CVE-2015-3803Improper Input Validation in Apple Iphone OS

CWE-20Improper Input Validation5 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 80.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple Iphone OSApple MAC OS XApple TV+2 more
Timeline
PublishedAug 17
Latest updateMay 17

Description

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages5 packages

NVDapple/mac_os_x10.10.4
Appleapple/ios8.4.1
Appleapple/apple_tv7.2.1

🔴Vulnerability Details

1
GHSA
GHSA-hjgc-47rc-q2wh: Apple iOS before 82022-05-17

📋Vendor Advisories

3
Apple
CVE-2015-3803: iOS 8.4.1
Apple
CVE-2015-3803: OS X Yosemite v10.10.5 and Security Update 2015-006
Apple
CVE-2015-3803: Apple TV 7.2.1