Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-4407
HistorySep 18, 2014 - 10:55 a.m.

CVE-2014-4407

2014-09-1810:55:09
CWE-200
[email protected]
web.nvd.nist.gov
27
iokit
apple
ios
apple tv
security
memory
information
vulnerability
cve-2014-4407

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

3.7 Low

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.3%

JSON

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.

Affected configurations

NVD
Node
appletvosRange6.2
OR
appletvosMatch6.0
OR
appletvosMatch6.0.1
OR
appletvosMatch6.0.2
OR
appletvosMatch6.1
OR
appletvosMatch6.1.1
OR
appletvosMatch6.1.2
Node
appleiphone_osRange7.1.2
OR
appleiphone_osMatch7.0
OR
appleiphone_osMatch7.0.1
OR
appleiphone_osMatch7.0.2
OR
appleiphone_osMatch7.0.3
OR
appleiphone_osMatch7.0.4
OR
appleiphone_osMatch7.0.5
OR
appleiphone_osMatch7.0.6
OR
appleiphone_osMatch7.1
OR
appleiphone_osMatch7.1.1
Node
applemac_os_xRange10.9.5

Related

nvd 1
prion 1
cvelist 1
securityvulns 6
nessus 2
openvas 1
nvd
nvd
CVE-2014-4407
2014-09-18 10:55:09
prion
prion
Information disclosure
2014-09-18 10:55:00
cvelist
cvelist
CVE-2014-4407
2014-09-18 10:00:00
securityvulns
securityvulns
Apple TV multiple security vulnerabilities
2014-09-21 00:00:00
APPLE-SA-2014-09-17-2 Apple TV 7
2014-09-21 00:00:00
APPLE-SA-2014-10-16-1 OS X Yosemite v10.10
2014-10-18 00:00:00
nessus
nessus
Apple TV < 7 Multiple Vulnerabilities
2014-09-24 00:00:00
Mac OS X < 10.10 Multiple Vulnerabilities (POODLE) (Shellshock)
2014-10-17 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT203112)
2022-09-02 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

3.7 Low

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.3%

JSON
Related for CVE-2014-4407
nvd1prion1cvelist1securityvulns6nessus2openvas1