Apple macOS vulnerabilities

CVE-2015-5900 [HIGH] CWE-254 CVE-2015-5900: The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value, The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value, which allows attackers to cause a denial of service (boot failure) via a crafted app that writes to an unintended address.

CVE-2015-5877 [HIGH] CVE-2015-5877: The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5830.

CVE-2015-5891 [HIGH] CWE-119 CVE-2015-5891: The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privilege The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

CVE-2015-5888 [HIGH] CWE-264 CVE-2015-5888: The Install Framework Legacy component in Apple OS X before 10.11 allows local users to obtain root The Install Framework Legacy component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving a privileged executable file.

CVE-2015-5833 [HIGH] CWE-254 CVE-2015-5833: The Login Window component in Apple OS X before 10.11 does not ensure that the screen is locked at t The Login Window component in Apple OS X before 10.11 does not ensure that the screen is locked at the intended time, which allows physically proximate attackers to obtain access by visiting an unattended workstation.

CVE-2015-5836 [MEDIUM] CWE-200 CVE-2015-5836: Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain item ACLs, wh Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.

CVE-2015-5897 [MEDIUM] CWE-264 CVE-2015-5897: The Address Book framework in Apple OS X before 10.11 allows local users to gain privileges by using The Address Book framework in Apple OS X before 10.11 allows local users to gain privileges by using an environment variable to inject code into processes that rely on this framework.

CVE-2015-7760 [MEDIUM] CWE-399 CVE-2015-7760: libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network connections, which allows remote attackers to cause a denial of service (resource consumption) by repeatedly connecting to the SSH port, a different vulnerability than CVE-2015-7761.

CVE-2015-5865 [MEDIUM] CWE-200 CVE-2015-5865: IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensitive kernel memory-layout info IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

CVE-2015-5883 [MEDIUM] CWE-20 CVE-2015-5883: The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 1 The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 10.11 interpret directional override formatting characters differently, which allows remote attackers to spoof the content of a text document via a crafted character sequence.

CVE-2015-5894 [MEDIUM] CWE-17 CVE-2015-5894: The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kS The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate.

CVE-2015-5914 [MEDIUM] CVE-2015-5914: The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmwar The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete fix for CVE-2014-4498.

CVE-2015-5902 [MEDIUM] CVE-2015-5902: The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local users to cause a denial of service via unspecified vectors.

CVE-2015-7761 [MEDIUM] CVE-2015-7761: Mail in Apple OS X before 10.11 does not properly recognize user preferences, which allows attackers Mail in Apple OS X before 10.11 does not properly recognize user preferences, which allows attackers to obtain sensitive information via an unspecified action during the printing of an e-mail message, a different vulnerability than CVE-2015-7760.

CVE-2015-5915 [MEDIUM] CWE-17 CVE-2015-5915: Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors.

CVE-2015-5849 [MEDIUM] CWE-264 CVE-2015-5849: The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send e The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send events to a different user, which allows attackers to bypass intended access restrictions by leveraging a screen-sharing connection.

CVE-2015-5913 [MEDIUM] CWE-284 CVE-2015-5913: Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks again Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request.

CVE-2015-5878 [LOW] CWE-200 CVE-2015-5878: Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive infor Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive information via unspecified vectors.

CVE-2015-5870 [LOW] CWE-200 CVE-2015-5870: The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain sensit The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain sensitive memory-layout information via unspecified vectors.

CVE-2015-5853 [LOW] CWE-200 CVE-2015-5853: AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors.