var-201410-1059
Vulnerability from variot
Bluetooth in Apple OS X before 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing. Apple Mac OS X is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2014-10-16-1 OS X Yosemite v10.10
OS X Yosemite v10.10 is now available and addresses the following:
802.1X Impact: An attacker can obtain WiFi credentials Description: An attacker could have impersonated a WiFi access point, offered to authenticate with LEAP, broken the MS-CHAPv1 hash, and used the derived credentials to authenticate to the intended access point even if that access point supported stronger authentication methods. This issue was addressed by disabling LEAP by default. CVE-ID CVE-2014-4364 : Pieter Robyns, Bram Bonne, Peter Quax, and Wim Lamotte of Universiteit Hasselt
AFP File Server Impact: A remote attacker could determine all the network addresses of the system Description: The AFP file server supported a command which returned all the network addresses of the system. This issue was addressed by removing the addresses from the result. CVE-ID CVE-2014-4426 : Craig Young of Tripwire VERT
apache Impact: Multiple vulnerabilities in Apache Description: Multiple vulnerabilities existed in Apache, the most serious of which may lead to a denial of service. These issues were addressed by updating Apache to version 2.4.9. CVE-ID CVE-2013-6438 CVE-2014-0098
App Sandbox Impact: An application confined by sandbox restrictions may misuse the accessibility API Description: A sandboxed application could misuse the accessibility API without the user's knowledge. This has been addressed by requiring administrator approval to use the accessibility API on an per-application basis. CVE-ID CVE-2014-4427 : Paul S. Ziegler of Reflare UG
Bash Impact: In certain configurations, a remote attacker may be able to execute arbitrary shell commands Description: An issue existed in Bash's parsing of environment variables. This issue was addressed through improved environment variable parsing by better detecting the end of the function statement. This update also incorporated the suggested CVE-2014-7169 change, which resets the parser state. In addition, this update added a new namespace for exported functions by creating a function decorator to prevent unintended header passthrough to Bash. The names of all environment variables that introduce function definitions are required to have a prefix "__BASH_FUNC<" and suffix ">()" to prevent unintended function passing via HTTP headers. If a Mac had paired with such a device, an attacker could spoof the legitimate device to establish a connection. The issue was addressed by denying unencrypted HID connections. CVE-ID CVE-2014-4428 : Mike Ryan of iSEC Partners
CFPreferences Impact: The 'require password after sleep or screen saver begins' preference may not be respected until after a reboot Description: A session management issue existed in the handling of system preference settings. This issue was addressed through improved session tracking. CVE-ID CVE-2014-4425
Certificate Trust Policy Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at http://support.apple.com/kb/HT6005.
CoreStorage Impact: An encrypted volume may stay unlocked when ejected Description: When an encrypted volume was logically ejected while mounted, the volume was unmounted but the keys were retained, so it could have been mounted again without the password. This issue was addressed by erasing the keys on eject. CVE-ID CVE-2014-4430 : Benjamin King at See Ben Click Computer Services LLC, Karsten Iwen, Dustin Li (http://dustin.li/), Ken J. Takekoshi, and other anonymous researchers
CUPS Impact: A local user can execute arbitrary code with system privileges Description: When the CUPS web interface served files, it would follow symlinks. A local user could create symlinks to arbitrary files and retrieve them through the web interface. This issue was addressed by disallowing symlinks to be served via the CUPS web interface. CVE-ID CVE-2014-3537
Dock Impact: In some circumstances, windows may be visible even when the screen is locked Description: A state management issue existed in the handling of the screen lock. This issue was addressed through improved state tracking. CVE-ID CVE-2014-4431 : Emil Sjolander of Umea University
fdesetup Impact: The fdesetup command may provide misleading status for the state of encryption on disk Description: After updating settings, but before rebooting, the fdesetup command provided misleading status. This issue was addressed through improved status reporting. CVE-ID CVE-2014-4432
iCloud Find My Mac Impact: iCloud Lost mode PIN may be bruteforced Description: A state persistence issue in rate limiting allowed brute force attacks on iCloud Lost mode PIN. This issue was addressed through improved state persistence across reboots. CVE-ID CVE-2014-4435 : knoy
