Computer Security
[EN] securityvulns.ru no-pyccku


CVECVE-2015-3784
StatusCandidate
DescriptionOffice Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Severity
Medium
CVSS score5
CVSS vector(AV:N/AC:L/Au:N/C:P/I:N/A:N)
PhaseAssigned (07.05.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3784
ReferencesAPPLE : APPLE-SA-2015-08-13-2
 APPLE : APPLE-SA-2015-08-13-3
 APPLE : APPLE-SA-2015-10-15-1
 CONFIRM : https://support.apple.com/HT205373
 CONFIRM : https://support.apple.com/kb/HT205030
 CONFIRM : https://support.apple.com/kb/HT205031
SecurityVulns:Apple Mac OS X / OS X Server multiple security vulnerabilities
 Apple iOS multiple security vulnerabilities
 Apple Keynote, Pages, Numbers, iWork multiple security vulnerabilities
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod