Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1320

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2014-1320
Last Modified 24 Apr 2014 09:56:26
Published 23 Apr 2014 07:52:59
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-1320

Summary

IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.

Vulnerable Systems

Operating System

  • Apple Iphone Os 7.0

  • Apple Iphone Os 7.0.1

  • Apple Iphone Os 7.0.2

  • Apple Iphone Os 7.0.3

  • Apple Iphone Os 7.0.4

  • Apple Iphone Os 7.0.5

  • Apple Iphone Os 7.0.6

  • Apple Iphone Os 7.1

  • Apple Mac Os X 10.9

  • Apple Mac Os X 10.9.1

  • Apple Mac Os X 10.9.2

Application

  • Apple Tv 6.0

  • Apple Tv 6.0.1

  • Apple Tv 6.0.2

  • Apple Tv 6.1


References

APPLE - APPLE-SA-2014-04-22-2

APPLE - APPLE-SA-2014-04-22-3

APPLE - APPLE-SA-2014-04-22-1

Related Patches

Apple 2014-05-15 Mac OS X 10.9.3 Update

Apple 2014-05-15 Mac OS X 10.9.3 Combo Update

Apple 2014-04-22 Security Update 2014-002 (Mavericks)


Last Updated: 27 May 2016 11:05:05