IOAcceleratorFamily Impact: An application may cause a denial of service Description: A NULL pointer dereference was present in the IntelAccelerator driver. The issue was addressed through improved error handling. CVE-ID CVE-2014-4373 : cunzhang from Adlab of Venustech
IOHIDFamily Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved validation of IOHIDFamily key-mapping properties. CVE-ID CVE-2014-4405 : Ian Beer of Google Project Zero
IOHIDFamily Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A heap buffer overflow existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4404 : Ian Beer of Google Project Zero
IOHIDFamily Impact: An application may cause a denial of service Description: A out-of-bounds memory read was present in the IOHIDFamily driver. The issue was addressed through improved input validation. CVE-ID CVE-2014-4436 : cunzhang from Adlab of Venustech
IOHIDFamily Impact: A user may be able to execute arbitrary code with system privileges Description: An out-of-bounds write issue exited in the IOHIDFamily driver. The issue was addressed through improved input validation. CVE-ID CVE-2014-4380 : cunzhang from Adlab of Venustech
IOKit Impact: A malicious application may be able to read uninitialized data from kernel memory Description: An uninitialized memory access issue existed in the handling of IOKit functions. This issue was addressed through improved memory initialization. CVE-ID CVE-2014-4407 : @PanguTeam
IOKit Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata. CVE-ID CVE-2014-4388 : @PanguTeam
IOKit Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata. CVE-ID CVE-2014-4418 : Ian Beer of Google Project Zero
Kernel Impact: A local user may be able to determine kernel memory layout Description: Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization. CVE-ID CVE-2014-4371 : Fermin J. Serna of the Google Security Team CVE-2014-4419 : Fermin J. Serna of the Google Security Team CVE-2014-4420 : Fermin J. Serna of the Google Security Team CVE-2014-4421 : Fermin J. Serna of the Google Security Team
Kernel Impact: A maliciously crafted file system may cause unexpected system shutdown or arbitrary code execution Description: A heap-based buffer overflow issue existed in the handling of HFS resource forks. A maliciously crafted filesystem may cause an unexpected system shutdown or arbitrary code execution with kernel privileges. The issue was addressed through improved bounds checking. CVE-ID CVE-2014-4433 : Maksymilian Arciemowicz
Kernel Impact: A malicious file system may cause unexpected system shutdown Description: A NULL dereference issue existed in the handling of HFS filenames. A maliciously crafted filesystem may cause an unexpected system shutdown. This issue was addressed by avoiding the NULL dereference. CVE-ID CVE-2014-4434 : Maksymilian Arciemowicz
Kernel Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: A double free issue existed in the handling of Mach ports. This issue was addressed through improved validation of Mach ports. CVE-ID CVE-2014-4375 : an anonymous researcher
Kernel Impact: A person with a privileged network position may cause a denial of service Description: A race condition issue existed in the handling of IPv6 packets. This issue was addressed through improved lock state checking. CVE-ID CVE-2011-2391 : Marc Heuse
Kernel Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: An out-of-bounds read issue existed in rt_setgate. This may lead to memory disclosure or memory corruption. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4408
Kernel Impact: A local user can cause an unexpected system termination Description: A reachable panic existed in the handling of messages sent to system control sockets. This issue was addressed through additional validation of messages. CVE-ID CVE-2014-4442 : Darius Davis of VMware
Kernel Impact: Some kernel hardening measures may be bypassed Description: The random number generator used for kernel hardening measures early in the boot process was not cryptographically secure. Some of its output was inferable from user space, allowing bypass of the hardening measures. This issue was addressed by using a cryptographically secure algorithm. CVE-ID CVE-2014-4422 : Tarjei Mandt of Azimuth Security
LaunchServices Impact: A local application may bypass sandbox restrictions Description: The LaunchServices interface for setting content type handlers allowed sandboxed applications to specify handlers for existing content types. A compromised application could use this to bypass sandbox restrictions. The issue was addressed by restricting sandboxed applications from specifying content type handlers. CVE-ID CVE-2014-4437 : Meder Kydyraliev of the Google Security Team
LoginWindow Impact: Sometimes the screen might not lock Description: A race condition existed in LoginWindow, which would sometimes prevent the screen from locking. The issue was addressed by changing the order of operations. CVE-ID CVE-2014-4438 : Harry Sintonen of nSense, Alessandro Lobina of Helvetia Insurances, Patryk Szlagowski of Funky Monkey Labs
