CVE-2015-3759 — Link Following in Apple Iphone OS

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 83.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 16

Latest updateMay 17

Description

Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

▶Appleapple/ios8.4.1

GHSA

GHSA-r3cx-42vx-5v5p: Location Framework in Apple iOS before 8↗2022-05-17

▶

Apple

CVE-2015-3759: iOS 8.4.1↗

▶

Apple

CVE-2015-3759: Apple TV 7.2.1↗

▶