cvelistv5 - cve-2014-1266

CVE-2014-1266 (GCVE-0-2014-1266)

Vulnerability from cvelistv5

Published

2014-02-22 15:00

Modified

2024-08-06 09:34

Severity ?

CWE

Summary

References

URL

Tags

product-security@apple.com	http://it.slashdot.org/comments.pl?sid=4821073&cid=46310187	Issue Tracking
product-security@apple.com	http://support.apple.com/kb/HT6146	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT6147	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT6148	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT6150	Vendor Advisory
product-security@apple.com	https://news.ycombinator.com/item?id=7281378	Exploit, Issue Tracking
product-security@apple.com	https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html	Exploit
product-security@apple.com	https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html	Exploit
product-security@apple.com	https://www.imperialviolet.org/2014/02/22/applebug.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://it.slashdot.org/comments.pl?sid=4821073&cid=46310187	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6146	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6147	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6148	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6150	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://news.ycombinator.com/item?id=7281378	Exploit, Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://www.imperialviolet.org/2014/02/22/applebug.html	Exploit

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:34:41.152Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6147"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6148"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6150"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6146"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=7281378"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-02-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-02-27T00:57:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6147"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6148"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6150"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6146"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://news.ycombinator.com/item?id=7281378"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2014-1266",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT6147",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6147"
            },
            {
              "name": "http://support.apple.com/kb/HT6148",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6148"
            },
            {
              "name": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html",
              "refsource": "MISC",
              "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6150",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6150"
            },
            {
              "name": "http://support.apple.com/kb/HT6146",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6146"
            },
            {
              "name": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187",
              "refsource": "MISC",
              "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
            },
            {
              "name": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html",
              "refsource": "MISC",
              "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
            },
            {
              "name": "https://www.imperialviolet.org/2014/02/22/applebug.html",
              "refsource": "MISC",
              "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
            },
            {
              "name": "https://news.ycombinator.com/item?id=7281378",
              "refsource": "MISC",
              "url": "https://news.ycombinator.com/item?id=7281378"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2014-1266",
    "datePublished": "2014-02-22T15:00:00",
    "dateReserved": "2014-01-08T00:00:00",
    "dateUpdated": "2024-08-06T09:34:41.152Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-1266\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2014-02-22T17:05:21.767\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n SSLVerifySignedServerKeyExchange en libsecurity_ssl/lib/sslKeyExchange.c la funcionalidad Secure Transport en el componente Data Security en Apple iOS 6.x anterior a 6.1.6 y 7.x anterior a 7.0.6, Apple TV 6.x anterior a 6.0.2 y Apple OS X 10.9.x anterior a 10.9.2 no comprueba la firma en un mensaje TLS Server Key Exchange, lo que permite a atacantes man-in-the-middle falsificar servidores SSL mediante (1) el uso de una clave privada arbitraria para el paso de la firma o (2) la omisi\u00f3n del paso de la firma.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndExcluding\":\"6.1.6\",\"matchCriteriaId\":\"A7D52A72-B69F-4374-AB94-5FDF905845CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.0.6\",\"matchCriteriaId\":\"70EADE0F-0D8F-4C12-952D-89FD079A50F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.9\",\"versionEndExcluding\":\"10.9.2\",\"matchCriteriaId\":\"C3EDC17F-CBB3-4FFE-9C4C-A92583BE53CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndExcluding\":\"6.0.2\",\"matchCriteriaId\":\"0812CC13-F57E-432D-8FF3-21F3B642E883\"}]}]}],\"references\":[{\"url\":\"http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187\",\"source\":\"product-security@apple.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"http://support.apple.com/kb/HT6146\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6147\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6148\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6150\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=7281378\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.imperialviolet.org/2014/02/22/applebug.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"http://support.apple.com/kb/HT6146\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6148\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=7281378\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.imperialviolet.org/2014/02/22/applebug.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
  }
}

ghsa-4j69-27g2-fgcw

Vulnerability from github

Published

2022-05-14 01:27

Modified

2024-02-09 03:32

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-1266"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-02-22T17:05:00Z",
    "severity": "MODERATE"
  },
  "details": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.",
  "id": "GHSA-4j69-27g2-fgcw",
  "modified": "2024-02-09T03:32:56Z",
  "published": "2022-05-14T01:27:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1266"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=7281378"
    },
    {
      "type": "WEB",
      "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
    },
    {
      "type": "WEB",
      "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
    },
    {
      "type": "WEB",
      "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT6146"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT6147"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT6148"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT6150"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2014-AVI-081

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans les produits Apple. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Apple iOS versions antérieures à 7.0.6
Apple	N/A	Apple iOS versions antérieures à 6.1.6
Apple	N/A	Apple TV versions antérieures à 6.0.2

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT6148 du 24 février 2014	None	vendor-advisory
Bulletin de sécurité Apple HT6147 du 24 février 2014	None	vendor-advisory
Bulletin de sécurité Apple HT6146 du 24 février 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple iOS versions ant\u00e9rieures \u00e0 7.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple iOS versions ant\u00e9rieures \u00e0 6.1.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple TV versions ant\u00e9rieures \u00e0 6.0.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-1266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1266"
    }
  ],
  "initial_release_date": "2014-02-24T00:00:00",
  "last_revision_date": "2014-02-24T00:00:00",
  "links": [],
  "reference": "CERTFR-2014-AVI-081",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-02-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6148 du 24 f\u00e9vrier 2014",
      "url": "http://support.apple.com/kb/HT6148"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6147 du 24 f\u00e9vrier 2014",
      "url": "http://support.apple.com/kb/HT6147"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6146 du 24 f\u00e9vrier 2014",
      "url": "http://support.apple.com/kb/HT6146"
    }
  ]
}

De multiples vulnérabilités ont été corrigées dans Apple OS X Maverick. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Apple OS X Mountain Lion versions antérieures à 10.8.5
Apple	N/A	Apple OS X Lion Server versions antérieures à 10.7.5
Apple	N/A	Apple OS X Mavericks versions antérieures à 10.9.2
Apple	N/A	Apple OS X Lion versions antérieures à 10.7.5

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT6150 du 25 février 2014

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple OS X Mountain Lion versions ant\u00e9rieures \u00e0 10.8.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple OS X Lion Server versions ant\u00e9rieures \u00e0 10.7.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple OS X Mavericks versions ant\u00e9rieures \u00e0 10.9.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple OS X Lion versions ant\u00e9rieures \u00e0 10.7.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-1256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1256"
    },
    {
      "name": "CVE-2013-4073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4073"
    },
    {
      "name": "CVE-2014-1263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1263"
    },
    {
      "name": "CVE-2014-1252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1252"
    },
    {
      "name": "CVE-2014-1258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1258"
    },
    {
      "name": "CVE-2013-6420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6420"
    },
    {
      "name": "CVE-2014-1264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1264"
    },
    {
      "name": "CVE-2014-1261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1261"
    },
    {
      "name": "CVE-2013-5986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5986"
    },
    {
      "name": "CVE-2014-1266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1266"
    },
    {
      "name": "CVE-2014-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1255"
    },
    {
      "name": "CVE-2014-1246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1246"
    },
    {
      "name": "CVE-2014-1245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1245"
    },
    {
      "name": "CVE-2013-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4248"
    },
    {
      "name": "CVE-2013-6629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
    },
    {
      "name": "CVE-2014-1254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1254"
    },
    {
      "name": "CVE-2013-5987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5987"
    },
    {
      "name": "CVE-2013-1862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1862"
    },
    {
      "name": "CVE-2013-5139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5139"
    },
    {
      "name": "CVE-2014-1259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1259"
    },
    {
      "name": "CVE-2014-1250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1250"
    },
    {
      "name": "CVE-2013-4113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4113"
    },
    {
      "name": "CVE-2014-1265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1265"
    },
    {
      "name": "CVE-2014-1247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1247"
    },
    {
      "name": "CVE-2014-1260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1260"
    },
    {
      "name": "CVE-2014-1262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1262"
    },
    {
      "name": "CVE-2014-1249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1249"
    },
    {
      "name": "CVE-2013-5179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5179"
    },
    {
      "name": "CVE-2013-1896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1896"
    },
    {
      "name": "CVE-2014-1248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1248"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    },
    {
      "name": "CVE-2014-1257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1257"
    },
    {
      "name": "CVE-2013-5178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5178"
    }
  ],
  "initial_release_date": "2014-02-28T00:00:00",
  "last_revision_date": "2014-02-28T00:00:00",
  "links": [],
  "reference": "CERTFR-2014-AVI-095",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple OS X Maverick\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nun contournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6150 du 25 f\u00e9vrier 2014",
      "url": "http://support.apple.com/kb/HT6150"
    }
  ]
}

