Tvos@4.4.2 Security Vulnerabilities and Issues — Tvos@4.4.2 CVE List

Lucene search

AppleTvos4.4.2

4 matches found

CVE•added 2013/01/29 5:58 a.m.•59 views

CVE-2013-0964

The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.

3.6CVSS5.4AI score0.00063EPSS

CVE•added 2013/03/20 2:55 p.m.•56 views

CVE-2013-0977

dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments.

4.6CVSS5.5AI score0.00059EPSS

CVE•added 2013/03/20 2:55 p.m.•55 views

CVE-2013-0981

The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code.

7.2CVSS5.7AI score0.00045EPSS

CVE•added 2013/03/20 2:55 p.m.•54 views

CVE-2013-0978

The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code.

2.1CVSS5.5AI score0.00061EPSS