Lucene search
AppleCVE-2014-1275HistoryMar 14, 2014 - 10:55 a.m.
CVE-2014-1275
2014-03-1410:55:06
CWE-119
apple
web.nvd.nist.gov
35
cve-2014-1275
buffer overflow
imageio
apple ios
apple tv
remote attackers
arbitrary code execution
denial of service
crafted data
jpeg2000
pdf document
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
High
EPSS
0.011
Percentile
84.2%
Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.
Affected configurations
Node
appleiphone_osRange≤7.0.6
ORappleiphone_osMatch7.0
ORappleiphone_osMatch7.0.1
ORappleiphone_osMatch7.0.2
ORappleiphone_osMatch7.0.3
ORappleiphone_osMatch7.0.4
ORappleiphone_osMatch7.0.5
Node
appletvosRange≤6.0.2
ORappletvosMatch6.0
ORappletvosMatch6.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | iphone_os | * | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
| apple | iphone_os | 7.0 | cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:* |
| apple | iphone_os | 7.0.1 | cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:* |
| apple | iphone_os | 7.0.2 | cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:* |
| apple | iphone_os | 7.0.3 | cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:* |
| apple | iphone_os | 7.0.4 | cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:* |
| apple | iphone_os | 7.0.5 | cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:* |
| apple | tvos | * | cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* |
| apple | tvos | 6.0 | cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:* |
| apple | tvos | 6.0.1 | cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2014-1275
2014-03-14 10:00:00
prion
prion
Buffer overflow
2014-03-14 10:55:00
nvd
nvd
CVE-2014-1275
2014-03-14 10:55:06
nessus
nessus
Apple TV < 6.1 Multiple Vulnerabilities
2014-03-12 00:00:00
securityvulns
securityvulns
APPLE-SA-2014-03-10-2 Apple TV 6.1
2014-03-13 00:00:00
Apple iOS multiple security vulnerabilities
2014-03-31 00:00:00
APPLE-SA-2014-03-10-1 iOS 7.1
2014-03-13 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
High
EPSS
0.011
Percentile
84.2%
Related for CVE-2014-1275