XML External Entity (XXE) vulnerability in NSXMLParser in Apple iOS before 8.3 and Apple TV before 7.2 allows remote file read access

XML External Entity (XXE) vulnerability in NSXMLParser in Apple iOS before 8.3 and Apple TV before 7.2 allows remote file read access

CVE-2015-1092 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Learn more about our Cis Benchmark Audit For Apple Ios.