Computer Security
[EN] securityvulns.ru no-pyccku


Apple Keynote, Pages, Numbers, iWork multiple security vulnerabilities
Published:25.10.2015
Source:
SecurityVulns ID:14739
Type:client
Threat Level:
5/10
Description:Restrictions bypass, memory corruptions.
Affected:APPLE : Apple Pages 5.5
 APPLE : Apple Keynote 6.5
 APPLE : iWork 2.5
 APPLE : Apple Numbers 3.5
CVE:CVE-2015-7034 (The Apple iWork application before 2.6 for iOS and Apple Pages before 5.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Pages document.)
 CVE-2015-7033 (The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted document.)
 CVE-2015-7032 (The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to obtain sensitive information via a crafted document.)
 CVE-2015-3784 (Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.)
Original documentdocumentAPPLE, APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 (25.10.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod