CVE-2015-7007

Published: Oct 23, 2015Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Script Editor in Apple OS X before 10.11.1 allows remote attackers to bypass an intended user-confirmation requirement for AppleScript execution via unspecified vectors.

Affected (1)

Products: Apple: Mac Os X

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Up to 10.11.0

References (10)

http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html

Source: product-security@apple.com

Vendor Advisory

http://packetstormsecurity.com/files/134072/Safari-User-Assisted-Applescript-Exec-Attack.html

Source: product-security@apple.com

http://www.rapid7.com/db/modules/exploit/osx/browser/safari_user_assisted_applescript_exec

Source: product-security@apple.com

https://support.apple.com/HT205375

Source: product-security@apple.com

Vendor Advisory

https://www.exploit-db.com/exploits/38535/

Source: product-security@apple.com

http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://packetstormsecurity.com/files/134072/Safari-User-Assisted-Applescript-Exec-Attack.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.rapid7.com/db/modules/exploit/osx/browser/safari_user_assisted_applescript_exec

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/HT205375

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.exploit-db.com/exploits/38535/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.