Mail Impact: Mail may send email to unintended recipients Description: A user interface inconsistency in Mail application resulted in email being sent to addresses that were removed from the list of recipients. The issue was addressed through improved user interface consistency checks. CVE-ID CVE-2014-4439 : Patrick J Power of Melbourne, Australia
MCX Desktop Config Profiles Impact: When mobile configuration profiles were uninstalled, their settings were not removed Description: Web proxy settings installed by a mobile configuration profile were not removed when the profile was uninstalled. This issue was addressed through improved handling of profile uninstallation. CVE-ID CVE-2014-4440 : Kevin Koster of Cloudpath Networks
NetFS Client Framework Impact: File Sharing may enter a state in which it cannot be disabled Description: A state management issue existed in the File Sharing framework. This issue was addressed through improved state management. CVE-ID CVE-2014-4441 : Eduardo Bonsi of BEARTCOMMUNICATIONS
QuickTime Impact: Playing a maliciously crafted m4a file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of audio samples. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4351 : Karl Smith of NCC Group
Safari Impact: History of pages recently visited in an open tab may remain after clearing of history Description: Clearing Safari's history did not clear the back/forward history for open tabs. This issue was addressed by clearing the back/forward history. CVE-ID CVE-2013-5150
Safari Impact: Opting in to push notifications from a maliciously crafted website may cause future Safari Push Notifications to be missed Description: An uncaught exception issue existed in SafariNotificationAgent's handling of Safari Push Notifications. This issue was addressed through improved handling of Safari Push Notifications. CVE-ID CVE-2014-4417 : Marek Isalski of Faelix Limited
Secure Transport Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support a better TLS version, by blocking TLS 1.0 and higher connection attempts. This issue was addressed by disabling CBC cipher suites when TLS connection attempts fail. CVE-ID CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of Google Security Team
Security Impact: A remote attacker may be able to cause a denial of service Description: A null dereference existed in the handling of ASN.1 data. This issue was addressed through additional validation of ASN.1 data. CVE-ID CVE-2014-4443 : Coverity
Security Impact: A local user might have access to another user's Kerberos tickets Description: A state management issue existed in SecurityAgent. While Fast User Switching, sometimes a Kerberos ticket for the switched-to user would be placed in the cache for the previous user. This issue was addressed through improved state management. CVE-ID CVE-2014-4444 : Gary Simon of Sandia National Laboratories, Ragnar Sundblad of KTH Royal Institute of Technology, Eugene Homyakov of Kaspersky Lab
Security - Code Signing Impact: Tampered applications may not be prevented from launching Description: Apps signed on OS X prior to OS X Mavericks 10.9 or apps using custom resource rules, may have been susceptible to tampering that would not have invalidated the signature. On systems set to allow only apps from the Mac App Store and identified developers, a downloaded modified app could have been allowed to run as though it were legitimate. This issue was addressed by ignoring signatures of bundles with resource envelopes that omit resources that may influence execution. CVE-ID CVE-2014-4391 : Christopher Hickstein working with HP's Zero Day Initiative
Note: OS X Yosemite includes Safari 8.0, which incorporates the security content of Safari 7.1. For further details see "About the security content of Safari 7.1" at https://support.apple.com/kb/HT6440.
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUQCItAAoJEBcWfLTuOo7tVTMQAIpXH2MO4xElrJDdFvz+9hEq 0I/Md7JZMvm66AZZG6AlHPnGn/UfNSD6BxGmuuz2MnVyr3kBTHfGQbsRtoZ/54dZ OJrFVD+HE+WmjhB2xLoLTMDP5QgdpBY0gpmNF5Ze4tRogpbfrhDQJjjWls4xbB3B 0MYF5Cq+9nMwHquh/gQpp4pRCms+S/3TdHrjunlfnWFJMNT+XTs0Y5+QPZQ8OMAb lqDGjjjulN3+WLCekIWXX1WeAFjqW5ICSWqt0b8/yWVnLWuYmWvHPC8LrP52+s87 XHgx+9tW/5L+ZMGxfDYKnhkXNsQaFPai1iPgztjz7/c3NON7ogdIbJd290j2GZ2S CUoozCx2rVn9l7hFYSDP5fHt8x1itvWeH1UX6WP6Ydkf4iXe63ksMaVSFqccEb7r HlBlx/dE1FuWD+gkOQwDPkKZR1yiMArqrHz1YwC4GZ6/A3aG9B++y1TBCetQO8xs bFmlhX4Rvmme+NED0Hli7yN/++axkYUfAHTLwnucq1MW+eP9jecsBpFsOMKJ0ika XrZoquwIM4zQPgY1qBz15Nxeb8lX2IcpL5PKGEeqiKX3SRPerdQKUnUBk1DtHg2h fl+BG2AfN6uaYGJvGL9G2OX95SylOWW9uoYvfTVafwU7f9tE8RUEStnXhQD00j/r P2OKoqPuE6SsFq6L2VwF =Ucxd -----END PGP SIGNATURE-----
. CVE-ID CVE-2014-4428 : Mike Ryan of iSEC Partners
House Arrest Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Files transferred to the device may be written with insufficient cryptographic protection Description: Files could be transferred to an app's Documents directory and encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the transferred files with a key protected by the hardware UID and the user's passcode. CVE-ID CVE-2014-4448 : Jonathan Zdziarski and Kevin DeLong
