CVE-2015-6984Improper Access Control in Apple MAC OS X

CWE-284Improper Access Control3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.4%
top 42.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple OS X EL Capitan 10.11.1 Security Update 2015-004 Yosemite AND Security Update 20
Timeline
PublishedOct 23
Latest updateMay 17

Description

libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.

CVSS vector

AV:N/AC:M/C:N/I:C/A:CExploitability: 8.6 | Impact: 9.2

Affected Packages2 packages

NVDapple/mac_os_x10.11.0

🔴Vulnerability Details

1
GHSA
GHSA-7f9h-v6mc-75v2: libarchive in Apple OS X before 102022-05-17

📋Vendor Advisories

1
Apple
CVE-2015-6984: OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks