SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
Apple OS X Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, and Deny Service and Let Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1033276
SecurityTracker URL:  http://securitytracker.com/id/1033276
CVE Reference:   CVE-2014-7844, CVE-2015-3757, CVE-2015-3760, CVE-2015-3761, CVE-2015-3762, CVE-2015-3764, CVE-2015-3765, CVE-2015-3767, CVE-2015-3769, CVE-2015-3770, CVE-2015-3771, CVE-2015-3772, CVE-2015-3773, CVE-2015-3774, CVE-2015-3775, CVE-2015-3777, CVE-2015-3779, CVE-2015-3780, CVE-2015-3781, CVE-2015-3783, CVE-2015-3786, CVE-2015-3787, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-3794, CVE-2015-3799, CVE-2015-5747, CVE-2015-5748, CVE-2015-5750, CVE-2015-5751, CVE-2015-5753, CVE-2015-5754, CVE-2015-5763, CVE-2015-5768, CVE-2015-5771, CVE-2015-5772, CVE-2015-5779, CVE-2015-5783, CVE-2015-5784   (Links to External Site)
Date:  Aug 14 2015
Impact:   Denial of service via local system, Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, Root access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 10.10 - 10.10.4
Description:   Multiple vulnerabilities were reported in Apple OS X. A remote user can cause arbitrary code to be executed on the target user's system. A local user can cause denial of service conditions on the target system. A remote user can cause denial of service conditions on the target system. A remote user can modify files on the target system. A local user can gain system privileges on the target system. A remote user can obtain potentially sensitive information on the target system.

An application can exploit a flaw in the Apple ID OD Plug-in to change the password of a user on the system [CV-2015-3799].

An application can trigger a flaw in AppleGraphicsControl to determine kernel memory layout [CVE-2015-5768].

A local user can trigger a memory corruption error in IOBluetoothHCIController to execute arbitrary code with system privileges [CVE-2015-3779].

An application can exploit a flaw in Bluetooth to determine kernel memory layout [CVE-2015-3780].

An application can exploit a flaw in Bluetooth to access a Bluetooth-paired Mac or iOS device's Notification Center notifications via the Apple Notification Center Service [CVE-2015-3786].

A remote user in a privileged network position can send specially crafted Bluetooth packets to cause denial of service conditions [CVE-2015-3787].

A local user can trigger buffer overflows in 'blued' in the processing of XPC messages to execute arbitrary code [CVE-2015-3777].

A remote user can create a series of specially crafted unicode characters that, when processed by the target application, will trigger a memory corruption error in the Data Detectors Engine and execute arbitrary code [CVE-2015-5750].

An error in the Date and Time preference pane may cause applications that use system time to have unexpected behavior [CVE-2015-3757].

A remote user in a privileged network position can monitor the target user's Dictionary app queries [CVE-2015-3774].

A local user can trigger a path validation flaw in dyld to execute arbitrary code with system privileges [CVE-2015-3760].

An application can exploit a flaw in the 'Install.framework' 'runner' in the management of privileges to execute arbitrary code with root privileges [CVE-2015-5754, CVE-2015-5784].

A local user can trigger a memory corruption error in IOFireWireFamily to execute arbitrary code with system privileges [CVE-2015-3769, CVE-2015-3771, CVE-2015-3772].

An application can trigger a memory corruption error in IOGraphics to execute arbitrary code with system privileges [CVE-2015-3770, CVE-2015-5783].

A local user can trigger a flaw in the fasttrap driver to consume excessive resources on the target system [CVE-2015-5747].

A local user can exploit a validation flaw in the mounting of HFS volumes to cause denial of service conditions on the target system [CVE-2015-5748].

A local user can trigger a path validation flaw in the kernel to execute arbitrary code with system privileges [CVE-2015-3761].

A local user can trigger a memory corruption error in IOBluetoothHCIController to execute arbitrary code with system privileges [

A local user can exploit a validation flaw in mailx to execute arbitrary shell commands [CVE-2014-7844].

An application can exploit a flaw in the Notification Center to access all notifications previously displayed to users [CVE-2015-3764].

A local user can trigger a memory corruption error in NTFS to execute arbitrary code with system privileges [CVE-2015-5763]

A remote user can create a specially crafted QuickTime file that, when loaded by the target user, will trigger a memory corruption error in the Quartz Composer Framework and execute arbitrary code [CVE-2015-5771].

A local user can search for a previously viewed website to cause the web browser to launch and render that website [CVE-2015-3781].

A remote user can create a specially crafted file that, when loaded by the target user, will trigger a memory corruption error in QuickTime and execute arbitrary code [CVE-2015-3765, CVE-2015-3772, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, CVE-2015-5779].

A remote user can create a specially crafted Collada file that, when loaded by the target user, will trigger a heap overflow in SceneKit and execute arbitrary code [CVE-2015-5772].

A remote user can trigger a memory corruption error in SceneKit and execute arbitrary code [CVE-2015-3783].

A local user can obtain admin privileges [CVE-2015-3775].

A remote user can trigger a memory corruption error in the SMB client to execute arbitrary code [CVE-2015-3773].

A remote user can create a specially crafted unicode string that, when parsed by the target application, will trigger a memory corruption error in the Speech UI and execute arbitrary code [CVE-2015-3794].

A remote user can create a specially crafted text file containing an external entity reference that, when loaded by the target user, will disclose user information [CVE-2015-3762].

A remote user can create a specially crafted DMG file that, when loaded by the target user, will trigger a memory corruption error in udf and execute arbitrary code with system privileges [CVE-2015-3767].

An anonymous researcher working (via HP's Zero Day Initiative), JieTao Yang of KeenTeam, Teddy Reed of Facebook Security, Roberto Paleari and Aristide Fattori of Emaze Networks, Xiaolong Bai (Tsinghua University), System Security Lab (Indiana University), Tongxin Li (Peking University), XiaoFeng Wang (Indiana University), Trend Micro, mitp0sh of [PDX], M1x7e1 of Safeye Team (www.safeye.org), Mark S C Smith, Jeffrey Paul of EEQJ, Jan Bee of the Google Security Team, beist of grayhash, Stefan Esser, Ian Beer of Google Project Zero, Ilja van Sprundel, Maxime VILLARD of m00nbsd, Jonathan Zdziarski, Andrew Pouliot of Facebook, Anto Loyola of Qubole, Joe Burnett of Audio Poison, Ryan Pentney and Richard Johnson of Cisco Talos, WalkerFuz, Haris Andrianakis of Google Security Team, [Eldon Ahrold], Adam Greenbaum of Refinitive, and Xiaoyong Wu of the Evernote Security Team reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote or local user can cause denial of service conditions on the target system.

A local user can obtain system privileges on the target system.

A remote user can obtain potentially sensitive information on the target system.

Solution:   The vendor has issued a fix (10.10.5, Security Update 2015-006).

The vendor's advisory is available at:

https://support.apple.com/kb/HT205031

Vendor URL:  support.apple.com/kb/HT205031 (Links to External Site)
Cause:   Access control error, Boundary error, Input validation error, Resource error

Message History:   This archive entry has one or more follow-up message(s) listed below.
Aug 21 2015 (Apple Issues Fix for QuickTime for Windows) Apple OS X Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, and Deny Service and Let Local Users Gain Elevated Privileges
Apple has issued an advisory for QuickTime on Windows.
Sep 17 2015 (Apple Issues Fix for Apple iOS) Apple OS X Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, and Deny Service and Let Local Users Gain Elevated Privileges
Apple has issued a fix for Apple iOS.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC