Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-4480

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-4480
Last Modified 18 Feb 2015 09:59:10
Published 30 Jan 2015 06:59:12
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-4480

Summary

Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink.

Vulnerable Systems

Operating System

  • Apple Iphone Os 8.1.2

Application

  • Apple Tv 7.0.2


References

CONFIRM - http://support.apple.com/HT204246

CONFIRM - http://support.apple.com/HT204245

APPLE - APPLE-SA-2015-01-27-2

APPLE - APPLE-SA-2015-01-27-1

SECTRACK - 1031652


Last Updated: 27 May 2016 11:07:39