CVE-2014-4492 in Apple iOSinfo

Zusammenfassung (Englisch)

libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type.

Reservieren

20.06.2014

Veröffentlichung

30.01.2015

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
68937	Apple iOS libnetcore	19	Proof-of-Concept	Offizieller Fix	CVE-2014-4492
68902	Apple Mac OS X libnetcore	19	Proof-of-Concept	Offizieller Fix	CVE-2014-4492

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Interested in the pricing of exploits?

See the underground prices here!