Lucene search
AppleCVELIST:CVE-2014-4491HistoryJan 30, 2015 - 11:00 a.m.
CVE-2014-4491
2015-01-3011:00:00
apple
www.cve.org
The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app.
References
lists.apple.com/archives/security-announce/2015/Jan/msg00000.html
lists.apple.com/archives/security-announce/2015/Jan/msg00001.html
lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
support.apple.com/HT204244
support.apple.com/HT204245
support.apple.com/HT204246
www.securitytracker.com/id/1031650
Related
nvd
nvd
CVE-2014-4491
2015-01-30 11:59:20
cve
cve
CVE-2014-4491
2015-01-30 11:59:20
prion
prion
Design/Logic Flaw
2015-01-30 11:59:00
nessus
nessus
Apple TV < 7.0.3 Multiple Vulnerabilities
2015-03-04 00:00:00
Apple iOS < 8.1.3 Multiple Vulnerabilities
2015-03-04 00:00:00
Apple TV < 7.0.3 Multiple Vulnerabilities
2015-02-03 00:00:00
securityvulns
securityvulns
Apple TV multiple security vulnerabilities
2015-02-02 00:00:00
APPLE-SA-2015-01-27-1 Apple TV 7.0.3
2015-02-02 00:00:00
APPLE-SA-2015-01-27-2 iOS 8.1.3
2015-02-02 00:00:00