CVE-2014-4461
18.11.2014, 11:59
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.Enginsight
| Vendor | Product | Version |
|---|---|---|
| apple | iphone_os | 𝑥 ≤ 8.1 |
| apple | iphone_os | 8.0 |
| apple | iphone_os | 8.0.1 |
| apple | iphone_os | 8.0.2 |
| apple | mac_os_x | 𝑥 ≤ 10.10.1 |
| apple | mac_os_x | 10.8.5 |
| apple | mac_os_x | 10.9.5 |
| apple | mac_os_x | 10.10.0 |
| apple | tvos | 𝑥 ≤ 7.0.1 |
| apple | tvos | 6.0 |
| apple | tvos | 6.0.1 |
| apple | tvos | 6.0.2 |
| apple | tvos | 6.1 |
| apple | tvos | 6.1.1 |
| apple | tvos | 6.1.2 |
| apple | tvos | 6.2 |
| apple | tvos | 6.2.1 |
| apple | tvos | 7.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References