APPLE-SA-2015-10-21-1

77268

1033929

https://support.apple.com/HT205370

The remote host is running a version of iOS that is prior to version 9.1 and the following components contain vulnerabilities :

 - Accelerate Framework (CVE-2015-5940)
 - Bom CVE-2015-7006)
 - CFNetwork (CVE-2015-7023)
 - configd (CVE-2015-7015)
 - CoreGraphics (CVE-2015-5925, CVE-2015-5926)
 - CoreText (CVE-2015-6975, CVE-2015-6992, CVE-2015-7017)
 - Disk Images (CVE-2015-6995)
 - FontParser (CVE-2015-5927, CVE-2015-5942, CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, CVE-2015-7018)
 - GasGauge (CVE-2015-6979)
 - Grand Central Dispatch (CVE-2015-6989)
 - Graphics Driver (CVE-2015-6986)
 - ImageIO (CVE-2015-5935, CVE-2015-5936, CVE-2015-5937, CVE-2015-5939)
 - IOAcceleratorFamily (CVE-2015-6996)
 - IOHIDFamily (CVE-2015-6974)
 - Kernel (CVE-2015-7004, CVE-2015-6988, CVE-2015-6994)
 - Notification Center (CVE-2015-7000)
 - OpenGL (CVE-2015-5924)
 - Security (CVE-2015-6983, CVE-2015-6999, CVE-2015-6997)
 - Telephony (CVE-2015-7022)
 - WebKit (CVE-2015-5928, CVE-2015-5929, CVE-2015-5930, CVE-2015-6981, CVE-2015-6982, CVE-2015-7002, CVE-2015-7005, CVE-2015-7012, CVE-2015-7014)

The mobile device is running a version of iOS prior to version 9.1. It is, therefore, affected by multiple vulnerabilities in the following components :

  - Accelerate Framework (CVE-2015-5940)

  - Bom CVE-2015-7006)

  - CFNetwork (CVE-2015-7023)

  - configd (CVE-2015-7015)

  - CoreGraphics (CVE-2015-5925, CVE-2015-5926)

  - CoreText (CVE-2015-6975, CVE-2015-6992, CVE-2015-7017)

  - Disk Images (CVE-2015-6995)

  - FontParser (CVE-2015-5927, CVE-2015-5942, CVE-2015-6976,     CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,     CVE-2015-6991, CVE-2015-6993, CVE-2015-7008,     CVE-2015-7009, CVE-2015-7010, CVE-2015-7018)

  - GasGauge (CVE-2015-6979)

  - Grand Central Dispatch (CVE-2015-6989)

  - Graphics Driver (CVE-2015-6986)

  - ImageIO (CVE-2015-5935, CVE-2015-5936, CVE-2015-5937,     CVE-2015-5939)

  - IOAcceleratorFamily (CVE-2015-6996)

  - IOHIDFamily (CVE-2015-6974)

  - Kernel (CVE-2015-7004, CVE-2015-6988, CVE-2015-6994)

  - Notification Center (CVE-2015-7000)

  - OpenGL (CVE-2015-5924)

  - Security (CVE-2015-6983, CVE-2015-6999, CVE-2015-6997)

  - Telephony (CVE-2015-7022)

  - WebKit (CVE-2015-5928, CVE-2015-5929, CVE-2015-5930,     CVE-2015-6981, CVE-2015-6982, CVE-2015-7002,     CVE-2015-7005, CVE-2015-7012, CVE-2015-7014)

ID	Name	Product	Family	Severity
9328	Apple iOS < 9.1 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
86571	Apple iOS < 9.1 Multiple Vulnerabilities	Nessus	Mobile Devices	critical

CVE-2015-7004

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins