CVE-2014-4455CVE-2014-4455

Affected configuration(s):

cpe:/a:apple:apple_tv:6.0
cpe:/a:apple:apple_tv:6.0.1
cpe:/a:apple:apple_tv:6.0.2
cpe:/a:apple:apple_tv:6.1
cpe:/a:apple:apple_tv:6.1.1
cpe:/a:apple:apple_tv:6.1.2
cpe:/a:apple:apple_tv:6.2
cpe:/a:apple:apple_tv:6.2.1
cpe:/a:apple:apple_tv:7.0
cpe:/a:apple:apple_tv:7.0.1
cpe:/a:apple:apple_tv:7.0.2
cpe:/o:apple:iphone_os:8.1.2

Date published: 2014-11-18T06:59:03.747-05:00

Date last modified: 2017-08-28T21:35:03.640-04:00

CVSS Score: 2.1

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html

Summary: dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.