CVE-2015-1092

Name of the Vulnerable Software and Affected Versions Foundation in Apple iOS versions prior to 8.3 Foundation in Apple TV versions prior to 7.2

Description The issue allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. This occurs due to a problem with NSXMLParser in Foundation.

Recommendations For Foundation in Apple iOS versions prior to 8.3, update to version 8.3 or later. For Foundation in Apple TV versions prior to 7.2, update to version 7.2 or later.