Uninitialized Memory Vulnerability in zlib Compression Component in Apple iOS, OS X, tvOS, and watchOS

Uninitialized Memory Vulnerability in zlib Compression Component in Apple iOS, OS X, tvOS, and watchOS

CVE-2015-7054 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site.

Learn more about our Cis Benchmark Audit For Apple Ios.