Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Mac Os X  >> 10.7.3  Security Vulnerabilities
CVE-2015-1133
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135.
CVSS Score
7.2
EPSS Score
0.001
Published
2015-04-10
CVE-2015-1132
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.
CVSS Score
10.0
EPSS Score
0.011
Published
2015-04-10
CVE-2015-1130
Known exploited
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.224
Published
2015-04-10
CVE-2015-1131
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.
CVSS Score
7.2
EPSS Score
0.001
Published
2015-04-10
CVE-2015-1118
libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.
CVSS Score
5.0
EPSS Score
0.009
Published
2015-04-10
CVE-2015-1117
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app.
CVSS Score
6.9
EPSS Score
0.001
Published
2015-04-10
CVE-2015-1104
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet.
CVSS Score
5.0
EPSS Score
0.014
Published
2015-04-10
CVE-2015-1105
The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via crafted packets.
CVSS Score
5.0
EPSS Score
0.062
Published
2015-04-10
CVE-2015-1103
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet.
CVSS Score
7.5
EPSS Score
0.015
Published
2015-04-10
CVE-2015-1102
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors.
CVSS Score
7.1
EPSS Score
0.017
Published
2015-04-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved