CVE-2015-3774 in Mac OS Xinfo

Summary

The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

05/07/2015

Disclosure

08/16/2015

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-20 (Confirmed)

Exploit

Download

CVSS

5.6

EPSS

0.00088

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3774
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3774
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3774/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!