1.9

CVE-2014-4371

The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppletvOS Version <= 6.2
AppletvOS Version6.0
AppletvOS Version6.0.1
AppletvOS Version6.0.2
AppletvOS Version6.1
AppletvOS Version6.1.1
AppletvOS Version6.1.2
ApplemacOS X Version <= 10.9.5
AppleiPhone OS Version <= 7.1.2
AppleiPhone OS Version7.0
AppleiPhone OS Version7.0.1
AppleiPhone OS Version7.0.2
AppleiPhone OS Version7.0.3
AppleiPhone OS Version7.0.4
AppleiPhone OS Version7.0.5
AppleiPhone OS Version7.0.6
AppleiPhone OS Version7.1
AppleiPhone OS Version7.1.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.41% 0.328
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:P/I:N/A:N
CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html
Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
Vendor Advisory
Mailing List
http://support.apple.com/HT204244
Vendor Advisory
http://support.apple.com/kb/HT6441
Vendor Advisory
http://support.apple.com/kb/HT6442
Vendor Advisory
https://support.apple.com/kb/HT6535
Vendor Advisory
http://www.securityfocus.com/bid/69882
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030866
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/69919
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/96100
VDB Entry