Apple: >> Mac Os X >> 10.7.3 Security Vulnerabilities
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.
CVSS Score
6.8
EPSS Score
0.019
Published
2015-07-03
The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.
CVSS Score
6.8
EPSS Score
0.018
Published
2015-07-03
The Bluetooth HCI interface implementation in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS Score
9.3
EPSS Score
0.024
Published
2015-07-03
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3681.
CVSS Score
6.8
EPSS Score
0.02
Published
2015-07-03
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-3682.
CVSS Score
6.8
EPSS Score
0.02
Published
2015-07-03
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3682.
CVSS Score
6.8
EPSS Score
0.02
Published
2015-07-03
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3680, CVE-2015-3681, and CVE-2015-3682.
CVSS Score
6.8
EPSS Score
0.02
Published
2015-07-03
AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.
CVSS Score
7.2
EPSS Score
0.002
Published
2015-07-03
The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-07-03
The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL.
CVSS Score
5.0
EPSS Score
0.003
Published
2015-07-03