CVE-2015-7760Sensitive Information Exposure in Apple MAC OS X

CWE-399CWE-200Sensitive Information Exposure4 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
0.7%
top 27.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple MAC OS X
Timeline
PublishedOct 9
Latest updateMay 17

Description

libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network connections, which allows remote attackers to cause a denial of service (resource consumption) by repeatedly connecting to the SSH port, a different vulnerability than CVE-2015-7761.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapple/mac_os_x10.10.5

🔴Vulnerability Details

2
GHSA
GHSA-7gjf-rgwx-5x5v: Mail in Apple OS X before 102022-05-17
GHSA
GHSA-xvmg-gg95-h6hm: libxpc in launchd in Apple OS X before 102022-05-17