CVE-2015-5755: CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…

CVE-2015-5761 [MEDIUM] CWE-119 GHSA-cw72-8fv8-g25v: CoreText in Apple iOS before 8 CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.

CVE-2015-5755 [MEDIUM] CWE-119 GHSA-p5g7-mvx2-57vw: CoreText in Apple iOS before 8 CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.

CVE-2015-5755 [MEDIUM] CVE-2015-5755: Apple TV 7.2.1 Apple Security Update: About the security content of Apple TV 7.2.1 Product: Apple TV Version: 7.2.1 CVE: CVE-2015-5755 Component: CVE-ID

CVE-2015-5755 [MEDIUM] CVE-2015-5755: OS X Yosemite v10.10.5 and Security Update 2015-006 Apple Security Update: About the security content of OS X Yosemite v10.10.5 and Security Update 2015-006 Product: OS X Yosemite v10.10.5 and Security Update 2015-006 CVE: CVE-2015-5755 Component: CVE-ID Impact: Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy. Description: Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.

CVE-2015-5755 [MEDIUM] CVE-2015-5755: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-5755 Component: CVE-ID

CVE-2015-5755 [MEDIUM] CVE-2015-5755: iTunes 12.3 Apple Security Update: About the security content of iTunes 12.3 Product: iTunes Version: 12.3 CVE: CVE-2015-5755 Component: CVE-ID Impact: Applications that use ICU may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of unicode strings. These issues were addressed by updating ICU to version 55.

CVE-2015-3141 Xeams 4.5 Build 5755 - Multiple Vulnerabilities Xeams 4.5 Build 5755 - Multiple Vulnerabilities --- # Exploit Title: Multiple vulnerabilities in Xeams 4.5 Build 5755 (CSRF/Stored XSS) # Date: 07-05-2015 # Exploit Author: Marlow Tannhauser # Contact: [email protected] # Vendor Homepage: http://www.synametrics.com # Software Link: http://web.synametrics.com/XeamsDownload.htm # Version: 4.5 Build 5755. Earlier versions may also be affected. # CVE: 2015-3141 (Xeams) # Category: Web apps # DISCLOSURE TIMELINE # 08/02/2015: Initial disclosure to vendor and CERT 09/02/2015: Acknowledgment of vulnerabilities from vendor 11/02/2015: Disclosure deadline of 01/03/2015 agreed with vendor 19/02/2015: Disclosure deadline renegotiated to 01/04/2015 at vendor's request 09/04/2015: Disclosure deadline renegotiated to 20/04/2015 at vendor's