Lucene search
HistoryJul 01, 2014 - 10:17 a.m.
CVE-2014-1355
cve-2014-1355
iokit
kernel
apple ios
apple tv
ioreporting
apple os x
denial of service
null pointer dereference
nvd
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The IOKit implementation in the kernel in Apple iOS before 7.1.2 and Apple TV before 6.1.2, and in IOReporting in Apple OS X before 10.9.4, allows local users to cause a denial of service (NULL pointer dereference and reboot) via crafted API arguments.
Affected configurations
Node
appletvosRange≤6.1.1
ORappletvosMatch6.0
ORappletvosMatch6.0.1
ORappletvosMatch6.0.2
ORappletvosMatch6.1
Node
applemac_os_xMatch10.9
ORapplemac_os_xMatch10.9.1
ORapplemac_os_xMatch10.9.2
ORapplemac_os_xMatch10.9.3
Node
appleiphone_osRange≤7.1.1
ORappleiphone_osMatch7.0
ORappleiphone_osMatch7.0.1
ORappleiphone_osMatch7.0.2
ORappleiphone_osMatch7.0.3
ORappleiphone_osMatch7.0.4
ORappleiphone_osMatch7.0.5
ORappleiphone_osMatch7.0.6
ORappleiphone_osMatch7.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:tvos | apple tvos | le | 6.1.1 |
| apple:tvos | apple tvos | eq | 6.0 |
| apple:tvos | apple tvos | eq | 6.0.1 |
| apple:tvos | apple tvos | eq | 6.0.2 |
| apple:tvos | apple tvos | eq | 6.1 |
Related
prion
prion
Null pointer dereference
2014-07-01 10:17:00
cvelist
cvelist
CVE-2014-1355
2014-07-01 10:00:00
nvd
nvd
CVE-2014-1355
2014-07-01 10:17:26
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities -01 (Sep 2014)
2014-09-19 00:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2014-08-04 00:00:00
APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003
2014-08-04 00:00:00
APPLE-SA-2014-06-30-4 Apple TV 6.1.2
2014-08-04 00:00:00
nessus
nessus
Mac OS X 10.9.x < 10.9.4 Multiple Vulnerabilities
2014-07-01 00:00:00
Apple TV < 6.1.2 Multiple Vulnerabilities
2014-07-06 00:00:00
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-1355