CVE-2015-1095high
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device.
References
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html
http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html
http://www.securitytracker.com/id/1032048
https://support.apple.com/HT204659
Details
Source: MITRE
Published: 2015-04-10
Updated: 2019-03-08
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 7.2
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 3.9
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to 7.1 (inclusive)
Configuration 2
OR
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.10.2 (inclusive)
Configuration 3
OR
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 8.2 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 700510 | Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities | Nessus Network Monitor | Operating System Detection | critical |
| 8803 | Apple iOS < 8.3 Multiple Vulnerabilities | Nessus Network Monitor | Mobile Devices | high |
| 8802 | Apple TV < 7.2 Multiple Vulnerabilities | Nessus Network Monitor | Internet Services | high |
| 82712 | Apple TV < 7.2 Multiple Vulnerabilities | Nessus | Misc. | critical |
| 82703 | Apple iOS < 8.3 Multiple Vulnerabilities | Nessus | Mobile Devices | high |
| 82699 | Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK) | Nessus | MacOS X Local Security Checks | critical |
| 8672 | Mac OS X < 10.10.3 Multiple Vulnerabilities | Nessus Network Monitor | Operating System Detection | critical |