CVE-2015-1138 : Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of

Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors.

Published 2015-04-10 14:59:50

Updated 2015-09-17 17:47:16

Source Apple Inc.

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2015-1138

Apple » Mac Os X
Versions up to, including, (<=) 10.10.2
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.15%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 33 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.9	MEDIUM	AV:L/AC:L/Au:N/C:N/I:N/A:C	3.9	6.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

http://www.securitytracker.com/id/1032048

Apple OS X Multiple Bugs Let Remote and Local Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, and Deny Service - SecurityTracker

CVEs referencing this url
http://www.securityfocus.com/bid/73982

Apple Mac OS X Prior to 10.10.3 Multiple Security Vulnerabilities
Exploit

CVEs referencing this url
https://support.apple.com/HT204659

About the security content of OS X Yosemite v10.10.3 and Security Update 2015-004 - Apple Support
Vendor Advisory

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

Apple - Lists.apple.com
Vendor Advisory

CVEs referencing this url

Jump to