10 Déc 2015

CVE-2015-7075

Publié par . Publié dans Memory corruption

Vulnerability Details :

CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
Publish Date : 2015-12-11 Last Update Date : 2015-12-11

- CVSS Scores & Vulnerability Types

CVSS Score	6.8
Confidentiality Impact	Partial(There is considerable informational disclosure.)
Integrity Impact	Partial(Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact	Partial(There is reduced performance or interruptions in resource availability.)
Access Complexity	Medium(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication	Not required(Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Denial Of ServiceExecute CodeOverflowMemory corruption
CWE ID	119

- Products Affected By CVE-2015-7075

#	Product Type	Vendor	Product	Version
1	OS	Apple	Apple Tv	9.0	Version Details Vulnerabilities
2	OS	Apple	Iphone Os	9.1	Version Details Vulnerabilities
3	OS	Apple	Mac Os X	10.11.1	Version Details Vulnerabilities
4	OS	Apple	Watchos	2.0	Version Details Vulnerabilities