iCloud Data Access Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may force iCloud data access clients to leak sensitive information Description: A TLS certificate validation vulnerability existed in iCloud data access clients. CVE-ID CVE-2014-4449 : Carl Mehner of USAA
Keyboards Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: QuickType could learn users' credentials Description: QuickType could learn users' credentials when switching between elements. This issue was addressed by QuickType not learning from fields where autocomplete is disabled and reapplying the criteria when switching between DOM input elements in legacy WebKit. CVE-ID CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of Google Security Team
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "8.1"
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201410-1059",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.10"
},
{
"model": "tv",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.0.1 (apple tv ( first 3 generation ) or later )"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
}
],
"sources": [
{
"db": "BID",
"id": "70636"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-607"
},
{
"db": "NVD",
"id": "CVE-2014-4428"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mike Ryan of iSEC Partners",
"sources": [
{
"db": "BID",
"id": "70636"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4428",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CVE-2014-4428",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "VHN-72368",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-4428",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-4428",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201410-607",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-72368",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72368"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-607"
},
{
"db": "NVD",
"id": "CVE-2014-4428"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bluetooth in Apple OS X before 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing. Apple Mac OS X is prone to a security-bypass vulnerability. \nAttackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-10-16-1 OS X Yosemite v10.10\n\nOS X Yosemite v10.10 is now available and addresses the following:\n\n802.1X\nImpact: An attacker can obtain WiFi credentials\nDescription: An attacker could have impersonated a WiFi access\npoint, offered to authenticate with LEAP, broken the MS-CHAPv1 hash,\nand used the derived credentials to authenticate to the intended\naccess point even if that access point supported stronger\nauthentication methods. This issue was addressed by disabling LEAP by\ndefault. \nCVE-ID\nCVE-2014-4364 : Pieter Robyns, Bram Bonne, Peter Quax, and Wim\nLamotte of Universiteit Hasselt\n\nAFP File Server\nImpact: A remote attacker could determine all the network addresses\nof the system\nDescription: The AFP file server supported a command which returned\nall the network addresses of the system. This issue was addressed by\nremoving the addresses from the result. \nCVE-ID\nCVE-2014-4426 : Craig Young of Tripwire VERT\n\napache\nImpact: Multiple vulnerabilities in Apache\nDescription: Multiple vulnerabilities existed in Apache, the most\nserious of which may lead to a denial of service. These issues were\naddressed by updating Apache to version 2.4.9. \nCVE-ID\nCVE-2013-6438\nCVE-2014-0098\n\nApp Sandbox\nImpact: An application confined by sandbox restrictions may misuse\nthe accessibility API\nDescription: A sandboxed application could misuse the accessibility\nAPI without the user\u0027s knowledge. This has been addressed by\nrequiring administrator approval to use the accessibility API on an\nper-application basis. \nCVE-ID\nCVE-2014-4427 : Paul S. Ziegler of Reflare UG\n\nBash\nImpact: In certain configurations, a remote attacker may be able to\nexecute arbitrary shell commands\nDescription: An issue existed in Bash\u0027s parsing of environment\nvariables. This issue was addressed through improved environment\nvariable parsing by better detecting the end of the function\nstatement. This update also incorporated the suggested CVE-2014-7169\nchange, which resets the parser state. In addition, this update\nadded a new namespace for exported functions by creating a function\ndecorator to prevent unintended header passthrough to Bash. The names\nof all environment variables that introduce function definitions are\nrequired to have a prefix \"__BASH_FUNC\u003c\" and suffix \"\u003e()\" to prevent\nunintended function passing via HTTP headers. If a Mac had\npaired with such a device, an attacker could spoof the legitimate\ndevice to establish a connection. The issue was addressed by denying\nunencrypted HID