CVE-2015-5749Sensitive Information Exposure in Apple Iphone OS

CWE-200Sensitive Information Exposure4 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 46.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple Iphone OSApple TVApple IOS
Timeline
PublishedAug 17
Latest updateMay 17

Description

The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

Appleapple/ios8.4.1
Appleapple/apple_tv7.2.1

🔴Vulnerability Details

1
GHSA
GHSA-4g6q-mf75-jfx7: The Sandbox_profiles component in Apple iOS before 82022-05-17

📋Vendor Advisories

2
Apple
CVE-2015-5749: Apple TV 7.2.1
Apple
CVE-2015-5749: iOS 8.4.1
CVE-2015-5749 — Sensitive Information Exposure in Apple | cvebase