Published: 17/08/2015 Updated: 24/12/2016

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Libinfo in Apple iOS prior to 8.4.1 and OS X prior to 10.10.5 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone os
apple mac os x

Apple TV can p0wn you in more ways than it entertains you

The Register • Darren Pauli • 26 Feb 2016

Thirty-three fixes flung at Cupertino's telly-enhancer

Apple has patched 33 problems, collectively named in 58 CVEs, in its latest TV-enhancing computer-puck, of which 10 enable arbitrary code execution, six with system privileges. 32 of the flaws hit third-generation Apple TV devices and just one its newer, fatter, fourth-gen beast. The good news is that the changes will automagically appear for those users with automatic updates turned on. The rest are susceptible to nasties like a memory corruption flaw (CVE-2015-5776) that allows remote attacker...

CVE-2015-5776

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect