cvelistv5 - cve-2014-4494

CVE-2014-4494 (GCVE-0-2014-4494)

Vulnerability from cvelistv5

Published

2015-01-30 11:00

Modified

2024-08-06 11:20

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

var-201501-0637

Vulnerability from variot

Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app. Apple iOS is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect iTunes Store, MobileInstallation, Springboard, and WebKit components. Attackers can exploit these issues to gain unauthorized access, perform unauthorized actions, bypass security restrictions, and perform other attacks. These issues affect iOS versions prior to 8.1.3. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Springboard is a desktop for Apple iDevice. The vulnerability stems from the fact that the program does not properly verify digital signatures

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201501-0637",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "iphone os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.1.2"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.1.3   (ipad 2 or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.1.3   (iphone 4s or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.1.3   (ipod touch first  5 after generation )"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.1.2"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "72333"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4494"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:iphone_os",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lokihardt@ASRT working with HP\u0027s Zero Day Initiative , Jordan Milne, Song Jin, Hui Xue, and Tao Wei of FireEye, Inc.",
    "sources": [
      {
        "db": "BID",
        "id": "72333"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2014-4494",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2014-4494",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-72434",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-4494",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-4494",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201501-714",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-72434",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72434"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4494"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app. Apple iOS is prone to multiple security vulnerabilities. \nThe update addresses new vulnerabilities that affect iTunes Store, MobileInstallation, Springboard, and WebKit components. \nAttackers can exploit these issues to gain unauthorized access, perform unauthorized actions, bypass security restrictions, and perform other  attacks. \nThese issues affect iOS versions prior to 8.1.3. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Springboard is a desktop for Apple iDevice. The vulnerability stems from the fact that the program does not properly verify digital signatures",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-4494"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "db": "BID",
        "id": "72333"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72434"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-4494",
        "trust": 2.8
      },
      {
        "db": "SECTRACK",
        "id": "1031652",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "72333",
        "trust": 0.9
      },
      {
        "db": "JVN",
        "id": "JVNVU96447236",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-72434",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72434"
      },
      {
        "db": "BID",
        "id": "72333"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4494"
      }
    ]
  },
  "id": "VAR-201501-0637",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72434"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T20:32:21.217000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APPLE-SA-2015-01-27-2",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
      },
      {
        "title": "HT204245",
        "trust": 0.8,
        "url": "http://support.apple.com/en-us/HT204245"
      },
      {
        "title": "HT204245",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/HT204245"
      },
      {
        "title": "osxupd10.10.2",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53587"
      },
      {
        "title": "iPhone7,1_8.1.3_12B466_Restore",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53586"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72434"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4494"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00001.html"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/ht204245"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1031652"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4494"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu96447236/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4494"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/72333"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ios/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ipad/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/iphone/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ipodtouch/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72434"
      },
      {
        "db": "BID",
        "id": "72333"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4494"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-72434"
      },
      {
        "db": "BID",
        "id": "72333"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4494"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-01-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72434"
      },
      {
        "date": "2015-01-27T00:00:00",
        "db": "BID",
        "id": "72333"
      },
      {
        "date": "2015-02-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "date": "2015-01-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      },
      {
        "date": "2015-01-30T11:59:23.453000",
        "db": "NVD",
        "id": "CVE-2014-4494"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72434"
      },
      {
        "date": "2015-02-04T00:01:00",
        "db": "BID",
        "id": "72333"
      },
      {
        "date": "2015-02-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      },
      {
        "date": "2015-02-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      },
      {
        "date": "2024-11-21T02:10:18.190000",
        "db": "NVD",
        "id": "CVE-2014-4494"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple iOS of  Springboard Vulnerabilities that can bypass restrictions on initial startup",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001290"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201501-714"
      }
    ],
    "trust": 0.6
  }
}

cnvd-2015-00848

Vulnerability from cnvd

Title

Apple TV和iOS企业签名应用安全绕过漏洞

Description

Apple iOS是一款运行在苹果iPhone和iPod touch设备上的最新的操作系统。 Apple TV是苹果可以让PC和iPod中的相片,视频和音乐无线传输到电视之中高清晰度播出。 Apple TV和iOS企业签名应用存在安全漏洞，由于Apple TV和iOS在第一次打开企业级应用时未能正确处理可信提示，允许攻击者可绕过某些安全限制，执行未授权操作。

Severity

中

Patch Name

Apple TV和iOS企业签名应用安全绕过漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://support.apple.com/

Reference

http://www.securityfocus.com/bid/72333 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4494 http://support.apple.com/HT204245

Impacted products

Name
Apple IOS < 8.1.3

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "72333"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2014-4494"
    }
  },
  "description": "Apple iOS\u662f\u4e00\u6b3e\u8fd0\u884c\u5728\u82f9\u679ciPhone\u548ciPod touch\u8bbe\u5907\u4e0a\u7684\u6700\u65b0\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002 Apple TV\u662f\u82f9\u679c\u53ef\u4ee5\u8ba9PC\u548ciPod\u4e2d\u7684\u76f8\u7247,\u89c6\u9891\u548c\u97f3\u4e50\u65e0\u7ebf\u4f20\u8f93\u5230\u7535\u89c6\u4e4b\u4e2d\u9ad8\u6e05\u6670\u5ea6\u64ad\u51fa\u3002 \r\n\r\nApple TV\u548ciOS\u4f01\u4e1a\u7b7e\u540d\u5e94\u7528\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8eApple TV\u548ciOS\u5728\u7b2c\u4e00\u6b21\u6253\u5f00\u4f01\u4e1a\u7ea7\u5e94\u7528\u65f6\u672a\u80fd\u6b63\u786e\u5904\u7406\u53ef\u4fe1\u63d0\u793a\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u53ef\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002",
  "discovererName": "lokihardt@ASRT working with HP\u0027s Zero Day Initiative , Jordan Milne, Song Jin, Hui Xue, and Tao Wei of FireEye, Inc",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://support.apple.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-00848",
  "openTime": "2015-02-04",
  "patchDescription": "Apple iOS\u662f\u4e00\u6b3e\u8fd0\u884c\u5728\u82f9\u679ciPhone\u548ciPod touch\u8bbe\u5907\u4e0a\u7684\u6700\u65b0\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002 Apple TV\u662f\u82f9\u679c\u53ef\u4ee5\u8ba9PC\u548ciPod\u4e2d\u7684\u76f8\u7247,\u89c6\u9891\u548c\u97f3\u4e50\u65e0\u7ebf\u4f20\u8f93\u5230\u7535\u89c6\u4e4b\u4e2d\u9ad8\u6e05\u6670\u5ea6\u64ad\u51fa\u3002 \r\n\r\nApple TV\u548ciOS\u4f01\u4e1a\u7b7e\u540d\u5e94\u7528\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8eApple TV\u548ciOS\u5728\u7b2c\u4e00\u6b21\u6253\u5f00\u4f01\u4e1a\u7ea7\u5e94\u7528\u65f6\u672a\u80fd\u6b63\u786e\u5904\u7406\u53ef\u4fe1\u63d0\u793a\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u53ef\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apple TV\u548ciOS\u4f01\u4e1a\u7b7e\u540d\u5e94\u7528\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apple IOS \u003c 8.1.3"
  },
  "referenceLink": "http://www.securityfocus.com/bid/72333\r\nhttp://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4494\r\nhttp://support.apple.com/HT204245",
  "serverity": "\u4e2d",
  "submitTime": "2015-01-29",
  "title": "Apple TV\u548ciOS\u4f01\u4e1a\u7b7e\u540d\u5e94\u7528\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

gsd-2014-4494

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2014-4494

Aliases

CVE-2014-4494

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-4494",
    "description": "Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app.",
    "id": "GSD-2014-4494"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-4494"
      ],
      "details": "Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app.",
      "id": "GSD-2014-4494",
      "modified": "2023-12-13T01:22:45.334460Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2014-4494",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.apple.com/HT204245",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/HT204245"
          },
          {
            "name": "APPLE-SA-2015-01-27-2",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
          },
          {
            "name": "1031652",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1031652"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.1.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2014-4494"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2015-01-27-2",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
            },
            {
              "name": "http://support.apple.com/HT204245",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/HT204245"
            },
            {
              "name": "1031652",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1031652"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2015-11-17T16:25Z",
      "publishedDate": "2015-01-30T11:59Z"
    }
  }
}

ghsa-ph2m-x7wf-q6gr

Vulnerability from github

Published

2022-05-17 04:01

Modified

2022-05-17 04:01

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-4494"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-01-30T11:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app.",
  "id": "GHSA-ph2m-x7wf-q6gr",
  "modified": "2022-05-17T04:01:58Z",
  "published": "2022-05-17T04:01:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4494"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/HT204245"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1031652"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTFR-2015-AVI-042

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Apple iOS. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Versions antérieures à iOS 8.1.3

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

fkie_cve-2014-4494

Vulnerability from fkie_nvd

Published

2015-01-30 11:59

Modified

2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html	Vendor Advisory
product-security@apple.com	http://support.apple.com/HT204245	Vendor Advisory
product-security@apple.com	http://www.securitytracker.com/id/1031652
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/HT204245	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1031652

Impacted products

	Vendor	Product	Version
	apple	iphone_os	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31944D25-25B6-4EA4-92B0-6B03921E0CCE",
              "versionEndIncluding": "8.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app."
    },
    {
      "lang": "es",
      "value": "Springboard en Apple iOS anterior a 8.1.3 no valida correctamente firmas cuando determine si solicitar una decisi\u00f3n de confianza de la aplicaci\u00f3n del usuario, lo que permite a atacantes evadir las restricciones del primer lanzamiento mediante el aprovechamiento del acceso a un certificado de la distribuci\u00f3n del negocio para firmar una aplicaci\u00f3n manipulada."
    }
  ],
  "id": "CVE-2014-4494",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-01-30T11:59:23.453",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/HT204245"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securitytracker.com/id/1031652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/HT204245"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031652"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2014-4494 (GCVE-0-2014-4494)

Vulnerability from cvelistv5

var-201501-0637

Vulnerability from variot

cnvd-2015-00848

Vulnerability from cnvd

gsd-2014-4494

Vulnerability from gsd

ghsa-ph2m-x7wf-q6gr

Vulnerability from github

CERTFR-2015-AVI-042

Vulnerability from certfr_avis

Solution

fkie_cve-2014-4494

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature