APPLE-SA-2015-09-16-1

76764

1033609

https://support.apple.com/HT205212

The remote host is running a version of iOS that is prior to version 9.0 and the following components contain vulnerabilities :

 - Apple Pay 
 - AppleKeyStore 
 - Application Store 
 - Audio 
 - Certificate Trust Policy 
 - CFNetwork 
 - CFNetwork Cookies 
 - CFNetwork FTPProtocol 
 - CFNetwork Proxies 
 - CFNetwork SSL 
 - CoreAnimation 
 - CoreCrypto 
 - CoreText 
 - Data Detectors Engine 
 - Dev Tools 
 - Disk Images 
 - dyld 
 - Game Center 
 - ICU 
 - IOAcceleratorFamily 
 - IOHIDFamily 
 - IOKit 
 - IOMobileFrameBuffer 
 - IOStorageFamily 
 - iTunes Store 
 - JavaScriptCore 
 - Kernel 
 - libc 
 - libpthread 
 - Mail 
 - Multipeer Connectivity 
 - NetworkExtension 
 - OpenSSL 
 - PluginKit 
 - removefile 
 - Safari 
 - Safari Safe Browsing 
 - Security 
 - Siri 
 - SpringBoard 
 - SQLite 
 - tidy 
 - WebKit 
 - WebKit Canvas 
 - WebKit Page Loading

The mobile device is running a version of iOS prior to version 9.0. It is, therefore, affected by vulnerabilities in the following components :

  - Apple Pay
  - AppleKeyStore
  - Application Store
  - Audio
  - Certificate Trust Policy
  - CFNetwork
  - CFNetwork Cookies
  - CFNetwork FTPProtocol
  - CFNetwork Proxies
  - CFNetwork SSL
  - CommonCrypto 
  - CoreAnimation
  - CoreCrypto
  - CoreText
  - Data Detectors Engine
  - Dev Tools
  - Disk Images
  - dyld
  - Game Center
  - ICU
  - IOAcceleratorFamily
  - IOHIDFamily
  - IOKit
  - IOMobileFrameBuffer
  - IOStorageFamily
  - iTunes Store
  - JavaScriptCore
  - Kernel
  - libc
  - libpthread
  - Mail
  - Multipeer Connectivity
  - NetworkExtension
  - OpenSSL
  - PluginKit
  - removefile
  - Safari
  - Safari Safe Browsing
  - Security
  - Siri
  - SpringBoard
  - SQLite
  - tidy
  - WebKit
  - WebKit Canvas
  - WebKit Page Loading

ID	Name	Product	Family	Severity
8979	Apple iOS < 9.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
85987	Apple iOS < 9.0 Multiple Vulnerabilities	Nessus	Mobile Devices	critical

CVE-2015-5857

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins