Apple: >> Mac Os X >> 10.2.3 Security Vulnerabilities
Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.0
Published
2015-08-16
The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.
CVSS Score
4.8
EPSS Score
0.001
Published
2015-08-16
The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.022
Published
2015-08-16
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771.
CVSS Score
7.2
EPSS Score
0.001
Published
2015-08-16
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772.
CVSS Score
7.2
EPSS Score
0.001
Published
2015-08-16
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783.
CVSS Score
9.3
EPSS Score
0.011
Published
2015-08-16
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772.
CVSS Score
7.2
EPSS Score
0.001
Published
2015-08-16
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.
CVSS Score
9.3
EPSS Score
0.01
Published
2015-08-16
udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
CVSS Score
7.2
EPSS Score
0.001
Published
2015-08-16
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.
CVSS Score
4.3
EPSS Score
0.005
Published
2015-08-16