var-201402-0405

Vulnerability from variot

The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step. Apple iOS and TV are prone to a security-bypass vulnerability because it fails to properly validate connections. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. Apple iOS, Apple TV and Apple OS X are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; Apple TV is a high-definition TV set-top box product; Apple OS X is a dedicated operating system developed for Mac computers. There is a security vulnerability in the 'SSLVerifySignedServerKeyExchange' function in the libsecurity_ssl/lib/sslKeyExchange.c file of the Secure Transport function of the Data Security component in Apple iOS. An attacker in a privileged network position could potentially capture or modify data in an SSL/TLS-protected session. The following versions are affected: Apple iOS 6.x prior to 6.1.6 and 7.x prior to 7.0.6, Apple TV 6.x prior to 6.0.2, Apple OS X 10.9.x prior to 10.9.2 Version. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2014-02-21-2 iOS 7.0.6

iOS 7.0.6 is now available and addresses the following:

Data Security Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps. CVE-ID CVE-2014-1266

Installation note:

This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

Navigate to Settings
Select General
Select About. The version after applying this update will be "7.0.6".

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTBpN9AAoJEPefwLHPlZEwFpYP/2Ac20hocp3/xWv08EFmpZpl T52aoGMpJxZFRh307mS76jNXDZ2KodcBboESKbYE8PxMK9DkAtqEbSQjMa9cUK3+ 3iUhqNnFm7YrG8+8JVoZ58Jxiq9zEmKGVEf+s4o1F1ORJPAQRDROiC5MBru1UOAb /sXZeX1Awr81RJeu4f8A9Qddu6AEICr2sYRlWQA8wa24Y2qswrOvqvFRSK4WnB8L 6sqe6JL0C59GhjRh11WsObMQN+vbBcVty7q4e0WfuLNt0LP8yZBC2XruAx0Q2v1k t5JA6keq7zwAzE+zO4qjYXGTVePyPe7vJx00ndjvTjAI7iXrcRgNxUuH5BAj7O7h agzSWNKvaUYynJd2oiv5onN7kh+3UbexiXIKOc5ZgOpVk7fgLCnN9UcPuxpGjF5u RODQM5LtAYEdmzs4Ws711Gu+k0OT3QTWXWu9/k6Yp2DKwCjDp9gzM/EhT5T7PqCL KM8gnGOiTJh0vUmdI94huF987heNBzoRId/wdip/e2iXKTGB3Z8AipmDi72v63FB seh7rZWOgxZ+9YSCyXFl4FfcZDBSEhERzw2C8OXP2iXBzspM3LsqlqBbbyTB/bRm lOSrP8nxkf0Fw8ehqs52wxfjenk2hvnkHddE4HU3DuvoK4M9hZ98sLppHxoxw7Lp aMn7lqBBT+6V5+uaVkA8 =klGW -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201402-0405",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "tvos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "mac os x",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.9"
      },
      {
        "model": "iphone os",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0"
      },
      {
        "model": "iphone os",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.1.6"
      },
      {
        "model": "iphone os",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "tvos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "iphone os",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "mac os x",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.9.2"
      },
      {
        "model": "apple tv",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": "6.1.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": "7.0.6"
      },
      {
        "model": "apple mac os x",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": null
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": "7.x (ipad 2  from )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": "7.x (ipod touch  no.  5  generation )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": "6.x (iphone 3gs)"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": "7.x (iphone 4  from )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": "6.x (ipod touch  no.  4  generation )"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.4"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.5"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.9.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.9"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.3"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1266"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "65738"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-1266",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2014-1266",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-69205",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.2,
            "id": "CVE-2014-1266",
            "impactScore": 5.2,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.4,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2014-1266",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-1266",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-1266",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201402-306",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-69205",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2014-1266",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69205"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-1266"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1266"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step. Apple iOS and TV are prone to a security-bypass vulnerability because it fails to properly validate connections. