CVE-2014-4380CVE-2014-4380

Affected configuration(s):

cpe:/a:apple:apple_tv:6.0
cpe:/a:apple:apple_tv:6.0.1
cpe:/a:apple:apple_tv:6.0.2
cpe:/a:apple:apple_tv:6.1
cpe:/a:apple:apple_tv:6.1.1
cpe:/a:apple:apple_tv:6.1.2
cpe:/a:apple:apple_tv:6.2
cpe:/o:apple:iphone_os:7.0
cpe:/o:apple:iphone_os:7.0.1
cpe:/o:apple:iphone_os:7.0.2
cpe:/o:apple:iphone_os:7.0.3
cpe:/o:apple:iphone_os:7.0.4
cpe:/o:apple:iphone_os:7.0.5
cpe:/o:apple:iphone_os:7.0.6
cpe:/o:apple:iphone_os:7.1
cpe:/o:apple:iphone_os:7.1.1
cpe:/o:apple:iphone_os:7.1.2
cpe:/o:apple:mac_os_x:10.0.2

Date published: 2014-09-18T06:55:09.517-04:00

Date last modified: 2017-08-28T21:34:58.937-04:00

CVSS Score: 9.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html

Summary: The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel’s context via a crafted application.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.