Apple iOS vulnerabilities

CVE-2015-5851 [LOW] CWE-200 CVE-2015-5851: The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not r The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an encrypted-to-unencrypted downgrade attack.

CVE-2015-5892 [LOW] CWE-200 CVE-2015-5892: Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client-side p Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client-side protection mechanism and obtain sensitive content-notification information by listening to a device in the lock-screen state.

CVE-2015-5898 [LOW] CWE-200 CVE-2015-5898: CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.

CVE-2015-5757 [CRITICAL] CWE-119 CVE-2015-5757: libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary c libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.

CVE-2015-3795 [CRITICAL] CWE-119 CVE-2015-3795: libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.

CVE-2015-3802 [HIGH] CWE-20 CVE-2015-3802: Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805.

CVE-2015-5774 [HIGH] CWE-119 CVE-2015-5774: Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.

CVE-2015-5776 [HIGH] CWE-119 CVE-2015-5776: Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitra Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.

CVE-2015-5775 [HIGH] CVE-2015-5775: FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbi FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.

CVE-2015-3797 [HIGH] CVE-2015-3797: The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent a The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3798.

CVE-2015-3804 [HIGH] CWE-119 CVE-2015-3804: FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbi FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.

CVE-2015-5769 [HIGH] CVE-2015-5769: The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (dev The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.

CVE-2015-3803 [HIGH] CWE-20 CVE-2015-3803: Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file.

CVE-2015-3805 [HIGH] CVE-2015-3805: Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.

CVE-2015-3796 [HIGH] CWE-119 CVE-2015-3796: The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent a The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798.

CVE-2015-3800 [HIGH] CWE-119 CVE-2015-3800: The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gai The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.

CVE-2015-3798 [HIGH] CVE-2015-3798: The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent a The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797.

CVE-2015-3806 [HIGH] CWE-284 CVE-2015-3806: Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.

CVE-2015-5746 [MEDIUM] CWE-284 CVE-2015-5746: AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on files AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.

CVE-2015-5778 [MEDIUM] CVE-2015-5778: CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to exec CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777.