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. Apple iOS, Apple TV and Apple OS X are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; Apple TV is a high-definition TV set-top box product; Apple OS X is a dedicated operating system developed for Mac computers. There is a security vulnerability in the \u0027SSLVerifySignedServerKeyExchange\u0027 function in the libsecurity_ssl/lib/sslKeyExchange.c file of the Secure Transport function of the Data Security component in Apple iOS. An attacker in a privileged network position could potentially capture or modify data in an SSL/TLS-protected session. The following versions are affected: Apple iOS 6.x prior to 6.1.6 and 7.x prior to 7.0.6, Apple TV 6.x prior to 6.0.2, Apple OS X 10.9.x prior to 10.9.2 Version. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-02-21-2 iOS 7.0.6\n\niOS 7.0.6 is now available and addresses the following:\n\nData Security\nAvailable for: iPhone 4 and later, iPod touch (5th generation),\niPad 2 and later\nImpact: An attacker with a privileged network position may capture\nor modify data in sessions protected by SSL/TLS\nDescription: Secure Transport failed to validate the authenticity of\nthe connection. This issue was addressed by restoring missing\nvalidation steps. \nCVE-ID\nCVE-2014-1266\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"7.0.6\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJTBpN9AAoJEPefwLHPlZEwFpYP/2Ac20hocp3/xWv08EFmpZpl\nT52aoGMpJxZFRh307mS76jNXDZ2KodcBboESKbYE8PxMK9DkAtqEbSQjMa9cUK3+\n3iUhqNnFm7YrG8+8JVoZ58Jxiq9zEmKGVEf+s4o1F1ORJPAQRDROiC5MBru1UOAb\n/sXZeX1Awr81RJeu4f8A9Qddu6AEICr2sYRlWQA8wa24Y2qswrOvqvFRSK4WnB8L\n6sqe6JL0C59GhjRh11WsObMQN+vbBcVty7q4e0WfuLNt0LP8yZBC2XruAx0Q2v1k\nt5JA6keq7zwAzE+zO4qjYXGTVePyPe7vJx00ndjvTjAI7iXrcRgNxUuH5BAj7O7h\nagzSWNKvaUYynJd2oiv5onN7kh+3UbexiXIKOc5ZgOpVk7fgLCnN9UcPuxpGjF5u\nRODQM5LtAYEdmzs4Ws711Gu+k0OT3QTWXWu9/k6Yp2DKwCjDp9gzM/EhT5T7PqCL\nKM8gnGOiTJh0vUmdI94huF987heNBzoRId/wdip/e2iXKTGB3Z8AipmDi72v63FB\nseh7rZWOgxZ+9YSCyXFl4FfcZDBSEhERzw2C8OXP2iXBzspM3LsqlqBbbyTB/bRm\nlOSrP8nxkf0Fw8ehqs52wxfjenk2hvnkHddE4HU3DuvoK4M9hZ98sLppHxoxw7Lp\naMn7lqBBT+6V5+uaVkA8\n=klGW\n-----END PGP SIGNATURE-----\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-1266"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "db": "BID",
        "id": "65738"
      },
      {
        "db": "VULHUB",
        "id": "VHN-69205"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-1266"
      },
      {
        "db": "PACKETSTORM",
        "id": "125371"
      },
      {
        "db": "PACKETSTORM",
        "id": "125347"
      },
      {
        "db": "PACKETSTORM",
        "id": "125370"
      }
    ],
    "trust": 2.34
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-69205",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69205"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-1266",
        "trust": 4.0
      },
      {
        "db": "JVN",
        "id": "JVNVU95868425",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "65738",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "125347",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "125371",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "125370",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-69205",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-1266",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69205"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-1266"
      },
      {
        "db": "BID",
        "id": "65738"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "db": "PACKETSTORM",
        "id": "125371"
      },
      {
        "db": "PACKETSTORM",
        "id": "125347"
      },
      {
        "db": "PACKETSTORM",
        "id": "125370"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1266"
      }
    ]
  },
  "id": "VAR-201402-0405",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69205"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T20:52:46.382000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT6150",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2014/Feb/msg00000.html"
      },
      {
        "title": "OSXUpd10.9.2",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48233"
      },
      {
        "title": "apple-tv-video-converter",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48232"
      },
      {
        "title": "iPhone4,1_7.0.6_11B651_Restore",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48231"
      },
      {
        "title": "iPhone2,1_6.1.6_10B500_Restore",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48230"
      },
      {
        "title": "OS X/iOS SSL Flaw POC",
        "trust": 0.1,
        "url": "https://github.com/gabrielg/CVE-2014-1266-poc "
      },
      {
        "title": "SSL Patch (CVE-2014-1266)",
        "trust": 0.1,
        "url": "https://github.com/linusyang/SSLPatch "
      },
      {
        "title": "Reverse-Engineering-toolkit\nDirectory\nIDA\nGhidra\nx64dbg\nOllyDbg\nWinDBG\nAndroid\nApple\u0026\u0026iOS\u0026\u0026iXxx\nCuckoo\nDBI",
        "trust": 0.1,
        "url": "https://github.com/geeksniper/reverse-engineering-toolkit "
      },
      {
        "title": "TOP\nTable of Contents\nDonation",
        "trust": 0.1,
        "url": "https://github.com/JERRY123S/all-poc "
      },
      {
        "title": "Table of Contents",
        "trust": 0.1,
        "url": "https://github.com/CVEDB/top "
      },
      {
        "title": "Table of Contents",
        "trust": 0.1,
