Vulnerabilities > CVE-2015-7081 - Unspecified vulnerability in Apple Iphone OS and mac OS X
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. <a href="https://cwe.mitre.org/data/definitions/611.html">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>
Vulnerable Configurations
Nessus
NASL family MacOS X Local Security Checks NASL id MACOSX_10_11_2.NASL description The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.2. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression - Configuration Profiles - CoreGraphics - CoreMedia Playback - Disk Images - EFI - File Bookmark - Hypervisor - iBooks - ImageIO - Intel Graphics Driver - IOAcceleratorFamily - IOHIDFamily - IOKit SCSI - IOThunderboltFamily - Kernel - kext tools - Keychain Access - libarchive - libc - libexpat - libxml2 - OpenGL - OpenLDAP - OpenSSH - QuickLook - Sandbox - Security - System Integrity Protection Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 87314 published 2015-12-10 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87314 title Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(87314); script_version("1.10"); script_cvs_date("Date: 2019/11/20"); script_cve_id( "CVE-2011-2895", "CVE-2012-0876", "CVE-2012-1147", "CVE-2012-1148", "CVE-2015-3807", "CVE-2015-5333", "CVE-2015-5334", "CVE-2015-6908", "CVE-2015-7001", "CVE-2015-7038", "CVE-2015-7039", "CVE-2015-7040", "CVE-2015-7041", "CVE-2015-7042", "CVE-2015-7043", "CVE-2015-7044", "CVE-2015-7045", "CVE-2015-7046", "CVE-2015-7047", "CVE-2015-7052", "CVE-2015-7053", "CVE-2015-7054", "CVE-2015-7058", "CVE-2015-7059", "CVE-2015-7060", "CVE-2015-7061", "CVE-2015-7062", "CVE-2015-7063", "CVE-2015-7064", "CVE-2015-7065", "CVE-2015-7066", "CVE-2015-7067", "CVE-2015-7068", "CVE-2015-7071", "CVE-2015-7073", "CVE-2015-7074", "CVE-2015-7075", "CVE-2015-7076", "CVE-2015-7077", "CVE-2015-7078", "CVE-2015-7081", "CVE-2015-7083", "CVE-2015-7084", "CVE-2015-7094", "CVE-2015-7105", "CVE-2015-7106", "CVE-2015-7107", "CVE-2015-7108", "CVE-2015-7109", "CVE-2015-7110", "CVE-2015-7111", "CVE-2015-7112", "CVE-2015-7115", "CVE-2015-7116", "CVE-2015-7803", "CVE-2015-7804" ); script_bugtraq_id( 49124, 52379, 76343, 76714, 76959, 77112, 78719, 78721, 78725, 78730, 78733, 78735 ); script_xref(name:"APPLE-SA", value:"APPLE-SA-2015-12-08-3"); script_xref(name:"EDB-ID", value:"38917"); script_name(english:"Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities"); script_summary(english:"Checks the version of Mac OS X."); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a Mac OS X update that fixes multiple security vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.2. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression - Configuration Profiles - CoreGraphics - CoreMedia Playback - Disk Images - EFI - File Bookmark - Hypervisor - iBooks - ImageIO - Intel Graphics Driver - IOAcceleratorFamily - IOHIDFamily - IOKit SCSI - IOThunderboltFamily - Kernel - kext tools - Keychain Access - libarchive - libc - libexpat - libxml2 - OpenGL - OpenLDAP - OpenSSH - QuickLook - Sandbox - Security - System Integrity Protection Note that successful exploitation of the most serious issues can result in arbitrary code execution."); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205579"); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205637"); script_set_attribute(attribute:"solution", value: "Upgrade to Mac OS X version 10.11.2 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-7071"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/08/11"); script_set_attribute(attribute:"patch_publication_date", value:"2015/12/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/10"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl"); script_require_ports("Host/MacOSX/Version", "Host/OS"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); os = get_kb_item("Host/MacOSX/Version"); if (!os) { os = get_kb_item_or_exit("Host/OS"); if ("Mac OS X" >!< os) audit(AUDIT_OS_NOT, "Mac OS X"); c = get_kb_item("Host/OS/Confidence"); if (c <= 70) exit(1, "Cannot determine the host's OS with sufficient confidence."); } if (!os) audit(AUDIT_OS_NOT, "Mac OS X"); match = eregmatch(pattern:"Mac OS X ([0-9]+(\.[0-9]+)+)", string:os); if (isnull(match)) exit(1, "Failed to parse the Mac OS X version ('" + os + "')."); version = match[1]; if ( version !~ "^10\.11([^0-9]|$)" ) audit(AUDIT_OS_NOT, "Mac OS X 10.11 or later", "Mac OS X "+version); fixed_version = "10.11.2"; if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1) { if (report_verbosity > 0) { report = '\n Installed version : ' + version + '\n Fixed version : ' + fixed_version + '\n'; security_hole(port:0, extra:report); } else security_hole(0); exit(0); } else exit(0, "The host is not affected since it is running Mac OS X "+version+".");
NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2015-008.NASL description The remote host is running a version of Mac OS X 10.9.5 or 10.10.5 that is missing Security Update 2015-005 or 2015-008. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression - Configuration Profiles - CoreGraphics - CoreMedia Playback - Disk Images - EFI - File Bookmark - Hypervisor - iBooks - ImageIO - Intel Graphics Driver - IOAcceleratorFamily - IOHIDFamily - IOKit SCSI - IOThunderboltFamily - Kernel - kext tools - Keychain Access - libarchive - libc - libexpat - libxml2 - OpenGL - OpenLDAP - OpenSSH - QuickLook - Sandbox - Security - System Integrity Protection Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 87321 published 2015-12-11 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87321 title Mac OS X Multiple Vulnerabilities (Security Updates 2015-005 / 2015-008)