CVE-2014-8611CVE-2014-8611

Affected configuration(s):

cpe:/o:apple:iphone_os:8.4.1
cpe:/o:apple:mac_os_x:10.10.5
cpe:/o:freebsd:freebsd:10.1

Date published: 2015-09-18T06:59:00.083-04:00

Date last modified: 2016-04-06T08:40:30.873-04:00

CVSS Score: 6.9

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html

Summary: The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.