        "url": "https://github.com/CVEDB/awesome-cve-repo "
      },
      {
        "title": "TOP\nTable of Contents\nDonation",
        "trust": 0.1,
        "url": "https://github.com/hktalent/TOP "
      },
      {
        "title": "TOP\nTable of Contents\nDonation",
        "trust": 0.1,
        "url": "https://github.com/cyberanand1337x/bug-bounty-2022 "
      },
      {
        "title": "TOP\nTable of Contents\nDonation",
        "trust": 0.1,
        "url": "https://github.com/weeka10/-hktalent-TOP "
      },
      {
        "title": "The Register",
        "trust": 0.1,
        "url": "https://www.theregister.co.uk/2014/02/21/apple_patches_ios_ssl_vulnerability/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2014-1266"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-295",
        "trust": 1.0
      },
      {
        "problemtype": "Illegal certificate verification (CWE-295) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1266"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://news.ycombinator.com/item?id=7281378"
      },
      {
        "trust": 2.5,
        "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
      },
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht6146"
      },
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht6147"
      },
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht6148"
      },
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht6150"
      },
      {
        "trust": 1.8,
        "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
      },
      {
        "trust": 1.8,
        "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
      },
      {
        "trust": 1.8,
        "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu95868425/"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1266"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ios/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/appletv/features.html"
      },
      {
        "trust": 0.3,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1266"
      },
      {
        "trust": 0.3,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.3,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.2,
        "url": "https://www.apple.com/itunes/"
      },
      {
        "trust": 0.1,
        "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026amp;cid=46310187"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/295.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/gabrielg/cve-2014-1266-poc"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69205"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-1266"
      },
      {
        "db": "BID",
        "id": "65738"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "db": "PACKETSTORM",
        "id": "125371"
      },
      {
        "db": "PACKETSTORM",
        "id": "125347"
      },
      {
        "db": "PACKETSTORM",
        "id": "125370"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1266"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-69205"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-1266"
      },
      {
        "db": "BID",
        "id": "65738"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "db": "PACKETSTORM",
        "id": "125371"
      },
      {
        "db": "PACKETSTORM",
        "id": "125347"
      },
      {
        "db": "PACKETSTORM",
        "id": "125370"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1266"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-02-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-69205"
      },
      {
        "date": "2014-02-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2014-1266"
      },
      {
        "date": "2014-02-21T00:00:00",
        "db": "BID",
        "id": "65738"
      },
      {
        "date": "2014-02-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "date": "2014-02-24T16:22:22",
        "db": "PACKETSTORM",
        "id": "125371"
      },
      {
        "date": "2014-02-22T03:01:11",
        "db": "PACKETSTORM",
        "id": "125347"
      },
      {
        "date": "2014-02-24T17:22:22",
        "db": "PACKETSTORM",
        "id": "125370"
      },
      {
        "date": "2014-02-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      },
      {
        "date": "2014-02-22T17:05:21.767000",
        "db": "NVD",
        "id": "CVE-2014-1266"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-69205"
      },
      {
        "date": "2024-02-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2014-1266"
      },
      {
        "date": "2014-02-21T00:00:00",
        "db": "BID",
        "id": "65738"
      },
      {
        "date": "2024-03-01T02:16:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      },
      {
        "date": "2019-03-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      },
      {
        "date": "2024-11-21T02:03:57.450000",
        "db": "NVD",
        "id": "CVE-2014-1266"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Apple\u00a0 of the product \u00a0Data\u00a0Security\u00a0 of the component \u00a0Secure\u00a0Transport\u00a0 in function \u00a0SSL\u00a0 Server spoofing vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001444"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-306"
      }
    ],
    "trust": 0.6
  }
}

