Lucene search

[email protected]CVE-2014-4420

HistorySep 18, 2014 - 10:55 a.m.

CVE-2014-4420

2014-09-1810:55:10

[email protected]

web.nvd.nist.gov

cve-2014-4420

apple

ios

apple tv

memory

information security

vulnerability

nvd

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

3.6 Low

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.1%

JSON

The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421.

Affected configurations

NVD

Node

appletvosRange≤6.2

appletvosMatch6.0

appletvosMatch6.0.1

appletvosMatch6.0.2

appletvosMatch6.1

appletvosMatch6.1.1

appletvosMatch6.1.2

Node

appleiphone_osRange≤7.1.2

appleiphone_osMatch7.0

appleiphone_osMatch7.0.1

appleiphone_osMatch7.0.2

appleiphone_osMatch7.0.3

appleiphone_osMatch7.0.4

appleiphone_osMatch7.0.5

appleiphone_osMatch7.0.6

appleiphone_osMatch7.1

appleiphone_osMatch7.1.1

Node

applemac_os_xRange≤10.10.1

CPENameOperatorVersion
apple:tvosapple tvosle6.2
apple:tvosapple tvoseq6.0
apple:tvosapple tvoseq6.0.1
apple:tvosapple tvoseq6.0.2
apple:tvosapple tvoseq6.1
apple:tvosapple tvoseq6.1.1
apple:tvosapple tvoseq6.1.2

CPE	Name	Operator	Version
apple:tvos	apple tvos	le	6.2
apple:tvos	apple tvos	eq	6.0
apple:tvos	apple tvos	eq	6.0.1
apple:tvos	apple tvos	eq	6.0.2
apple:tvos	apple tvos	eq	6.1
apple:tvos	apple tvos	eq	6.1.1
apple:tvos	apple tvos	eq	6.1.2