CVE-2014-1320CVE-2014-1320

Affected configuration(s):

cpe:/a:apple:apple_tv:6.0
cpe:/a:apple:apple_tv:6.0.1
cpe:/a:apple:apple_tv:6.0.2
cpe:/a:apple:apple_tv:6.1
cpe:/o:apple:iphone_os:7.0
cpe:/o:apple:iphone_os:7.0.1
cpe:/o:apple:iphone_os:7.0.2
cpe:/o:apple:iphone_os:7.0.3
cpe:/o:apple:iphone_os:7.0.4
cpe:/o:apple:iphone_os:7.0.5
cpe:/o:apple:iphone_os:7.0.6
cpe:/o:apple:iphone_os:7.1
cpe:/o:apple:mac_os_x:10.9
cpe:/o:apple:mac_os_x:10.9.1
cpe:/o:apple:mac_os_x:10.9.2

Date published: 2014-04-23T07:52:59.447-04:00

Date last modified: 2014-04-24T09:56:26.283-04:00

CVSS Score: 4.9

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html

Summary: IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.