gsd-2014-1266

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2014-1266

Aliases

CVE-2014-1266

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-1266",
    "description": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.",
    "id": "GSD-2014-1266"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-1266"
      ],
      "details": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.",
      "id": "GSD-2014-1266",
      "modified": "2023-12-13T01:22:51.289377Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2014-1266",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.apple.com/kb/HT6147",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT6147"
          },
          {
            "name": "http://support.apple.com/kb/HT6148",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT6148"
          },
          {
            "name": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html",
            "refsource": "MISC",
            "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
          },
          {
            "name": "http://support.apple.com/kb/HT6150",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT6150"
          },
          {
            "name": "http://support.apple.com/kb/HT6146",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT6146"
          },
          {
            "name": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187",
            "refsource": "MISC",
            "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
          },
          {
            "name": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html",
            "refsource": "MISC",
            "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
          },
          {
            "name": "https://www.imperialviolet.org/2014/02/22/applebug.html",
            "refsource": "MISC",
            "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
          },
          {
            "name": "https://news.ycombinator.com/item?id=7281378",
            "refsource": "MISC",
            "url": "https://news.ycombinator.com/item?id=7281378"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A7D52A72-B69F-4374-AB94-5FDF905845CA",
                    "versionEndExcluding": "6.1.6",
                    "versionStartIncluding": "6.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "70EADE0F-0D8F-4C12-952D-89FD079A50F2",
                    "versionEndExcluding": "7.0.6",
                    "versionStartIncluding": "7.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C3EDC17F-CBB3-4FFE-9C4C-A92583BE53CD",
                    "versionEndExcluding": "10.9.2",
                    "versionStartIncluding": "10.9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0812CC13-F57E-432D-8FF3-21F3B642E883",
                    "versionEndExcluding": "6.0.2",
                    "versionStartIncluding": "6.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step."
          },
          {
            "lang": "es",
            "value": "La funci\u00f3n SSLVerifySignedServerKeyExchange en libsecurity_ssl/lib/sslKeyExchange.c la funcionalidad Secure Transport en el componente Data Security en Apple iOS 6.x anterior a 6.1.6 y 7.x anterior a 7.0.6, Apple TV 6.x anterior a 6.0.2 y Apple OS X 10.9.x anterior a 10.9.2 no comprueba la firma en un mensaje TLS Server Key Exchange, lo que permite a atacantes man-in-the-middle falsificar servidores SSL mediante (1) el uso de una clave privada arbitraria para el paso de la firma o (2) la omisi\u00f3n del paso de la firma."
          }
        ],
        "id": "CVE-2014-1266",
        "lastModified": "2024-02-09T03:19:52.270",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              "exploitabilityScore": 8.6,
              "impactScore": 4.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.2,
              "impactScore": 5.2,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2014-02-22T17:05:21.767",
        "references": [
          {
            "source": "product-security@apple.com",
            "tags": [
              "Issue Tracking"
            ],
            "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
          },
          {
            "source": "product-security@apple.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://support.apple.com/kb/HT6146"
          },
          {
            "source": "product-security@apple.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://support.apple.com/kb/HT6147"
          },
          {
            "source": "product-security@apple.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://support.apple.com/kb/HT6148"
          },
          {
            "source": "product-security@apple.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://support.apple.com/kb/HT6150"
          },
          {
            "source": "product-security@apple.com",
            "tags": [
              "Exploit",
              "Issue Tracking"
            ],
            "url": "https://news.ycombinator.com/item?id=7281378"
          },
          {
            "source": "product-security@apple.com",
            "tags": [
              "Exploit"
            ],
            "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
          },
          {
            "source": "product-security@apple.com",
            "tags": [
              "Exploit"
            ],
            "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
          },
          {
            "source": "product-security@apple.com",
            "tags": [
              "Exploit"
            ],
            "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
          }
        ],
        "sourceIdentifier": "product-security@apple.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-295"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

