Apple macOS vulnerabilities

CVE-2015-1141 [MEDIUM] CVE-2015-1141: The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to caus The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors.

CVE-2015-1099 [MEDIUM] CWE-362 CVE-2015-1099: Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, App Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app.

CVE-2015-1148 [MEDIUM] CWE-200 CVE-2015-1148: Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might allow context-dependent attackers to obtain sensitive information by reading this file.

CVE-2015-1088 [MEDIUM] CWE-20 CVE-2015-1088: CFURL in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly validate URLs, which a CFURL in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly validate URLs, which allows remote attackers to execute arbitrary code via a crafted web site.

CVE-2015-1091 [MEDIUM] CWE-200 CVE-2015-1091: The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not prope The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle request headers during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

CVE-2015-1100 [MEDIUM] CWE-119 CVE-2015-1100: The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attack The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app.

CVE-2015-1118 [MEDIUM] CVE-2015-1118: libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attack libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.

CVE-2015-1104 [MEDIUM] CWE-20 CVE-2015-1104: The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not prop The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet.

CVE-2015-1139 [MEDIUM] CWE-20 CVE-2015-1139: ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a de ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file.

CVE-2015-1117 [MEDIUM] CWE-264 CVE-2015-1117: The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app.

CVE-2015-1136 [MEDIUM] CVE-2015-1136: Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers t Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex.

CVE-2015-1147 [MEDIUM] CWE-200 CVE-2015-1147: Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in cer Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network.

CVE-2015-1096 [LOW] CWE-200 CVE-2015-1096: IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attac IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

CVE-2015-1146 [LOW] CVE-2015-1146: The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145.

CVE-2015-1142 [LOW] CWE-20 CVE-2015-1142: LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data.

CVE-2015-1145 [LOW] CWE-310 CVE-2015-1145: The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146.

CVE-2015-1351 [HIGH] CWE-416 CVE-2015-1351: Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcac Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2015-2301 [HIGH] CWE-416 CVE-2015-2301: Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5. Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.

CVE-2015-2787 [HIGH] CVE-2015-2787: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.

CVE-2015-2348 [MEDIUM] CVE-2015-2348: The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability