Vulnerabilities > CVE-2015-7082 - Unspecified vulnerability in GIT Project GIT 2.5.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
Nessus
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_XCODE_7_2.NASL |
description | The version of Apple Xcode installed on the remote Mac OS X host is prior to 7.2. It is, therefore, affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to a flaw in the otools component that is triggered when handling Mach-O files. A remote attacker can exploit these vulnerabilities to execute arbitrary code. (CVE-2015-7049, CVE-2015-7057) - A flaw exists in the IDE SCM due to the .gitignore directive not being honored. An unauthenticated, remote attacker can exploit this to disclose sensitive information. (CVE-2015-7056) - A remote code execution vulnerability exists due to a flaw in git-remote-ext that is triggered when handling a specially crafted URL. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2015-7082) |
last seen | 2020-05-06 |
modified | 2016-01-05 |
plugin id | 87737 |
published | 2016-01-05 |
reporter | This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/87737 |
title | Apple Xcode < 7.2 Multiple Vulnerabilities (Mac OS X) |
code |
|