NVD

Id
23478  
Name
CVE-2015-1092  
Description
NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2015-04-10  
Modified Date
2017-01-02  
Seq
2015-1092  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
124358 23478 CVE-2015-1092 APPLE-SA-2015-04-08-3  View
124359 23478 CVE-2015-1092 APPLE-SA-2015-04-08-4  View
124360 23478 CVE-2015-1092 73983  View
124361 23478 CVE-2015-1092 1032050  View
124362 23478 CVE-2015-1092 https://support.apple.com/HT204661  View
124363 23478 CVE-2015-1092 https://support.apple.com/HT204662  View
124364 23478 CVE-2015-1092 https://support.apple.com/kb/HT204870  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
6820 JVNDB-2015-002140 Apple iOS および Apple TV の Foundation 内の NSXMLParser における任意のファイルを読まれる脆弱性 Apple iOS および Apple TV の Foundation 内の NSXMLParser は、任意のファイルを読まれる脆弱性が存在します。 CVE-2015-1092 78317 CVE-2015-1092 23478 5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002140.html 2015-04-08 2015-05-25 View