Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2015-07-03 CVE-2015-3708 Multiple Security vulnerability in Apple Mac OS X Prior to 10.10.4
kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack.
network
apple
8.8
2015-07-03 CVE-2015-3707 Multiple Security vulnerability in Apple Mac OS X Prior to 10.10.4
The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
network
apple
critical
9.3
2015-07-03 CVE-2015-3706 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705.
network
apple CWE-119
critical
9.3
2015-07-03 CVE-2015-3705 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3706.
network
apple CWE-119
critical
9.3
2015-07-03 CVE-2015-3704 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10.4 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
network
apple CWE-264
critical
9.3
2015-07-03 CVE-2015-3703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3702 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3701.
local
low complexity
apple CWE-119
7.2
2015-07-03 CVE-2015-3701 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3702.
local
low complexity
apple CWE-119
7.2
2015-07-03 CVE-2015-3700 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3701, and CVE-2015-3702.
local
low complexity
apple CWE-119
7.2
2015-07-03 CVE-2015-3699 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.
local
low complexity
apple CWE-119
7.2