Lucene search

AppleCVE-2014-4369

HistorySep 18, 2014 - 10:55 a.m.

CVE-2014-4369

2014-09-1810:55:09

apple

web.nvd.nist.gov

apple

ios

apple tv

denial of service

vulnerability

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

5.8

Confidence

Low

EPSS

0.007

Percentile

80.9%

JSON

The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments.

Affected configurations

Nvd

Node

appletvosRange≤6.2

appletvosMatch6.0

appletvosMatch6.0.1

appletvosMatch6.0.2

appletvosMatch6.1

appletvosMatch6.1.1

appletvosMatch6.1.2

Node

appleiphone_osRange≤7.1.2

appleiphone_osMatch7.0

appleiphone_osMatch7.0.1

appleiphone_osMatch7.0.2

appleiphone_osMatch7.0.3

appleiphone_osMatch7.0.4

appleiphone_osMatch7.0.5

appleiphone_osMatch7.0.6

appleiphone_osMatch7.1

appleiphone_osMatch7.1.1

VendorProductVersionCPE
appletvos*cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
appletvos6.0cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*
appletvos6.0.1cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*
appletvos6.0.2cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*
appletvos6.1cpe:2.3:o:apple:tvos:6.1:*:*:*:*:*:*:*
appletvos6.1.1cpe:2.3:o:apple:tvos:6.1.1:*:*:*:*:*:*:*
appletvos6.1.2cpe:2.3:o:apple:tvos:6.1.2:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
appleiphone_os7.0cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*
appleiphone_os7.0.1cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	tvos	*	cpe:2.3:o:apple:tvos::::::::
apple	tvos	6.0	cpe:2.3:o:apple:tvos:6.0:::::::*
apple	tvos	6.0.1	cpe:2.3:o:apple:tvos:6.0.1:::::::*
apple	tvos	6.0.2	cpe:2.3:o:apple:tvos:6.0.2:::::::*
apple	tvos	6.1	cpe:2.3:o:apple:tvos:6.1:::::::*
apple	tvos	6.1.1	cpe:2.3:o:apple:tvos:6.1.1:::::::*
apple	tvos	6.1.2	cpe:2.3:o:apple:tvos:6.1.2:::::::*
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::
apple	iphone_os	7.0	cpe:2.3:o:apple:iphone_os:7.0:::::::*
apple	iphone_os	7.0.1	cpe:2.3:o:apple:iphone_os:7.0.1:::::::*

Rows per page:

1-10 of 171

References

archives.neohapsis.com/archives/bugtraq/2014-09/0106.html

archives.neohapsis.com/archives/bugtraq/2014-09/0107.html

support.apple.com/kb/HT6441

support.apple.com/kb/HT6442

www.securityfocus.com/bid/69882

www.securityfocus.com/bid/69929

www.securitytracker.com/id/1030866

exchange.xforce.ibmcloud.com/vulnerabilities/96106

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

5.8

Confidence

Low

EPSS

0.007

Percentile

80.9%

JSON

Related for CVE-2014-4369