CERTFR-2015-AVI-139
Vulnerability from certfr_avis - Published: 2015-04-09 - Updated: 2015-04-09
De multiples vulnérabilités ont été corrigées dans Apple Macintosh OS X. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.g
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Apple Macintosh OS X
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eApple Macintosh OS X\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3479"
},
{
"name": "CVE-2015-1134",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1134"
},
{
"name": "CVE-2015-1098",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1098"
},
{
"name": "CVE-2014-0238",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0238"
},
{
"name": "CVE-2015-1132",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1132"
},
{
"name": "CVE-2014-0207",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0207"
},
{
"name": "CVE-2015-1545",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1545"
},
{
"name": "CVE-2014-0118",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0118"
},
{
"name": "CVE-2014-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3571"
},
{
"name": "CVE-2015-1117",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1117"
},
{
"name": "CVE-2015-1131",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1131"
},
{
"name": "CVE-2014-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3669"
},
{
"name": "CVE-2015-1136",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1136"
},
{
"name": "CVE-2015-1144",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1144"
},
{
"name": "CVE-2015-1104",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1104"
},
{
"name": "CVE-2015-1105",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1105"
},
{
"name": "CVE-2014-4380",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4380"
},
{
"name": "CVE-2014-5120",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-5120"
},
{
"name": "CVE-2015-1146",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1146"
},
{
"name": "CVE-2014-3538",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3538"
},
{
"name": "CVE-2015-1093",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1093"
},
{
"name": "CVE-2015-1141",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1141"
},
{
"name": "CVE-2014-0237",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0237"
},
{
"name": "CVE-2014-0117",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0117"
},
{
"name": "CVE-2014-4405",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4405"
},
{
"name": "CVE-2015-1102",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1102"
},
{
"name": "CVE-2014-0098",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0098"
},
{
"name": "CVE-2015-1137",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1137"
},
{
"name": "CVE-2014-2497",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2497"
},
{
"name": "CVE-2015-1091",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1091"
},
{
"name": "CVE-2015-1100",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1100"
},
{
"name": "CVE-2015-1133",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1133"
},
{
"name": "CVE-2014-4404",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4404"
},
{
"name": "CVE-2014-3710",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3710"
},
{
"name": "CVE-2015-1088",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1088"
},
{
"name": "CVE-2013-5704",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5704"
},
{
"name": "CVE-2014-0231",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0231"
},
{
"name": "CVE-2014-4670",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4670"
},
{
"name": "CVE-2015-1099",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1099"
},
{
"name": "CVE-2015-1138",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1138"
},
{
"name": "CVE-2014-8830",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8830"
},
{
"name": "CVE-2015-1145",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1145"
},
{
"name": "CVE-2015-0204",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0204"
},
{
"name": "CVE-2014-3480",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3480"
},
{
"name": "CVE-2014-3478",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3478"
},
{
"name": "CVE-2015-1101",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1101"
},
{
"name": "CVE-2015-1140",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1140"
},
{
"name": "CVE-2015-1089",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1089"
},
{
"name": "CVE-2014-8275",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8275"
},
{
"name": "CVE-2015-1546",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1546"
},
{
"name": "CVE-2014-4698",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4698"
},
{
"name": "CVE-2014-3668",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3668"
},
{
"name": "CVE-2015-1143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1143"
},
{
"name": "CVE-2015-1130",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1130"
},
{
"name": "CVE-2013-6438",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6438"
},
{
"name": "CVE-2014-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3572"
},
{
"name": "CVE-2014-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3569"
},
{
"name": "CVE-2014-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3670"
},
{
"name": "CVE-2014-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3587"
},
{
"name": "CVE-2015-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1135"
},
{
"name": "CVE-2014-3487",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3487"
},
{
"name": "CVE-2014-4049",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4049"
},
{
"name": "CVE-2014-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3597"
},
{
"name": "CVE-2014-3523",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3523"
}
],
"initial_release_date": "2015-04-09T00:00:00",
"last_revision_date": "2015-04-09T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple APPLE-SA-2015-04-08-2 du 09 avril 2015",
"url": "https://support.apple.com/en-us/HT204659"
}
],
"reference": "CERTFR-2015-AVI-139",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-04-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple Macintosh OS X\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.g\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Macintosh OS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple APPLE-SA-2015-04-08-2 du 09 avril 2015",
"url": null
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…