CVE-2015-8659

CRITICAL

Details

Source: MITRE

Published: 2016-01-12

Updated: 2019-03-08

Type: CWE-119

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.11.3 (inclusive)

Configuration 2

OR

cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:* versions up to 1.5.0 (inclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 9.2.1 (inclusive)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to 9.1 (inclusive)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to 2.1 (inclusive)

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
95521GLSA-201612-06 : nghttp2: Heap-use-after-freeNessusGentoo Local Security Checks
critical
9336Apple TV < 9.2 Multiple VulnerabilitiesNessus Network MonitorInternet Services
critical
9327Mac OS X 10.11.x < 10.11.4 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
9331Apple iOS < 9.3 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
high
90309Apple TV < 9.2 Multiple VulnerabilitiesNessusMisc.
critical
90118Apple iOS < 9.3 Multiple VulnerabilitiesNessusMobile Devices
critical
90096Mac OS X 10.11.x < 10.11.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
89578Fedora 22 : nghttp2-1.6.0-1.fc22 (2016-8e13ac5754)NessusFedora Local Security Checks
critical
89545Fedora 23 : nghttp2-1.6.0-1.fc23 (2016-54f85ec6e8)NessusFedora Local Security Checks
critical
88501FreeBSD : nghttp2 -- use after free (93eadedb-c6a6-11e5-96d6-14dae9d210b8)NessusFreeBSD Local Security Checks
critical