Lucene search

PRIOn knowledge basePRION:CVE-2014-4420

HistorySep 18, 2014 - 10:55 a.m.

Design/Logic Flaw

2014-09-1810:55:00

PRIOn knowledge base

www.prio-n.com

4.9 Medium

AI Score

Confidence

Low

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

51.9%

JSON

The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421.

CPENameOperatorVersion
iphone_oseq7.0.4
iphone_oseq7.1.1
iphone_osle7.1.2
iphone_oseq7.0.5
iphone_oseq7.1
iphone_oseq7.0.6
iphone_oseq7.0.1
iphone_oseq7.0.2
iphone_oseq7.0
iphone_oseq7.0.3

Name	Operator	Version
iphone_os	eq	7.0.4
iphone_os	eq	7.1.1
iphone_os	le	7.1.2
iphone_os	eq	7.0.5
iphone_os	eq	7.1
iphone_os	eq	7.0.6
iphone_os	eq	7.0.1
iphone_os	eq	7.0.2
iphone_os	eq	7.0
iphone_os	eq	7.0.3

Rows per page:

1-10 of 181

References

archives.neohapsis.com/archives/bugtraq/2014-09/0106.html

archives.neohapsis.com/archives/bugtraq/2014-09/0107.html

archives.neohapsis.com/archives/bugtraq/2014-10/0101.html

lists.apple.com/archives/security-announce/2015/Jan/msg00003.html

support.apple.com/HT204244

support.apple.com/kb/HT6441

support.apple.com/kb/HT6442

www.securityfocus.com/bid/69882

www.securityfocus.com/bid/69927

www.securitytracker.com/id/1030866

exchange.xforce.ibmcloud.com/vulnerabilities/96102

support.apple.com/kb/HT6535

4.9 Medium

AI Score

Confidence

Low

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

51.9%

JSON

Related for PRION:CVE-2014-4420