Vulnerabilities > Apple > MAC OS X > 10.9.5

DATE CVE VULNERABILITY TITLE RISK
2015-04-10 CVE-2015-1103 Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Tvos
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet.
network
low complexity
apple CWE-20
7.5
2015-04-10 CVE-2015-1102 Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Tvos
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors.
network
apple CWE-20
7.1
2015-04-10 CVE-2015-1101 Unspecified vulnerability in Apple Iphone OS, mac OS X and Tvos
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
apple
6.9
2015-04-10 CVE-2015-1100 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app.
local
apple CWE-119
5.4
2015-04-10 CVE-2015-1099 Race Condition vulnerability in Apple Iphone OS, mac OS X and Tvos
Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app.
local
high complexity
apple CWE-362
4.0
2015-04-10 CVE-2015-1098 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
network
apple CWE-119
6.8
2015-04-10 CVE-2015-1096 Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos
IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.
local
apple CWE-200
1.9
2015-04-10 CVE-2015-1095 Unspecified vulnerability in Apple Iphone OS, mac OS X and Tvos
IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device.
local
low complexity
apple
7.2
2015-04-10 CVE-2015-1093 Multiple Security vulnerability in Apple Iphone OS and mac OS X
FontParser in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
network
apple
6.8
2015-04-10 CVE-2015-1091 Information Exposure vulnerability in Apple Iphone OS and mac OS X
The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle request headers during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
network
apple CWE-200
4.3