CVE-2015-1066 — Off-by-one Error in Apple MAC OS X

CWE-1895 documents4 sources

Severity

10.0CRITICALNVD

EPSS

1.2%

top 21.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple About Security Update 2015-002

Timeline

PublishedMar 12

Latest updateMay 17

Description

Off-by-one error in IOAcceleratorFamily in Apple OS X through 10.10.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDapple/mac_os_x10.10.2

▶Appleapple/about_security_update_2015-002

🔴Vulnerability Details

GHSA

GHSA-h4vr-mppx-f2fr: Off-by-one error in IOAcceleratorFamily in Apple OS X through 10↗2022-05-17

▶

📋Vendor Advisories

Apple

CVE-2015-1066: About Security Update 2015-002↗

▶

💬Community

Bugzilla

CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize↗2015-06-17

▶

Bugzilla

CVE-2015-4602 php: Incomplete Class unserialization type confusion↗2015-06-17

▶