CVE-2015-6995
published 2015-10-23CVE-2015-6995: The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial…
PriorityP343medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
6.49%
92.9th percentile
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | <= 9.0.2 | — |
| apple | mac_os_x | <= 10.11.0 | — |
| apple | os_x_el_capitan_10.11.1_security_update_2015-004_yosemite_and_security_update_20 | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9f67-89h4-wvpf: The Disk Images component in Apple iOS before 9
ghsa_unreviewed·2022-05-17
CVE-2015-6995 [MEDIUM] CWE-119 GHSA-9f67-89h4-wvpf: The Disk Images component in Apple iOS before 9
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
Apple
CVE-2015-6995: OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks
vendor_apple·CVSS 6.8
CVE-2015-6995 [MEDIUM] CVE-2015-6995: OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks
Apple Security Update: About the security content of OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks
Product: OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks
CVE: CVE-2015-6995
Component: CVE-ID
Apple
CVE-2015-6995: iOS 9.1
vendor_apple·CVSS 6.8
CVE-2015-6995 [MEDIUM] CVE-2015-6995: iOS 9.1
Apple Security Update: About the security content of iOS 9.1
Product: iOS
Version: 9.1
CVE: CVE-2015-6995
Component: CVE-ID
No detection rules found.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Oct/msg00005.htmlhttp://www.securityfocus.com/bid/77263http://www.securitytracker.com/id/1033929https://support.apple.com/HT205370https://support.apple.com/HT205375http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Oct/msg00005.htmlhttp://www.securityfocus.com/bid/77263http://www.securitytracker.com/id/1033929https://support.apple.com/HT205370https://support.apple.com/HT205375
2015-10-23
Published