec/msg00002.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/78719	Trust: 1.7
url:	https://support.apple.com/ht205635	Trust: 1.7
url:	https://support.apple.com/ht205637	Trust: 1.7
url:	https://support.apple.com/ht205640	Trust: 1.7
url:	https://support.apple.com/ht205641	Trust: 1.7
url:	http://www.securitytracker.com/id/1034344	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7112	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu97526033/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7112	Trust: 0.8
url:	http://www.apple.com/ios/	Trust: 0.3
url:	http://www.apple.com/accessibility/tvos/	Trust: 0.3
url:	http://www.apple.com/watchos-2/	Trust: 0.3
url:	http://www.apple.com/ipad/	Trust: 0.3
url:	http://www.apple.com/iphone/	Trust: 0.3
url:	http://www.apple.com/ipodtouch/	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3

sources: VULHUB: VHN-85073 // BID: 78719 // JVNDB: JVNDB-2015-006353 // CNNVD: CNNVD-201512-392 // NVD: CVE-2015-7112

CREDITS

Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt, j00ru, John Villamil (@day6reak),Yahoo Pentest Team

Trust: 0.3

sources: BID: 78719

SOURCES

db:	VULHUB	id:	VHN-85073
db:	BID	id:	78719
db:	JVNDB	id:	JVNDB-2015-006353
db:	CNNVD	id:	CNNVD-201512-392
db:	NVD	id:	CVE-2015-7112

LAST UPDATE DATE

2024-11-23T21:15:42.792000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-85073	date:	2019-03-08T00:00:00
db:	BID	id:	78719	date:	2016-01-12T02:01:00
db:	JVNDB	id:	JVNDB-2015-006353	date:	2015-12-15T00:00:00
db:	CNNVD	id:	CNNVD-201512-392	date:	2019-03-13T00:00:00
db:	NVD	id:	CVE-2015-7112	date:	2024-11-21T02:36:14.980

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-85073	date:	2015-12-11T00:00:00
db:	BID	id:	78719	date:	2015-12-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-006353	date:	2015-12-15T00:00:00
db:	CNNVD	id:	CNNVD-201512-392	date:	2015-12-14T00:00:00
db:	NVD	id:	CVE-2015-7112	date:	2015-12-11T12:00:09.197