Vulnerabilities > CVE-2015-5839 - 7PK - Security Features vulnerability in Apple mac OS X and Watchos
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app that places a crafted signature in an executable file.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
| NASL family | MacOS X Local Security Checks |
| NASL id | MACOSX_10_11.NASL |
| description | The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components : - Address Book - AirScan - apache_mod_php - Apple Online Store Kit - AppleEvents - Audio - bash - Certificate Trust Policy - CFNetwork Cookies - CFNetwork FTPProtocol - CFNetwork HTTPProtocol - CFNetwork Proxies - CFNetwork SSL - CoreCrypto - CoreText - Dev Tools - Disk Images - dyld - EFI - Finder - Game Center - Heimdal - ICU - Install Framework Legacy - Intel Graphics Driver - IOAudioFamily - IOGraphics - IOHIDFamily - IOStorageFamily - Kernel - libc - libpthread - libxpc - Login Window - lukemftpd - Mail - Multipeer Connectivity - NetworkExtension - Notes - OpenSSH - OpenSSL - procmail - remote_cmds - removefile - Ruby - Safari - Safari Downloads - Safari Extensions - Safari Safe Browsing - Security - SMB - SQLite - Telephony - Terminal - tidy - Time Machine - WebKit - WebKit CSS - WebKit JavaScript Bindings - WebKit Page Loading - WebKit Plug-ins Note that successful exploitation of the most serious issues can result in arbitrary code execution. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 86270 |
| published | 2015-10-05 |
| reporter | This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/86270 |
| title | Mac OS X < 10.11 Multiple Vulnerabilities (GHOST) |
References
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html
- https://support.apple.com/HT205212
- https://support.apple.com/HT205267
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html
- https://support.apple.com/HT205213
- http://www.securityfocus.com/bid/76764
- http://www.securitytracker.com/id/1033609