2.1

CVE-2014-4455

dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPhone OS Version <= 8.1.2
AppletvOS Version <= 7.0.1
AppletvOS Version6.0
AppletvOS Version6.0.1
AppletvOS Version6.0.2
AppletvOS Version6.1
AppletvOS Version6.1.1
AppletvOS Version6.1.2
AppletvOS Version6.2
AppletvOS Version6.2.1
AppletvOS Version7.0
AppletvOS Version7.0.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.306
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html
Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html
Vendor Advisory
http://support.apple.com/HT204245
Vendor Advisory
http://support.apple.com/HT204246
Vendor Advisory
http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html
Vendor Advisory
https://support.apple.com/en-us/HT204418
https://support.apple.com/en-us/HT6590
Vendor Advisory
http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html
Vendor Advisory
http://www.securitytracker.com/id/1031231
https://support.apple.com/en-us/HT204420
https://support.apple.com/en-us/HT6592
Vendor Advisory
http://www.securityfocus.com/bid/71140
https://exchange.xforce.ibmcloud.com/vulnerabilities/98773