CVE-2015-1092

Medium

5/10

Summary

NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Apr 10, 2015

CVE-2015-1092

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS