CVE-2015-1103

Loading...

General

Score:7.5/10.0
Severity:High
Category:Input Validation Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2015-1067, CVE-2015-1092, CVE-2015-1093, CVE-2015-1094, CVE-2015-1096, CVE-2015-1099, CVE-2015-1100, CVE-2015-1101, CVE-2015-1102, CVE-2015-1104, CVE-2015-1105, CVE-2015-1117

Published on 10/04/15 - Updated on 08/12/16

Description

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet.

Category: Input Validation Error

CWE-20 (Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Security Notices

US National Vulnerability DatabaseCVE-2015-1103
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2015-AVI-147
Renater 2015/VULN091

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
appleapple_tv
appleiphone_os
applemac_os_x

Share this vulnerability with:

Twitter Facebook LinkedIn Mail