fkie_cve-2014-1266

Vulnerability from fkie_nvd

Published

2014-02-22 17:05

Modified

2025-04-11 00:51

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

References

URL	Tags
product-security@apple.com	http://it.slashdot.org/comments.pl?sid=4821073&cid=46310187	Issue Tracking
product-security@apple.com	http://support.apple.com/kb/HT6146	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT6147	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT6148	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT6150	Vendor Advisory
product-security@apple.com	https://news.ycombinator.com/item?id=7281378	Exploit, Issue Tracking
product-security@apple.com	https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html	Exploit
product-security@apple.com	https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html	Exploit
product-security@apple.com	https://www.imperialviolet.org/2014/02/22/applebug.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://it.slashdot.org/comments.pl?sid=4821073&cid=46310187	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6146	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6147	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6148	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6150	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://news.ycombinator.com/item?id=7281378	Exploit, Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://www.imperialviolet.org/2014/02/22/applebug.html	Exploit

Impacted products

Vendor	Product	Version
apple	iphone_os	*
apple	iphone_os	*
apple	mac_os_x	*
apple	tvos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D52A72-B69F-4374-AB94-5FDF905845CA",
              "versionEndExcluding": "6.1.6",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70EADE0F-0D8F-4C12-952D-89FD079A50F2",
              "versionEndExcluding": "7.0.6",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3EDC17F-CBB3-4FFE-9C4C-A92583BE53CD",
              "versionEndExcluding": "10.9.2",
              "versionStartIncluding": "10.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0812CC13-F57E-432D-8FF3-21F3B642E883",
              "versionEndExcluding": "6.0.2",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n SSLVerifySignedServerKeyExchange en libsecurity_ssl/lib/sslKeyExchange.c la funcionalidad Secure Transport en el componente Data Security en Apple iOS 6.x anterior a 6.1.6 y 7.x anterior a 7.0.6, Apple TV 6.x anterior a 6.0.2 y Apple OS X 10.9.x anterior a 10.9.2 no comprueba la firma en un mensaje TLS Server Key Exchange, lo que permite a atacantes man-in-the-middle falsificar servidores SSL mediante (1) el uso de una clave privada arbitraria para el paso de la firma o (2) la omisi\u00f3n del paso de la firma."
    }
  ],
  "id": "CVE-2014-1266",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2014-02-22T17:05:21.767",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6146"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6147"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6148"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6150"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit",
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=7281378"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "http://it.slashdot.org/comments.pl?sid=4821073\u0026cid=46310187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=7281378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.imperialviolet.org/2014/02/22/applebug.html"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2014-1266 (GCVE-0-2014-1266)

Vulnerability from cvelistv5

ghsa-4j69-27g2-fgcw

Vulnerability from github

CERTFR-2014-AVI-081

Vulnerability from certfr_avis

Solution

CERTFR-2014-AVI-095

Vulnerability from certfr_avis

Solution

var-201402-0405

Vulnerability from variot

gsd-2014-1266

Vulnerability from gsd

fkie_cve-2014-1266

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature