CVE-2014-4461 (GCVE-0-2014-4461)
Vulnerability from cvelistv5 – Published: 2014-11-18 11:00 – Updated: 2024-08-06 11:20
VLAI
EPSS
VEX
Summary
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://support.apple.com/en-us/HT6590 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/71136 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1031231 | vdb-entryx_refsource_SECTRACK |
| http://support.apple.com/HT204244 | x_refsource_CONFIRM |
| https://support.apple.com/en-us/HT204420 | x_refsource_CONFIRM |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| https://support.apple.com/en-us/HT204418 | x_refsource_CONFIRM |
| https://support.apple.com/en-us/HT6592 | x_refsource_CONFIRM |
Date Public
2014-11-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:20:25.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2014-11-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html"
},
{
"name": "APPLE-SA-2014-11-17-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html"
},
{
"name": "appletv-cve20144461-code-exec(98774)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98774"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT6590"
},
{
"name": "71136",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71136"
},
{
"name": "1031231",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031231"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/HT204244"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT204420"
},
{
"name": "APPLE-SA-2015-01-27-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT204418"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT6592"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "APPLE-SA-2014-11-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html"
},
{
"name": "APPLE-SA-2014-11-17-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html"
},
{
"name": "appletv-cve20144461-code-exec(98774)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98774"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/en-us/HT6590"
},
{
"name": "71136",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71136"
},
{
"name": "1031231",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031231"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/HT204244"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/en-us/HT204420"
},
{
"name": "APPLE-SA-2015-01-27-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/en-us/HT204418"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/en-us/HT6592"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-4461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2014-11-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html"
},
{
"name": "APPLE-SA-2014-11-17-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html"
},
{
"name": "appletv-cve20144461-code-exec(98774)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98774"
},
{
"name": "https://support.apple.com/en-us/HT6590",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT6590"
},
{
"name": "71136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71136"
},
{
"name": "1031231",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031231"
},
{
"name": "http://support.apple.com/HT204244",
"refsource": "CONFIRM",
"url": "http://support.apple.com/HT204244"
},
{
"name": "https://support.apple.com/en-us/HT204420",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT204420"
},
{
"name": "APPLE-SA-2015-01-27-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"name": "https://support.apple.com/en-us/HT204418",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT204418"
},
{
"name": "https://support.apple.com/en-us/HT6592",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT6592"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2014-4461",
"datePublished": "2014-11-18T11:00:00.000Z",
"dateReserved": "2014-06-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:20:25.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2014-4461",
"date": "2026-07-11",
"epss": "0.03404",
"percentile": "0.87455"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.1\", \"matchCriteriaId\": \"1DFACE2F-616F-4F5E-A973-4C41440539FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7350A49-6D6B-4E03-933E-52453FE33E00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:8.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C067D7E6-41CD-4859-A214-80F4C8E88567\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:8.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"245A0B42-AA79-4B33-AAEE-E414B6B1EAC7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.10.1\", \"matchCriteriaId\": \"24C6A01A-6308-4C69-B4D5-5BC10277E2E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3D30B4B-DA63-40B0-B0C9-F3992CF25706\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06A4AE53-A477-4386-887C-4B7408575C23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8A2286E-9D1C-4B56-8B40-150201B818AF\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.0.1\", \"matchCriteriaId\": \"1C32F3FB-EBDF-4A80-B7D9-42EDEF5DC6F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5365205F-B91D-4123-8CFD-EA42E0DEA944\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8C7F676-5ACC-4330-9591-465CA8AF77AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5314D7F-8352-41F5-A155-5E5392C58ABF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36567F18-DE70-4189-A52E-A0376C779B7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:6.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EA1745A-E240-462A-BDA9-200DB6AC112F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:6.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC814F33-E1D4-4910-BD1C-2C002D734415\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CBE682D-CC59-463E-B122-1BDEC8989AD3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:6.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"874EF671-49AA-4F0A-B656-60E66DFBB70B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEE6A417-B836-4A74-AF3B-990B61D6EFC1\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.\"}, {\"lang\": \"es\", \"value\": \"El kernel en Apple iOS anterior a 8.1.1 y Apple TV anterior a 7.0.2, no valida correctamente los metadatos del objeto IOSharedDataQueue, lo que permite a atacantes ejecutar c\\u00f3digo remoto en un contexto privilegiado a trav\\u00e9s de una aplicaci\\u00f3n manipulada.\"}]",
"evaluatorComment": "Per an \u003ca href=\"http://support.apple.com/en-us/HT204244\"\u003eApple Security Advisory\u003c/a\u003e Apple OS X before versions 10.8.6, 10.9.6, 10.10.0 and 10.10.1 were also vulnerable.",
"id": "CVE-2014-4461",
"lastModified": "2024-11-21T02:10:14.570",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2014-11-18T11:59:08.747",
"references": "[{\"url\": \"http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/HT204244\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/71136\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://www.securitytracker.com/id/1031231\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/98774\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://support.apple.com/en-us/HT204418\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://support.apple.com/en-us/HT204420\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://support.apple.com/en-us/HT6590\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/en-us/HT6592\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/HT204244\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/71136\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1031231\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/98774\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/en-us/HT204418\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/en-us/HT204420\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/en-us/HT6590\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/en-us/HT6592\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2014-4461\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2014-11-18T11:59:08.747\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.\"},{\"lang\":\"es\",\"value\":\"El kernel en Apple iOS anterior a 8.1.1 y Apple TV anterior a 7.0.2, no valida correctamente los metadatos del objeto IOSharedDataQueue, lo que permite a atacantes ejecutar c\u00f3digo remoto en un contexto privilegiado a trav\u00e9s de una aplicaci\u00f3n manipulada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.1\",\"matchCriteriaId\":\"1DFACE2F-616F-4F5E-A973-4C41440539FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7350A49-6D6B-4E03-933E-52453FE33E00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C067D7E6-41CD-4859-A214-80F4C8E88567\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"245A0B42-AA79-4B33-AAEE-E414B6B1EAC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.10.1\",\"matchCriteriaId\":\"24C6A01A-6308-4C69-B4D5-5BC10277E2E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D30B4B-DA63-40B0-B0C9-F3992CF25706\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A4AE53-A477-4386-887C-4B7408575C23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8A2286E-9D1C-4B56-8B40-150201B818AF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.0.1\",\"matchCriteriaId\":\"1C32F3FB-EBDF-4A80-B7D9-42EDEF5DC6F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5365205F-B91D-4123-8CFD-EA42E0DEA944\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8C7F676-5ACC-4330-9591-465CA8AF77AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5314D7F-8352-41F5-A155-5E5392C58ABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36567F18-DE70-4189-A52E-A0376C779B7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EA1745A-E240-462A-BDA9-200DB6AC112F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:6.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC814F33-E1D4-4910-BD1C-2C002D734415\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CBE682D-CC59-463E-B122-1BDEC8989AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:6.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"874EF671-49AA-4F0A-B656-60E66DFBB70B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEE6A417-B836-4A74-AF3B-990B61D6EFC1\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/HT204244\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/71136\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securitytracker.com/id/1031231\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/98774\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT204418\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT204420\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT6590\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT6592\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/HT204244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/71136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1031231\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/98774\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT204418\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT204420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT6590\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT6592\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per an \u003ca href=\\\"http://support.apple.com/en-us/HT204244\\\"\u003eApple Security Advisory\u003c/a\u003e Apple OS X before versions 10.8.6, 10.9.6, 10.10.0 and 10.10.1 were also vulnerable.\"}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…