Unrated severityNVD Advisory· Published Oct 9, 2015· Updated May 6, 2026

CVE-2015-5872

Description

IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5873, and CVE-2015-5890.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory corruption vulnerability in IOGraphics on Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service.

Vulnerability

The vulnerability resides in the IOGraphics subsystem of Apple OS X before version 10.11 (El Capitan). It is a memory corruption issue reachable via unspecified vectors by a local user. This CVE is one of a set of related vulnerabilities (CVE-2015-5871, CVE-2015-5873, CVE-2015-5890) patched in the same update.

Exploitation

An attacker must have local access to the system to exploit this vulnerability. No user interaction or specific privileges beyond local user access are described; the vendor notes "unspecified vectors" in the advisory [1].

Impact

Successful exploitation could allow a local attacker to gain elevated privileges or cause a denial of service via memory corruption. The exact scope of privilege escalation or service disruption is not detailed in the available references [1].

Mitigation

Apple addressed this vulnerability with the release of OS X El Capitan v10.11. Users should update to OS X 10.11 or later via the Mac App Store. No workarounds were provided for earlier versions [1].

References

About the security content of OS X El Capitan v10.11 - Apple Support

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./Mac Os X
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Range: <=10.10.5
Apple Inc./OS Xllm-fuzzy
Range: <10.11

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2015/Sep/msg00008.htmlnvdVendor Advisory
www.securitytracker.com/id/1033703nvdThird Party AdvisoryVDB Entry
support.apple.com/HT205267nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000