Vulnerabilities > CVE-2015-7030 - Code vulnerability in Apple Xcode

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

apple

CWE-17

nessus

NVD

Published: 2015-10-23

Updated: 2016-12-24

Summary

The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors.

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Xcode - Apple Xcode 1.5.0 Apple Xcode 2.0.0 Apple Xcode 2.1.0 Apple Xcode 2.2.0 Apple Xcode 2.3.0 Apple Xcode 2.4.0 Apple Xcode 2.4.1 Apple Xcode 3.1 Apple Xcode 3.1.1 Apple Xcode 3.1.2 Apple Xcode 3.1.3 Apple Xcode 3.1.4 Apple Xcode 3.2.1 Apple Xcode 3.2.2 Apple Xcode 3.2.3 Apple Xcode 3.2.4 Apple Xcode 3.2.5 Apple Xcode 4.0 Apple Xcode 4.0.1 Apple Xcode 4.0.2 Apple Xcode 4.1 Apple Xcode 4.1.1 Apple Xcode 4.2 Apple Xcode 4.2.1 Apple Xcode 4.3 Apple Xcode 4.3.1 Apple Xcode 4.3.2 Apple Xcode 4.3.3 Apple Xcode 4.4 Apple Xcode 4.4.1 Apple Xcode 4.5 Apple Xcode 4.5.1 Apple Xcode 4.5.2 Apple Xcode 4.6 Apple Xcode 4.6.1 Apple Xcode 4.6.2 Apple Xcode 4.6.3 Apple Xcode 5.0 Apple Xcode 5.0.1 Apple Xcode 5.0.2 Apple Xcode 5.1 Apple Xcode 5.1.1 Apple Xcode 6.0 Apple Xcode 6.0.1 Apple Xcode 6.1 Apple Xcode 6.1.1 Apple Xcode 6.2 Apple Xcode 6.3 Apple Xcode 6.3.1 Apple Xcode 6.3.2 Apple Xcode 6.4 Apple Xcode 7.0	54

Common Weakness Enumeration (CWE)

CWE-17 - Code

Nessus

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_XCODE_7_1.NASL
description	The version of Apple Xcode installed on the remote Mac OS X host is prior to 7.1. It is, therefore, affected by a vulnerability in Swift-based programs due to unexpected values being returned for certain type conversions. An unauthenticated, remote attacker can exploit this, by manipulating return values, to circumvent controls in program logic.
last seen	2020-05-06
modified	2015-10-23
plugin id	86570
published	2015-10-23
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/86570
title	Apple Xcode < 7.1 (Mac OS X)
code	# # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(86570); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/05"); script_cve_id("CVE-2015-7030"); script_xref(name:"APPLE-SA", value:"APPLE-SA-2015-10-21-7"); script_name(english:"Apple Xcode < 7.1 (Mac OS X)"); script_set_attribute(attribute:"synopsis", value: "The remote Mac OS X host has an application installed that is affected by a vulnerability due to unexpected type conversions."); script_set_attribute(attribute:"description", value: "The version of Apple Xcode installed on the remote Mac OS X host is prior to 7.1. It is, therefore, affected by a vulnerability in Swift-based programs due to unexpected values being returned for certain type conversions. An unauthenticated, remote attacker can exploit this, by manipulating return values, to circumvent controls in program logic."); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205379"); # https://lists.apple.com/archives/security-announce/2015/Oct/msg00008.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5dcab90b"); script_set_attribute(attribute:"solution", value: "Upgrade to Apple Xcode version 7.1, which is available for OS X version 10.10.5 (Yosemite) or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-7030"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/10/21"); script_set_attribute(attribute:"patch_publication_date", value:"2015/10/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/10/23"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:xcode"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("macosx_xcode_installed.nasl"); script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "installed_sw/Apple Xcode"); exit(0); } include('vcf.inc'); get_kb_item_or_exit('Host/local_checks_enabled'); os = get_kb_item('Host/MacOSX/Version'); if (empty_or_null(os)) audit(AUDIT_OS_NOT, 'macOS or Mac OS X'); app_info = vcf::get_app_info(app:'Apple Xcode'); vcf::check_granularity(app_info:app_info, sig_segments:2); constraints = [ { 'fixed_version' : '7.1' } ]; vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References