Lucene search

[email protected]CVE-2014-4378

HistorySep 18, 2014 - 10:55 a.m.

CVE-2014-4378

2014-09-1810:55:09

CWE-119

[email protected]

web.nvd.nist.gov

coregraphics

apple

ios

apple tv

cve-2014-4378

security vulnerability

pdf

remote attack

sensitive information

denial of service

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

AI Score

5.8

Confidence

Low

EPSS

0.013

Percentile

85.9%

JSON

CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document.

Affected configurations

NVD

Node

appletvosRange≤6.2

appletvosMatch6.0

appletvosMatch6.0.1

appletvosMatch6.0.2

appletvosMatch6.1

appletvosMatch6.1.1

appletvosMatch6.1.2

Node

appleiphone_osRange≤7.1.2

appleiphone_osMatch7.0

appleiphone_osMatch7.0.1

appleiphone_osMatch7.0.2

appleiphone_osMatch7.0.3

appleiphone_osMatch7.0.4

appleiphone_osMatch7.0.5

appleiphone_osMatch7.0.6

appleiphone_osMatch7.1

appleiphone_osMatch7.1.1

Node

applemac_os_xRange≤10.9.4

VendorProductVersionCPE
appletvos6.0.1cpe:/o:apple:tvos:6.0.1:::
appletvos6.1.1cpe:/o:apple:tvos:6.1.1:::
appletvos6.0cpe:/o:apple:tvos:6.0:::
appletvos6.1cpe:/o:apple:tvos:6.1:::
appletvos6.0.2cpe:/o:apple:tvos:6.0.2:::
appletvos6.1.2cpe:/o:apple:tvos:6.1.2:::
appletvoscpe:/o:apple:tvos::::

Vendor	Product	Version	CPE
apple	tvos	6.0.1	cpe:/o:apple:tvos:6.0.1:::
apple	tvos	6.1.1	cpe:/o:apple:tvos:6.1.1:::
apple	tvos	6.0	cpe:/o:apple:tvos:6.0:::
apple	tvos	6.1	cpe:/o:apple:tvos:6.1:::
apple	tvos	6.0.2	cpe:/o:apple:tvos:6.0.2:::
apple	tvos	6.1.2	cpe:/o:apple:tvos:6.1.2:::
apple	tvos		cpe:/o:apple:tvos::::