connections. \nCVE-ID\nCVE-2014-4428 : Mike Ryan of iSEC Partners\n\nCFPreferences\nImpact: The \u0027require password after sleep or screen saver begins\u0027\npreference may not be respected until after a reboot\nDescription: A session management issue existed in the handling of\nsystem preference settings. This issue was addressed through improved\nsession tracking. \nCVE-ID\nCVE-2014-4425\n\nCertificate Trust Policy\nImpact: Update to the certificate trust policy\nDescription: The certificate trust policy was updated. The complete\nlist of certificates may be viewed at\nhttp://support.apple.com/kb/HT6005. \n\nCoreStorage\nImpact: An encrypted volume may stay unlocked when ejected\nDescription: When an encrypted volume was logically ejected while\nmounted, the volume was unmounted but the keys were retained, so it\ncould have been mounted again without the password. This issue was\naddressed by erasing the keys on eject. \nCVE-ID\nCVE-2014-4430 : Benjamin King at See Ben Click Computer Services LLC,\nKarsten Iwen, Dustin Li (http://dustin.li/), Ken J. Takekoshi, and\nother anonymous researchers\n\nCUPS\nImpact: A local user can execute arbitrary code with system\nprivileges\nDescription: When the CUPS web interface served files, it would\nfollow symlinks. A local user could create symlinks to arbitrary\nfiles and retrieve them through the web interface. This issue was\naddressed by disallowing symlinks to be served via the CUPS web\ninterface. \nCVE-ID\nCVE-2014-3537\n\nDock\nImpact: In some circumstances, windows may be visible even when the\nscreen is locked\nDescription: A state management issue existed in the handling of the\nscreen lock. This issue was addressed through improved state\ntracking. \nCVE-ID\nCVE-2014-4431 : Emil Sjolander of Umea University\n\nfdesetup\nImpact: The fdesetup command may provide misleading status for the\nstate of encryption on disk\nDescription: After updating settings, but before rebooting, the\nfdesetup command provided misleading status. This issue was addressed\nthrough improved status reporting. \nCVE-ID\nCVE-2014-4432\n\niCloud Find My Mac\nImpact: iCloud Lost mode PIN may be bruteforced\nDescription: A state persistence issue in rate limiting allowed\nbrute force attacks on iCloud Lost mode PIN. This issue was addressed\nthrough improved state persistence across reboots. \nCVE-ID\nCVE-2014-4435 : knoy\n\nIOAcceleratorFamily\nImpact: An application may cause a denial of service\nDescription: A NULL pointer dereference was present in the\nIntelAccelerator driver. The issue was addressed through improved\nerror handling. \nCVE-ID\nCVE-2014-4373 : cunzhang from Adlab of Venustech\n\nIOHIDFamily\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A null pointer dereference existed in IOHIDFamily\u0027s\nhandling of key-mapping properties. This issue was addressed through\nimproved validation of IOHIDFamily key-mapping properties. \nCVE-ID\nCVE-2014-4405 : Ian Beer of Google Project Zero\n\nIOHIDFamily\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A heap buffer overflow existed in IOHIDFamily\u0027s\nhandling of key-mapping properties. This issue was addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2014-4404 : Ian Beer of Google Project Zero\n\nIOHIDFamily\nImpact: An application may cause a denial of service\nDescription: A out-of-bounds memory read was present in the\nIOHIDFamily driver. The issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2014-4436 : cunzhang from Adlab of Venustech\n\nIOHIDFamily\nImpact: A user may be able to execute arbitrary code with system\nprivileges\nDescription: An out-of-bounds write issue exited in the IOHIDFamily\ndriver. The issue was addressed through improved input validation. \nCVE-ID\nCVE-2014-4380 : cunzhang from Adlab of Venustech\n\nIOKit\nImpact: A malicious application may be able to read uninitialized\ndata from kernel memory\nDescription: An uninitialized memory access issue existed in the\nhandling of IOKit functions. This issue was addressed through\nimproved memory initialization. \nCVE-ID\nCVE-2014-4407 : @PanguTeam\n\nIOKit\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A validation issue existed in the handling of certain\nmetadata fields of IODataQueue objects. This issue was addressed\nthrough improved validation of metadata. \nCVE-ID\nCVE-2014-4388 : @PanguTeam\n\nIOKit\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A validation issue existed in the handling of certain\nmetadata fields of IODataQueue objects. This issue was addressed\nthrough improved validation of metadata. \nCVE-ID\nCVE-2014-4418 : Ian Beer of Google Project Zero\n\nKernel\nImpact: A local user may be able to determine kernel memory layout\nDescription: Multiple uninitialized memory issues existed in the\nnetwork statistics interface, which led to the disclosure of kernel\nmemory content. This issue was addressed through additional memory\ninitialization. \nCVE-ID\nCVE-2014-4371 : Fermin J. Serna of the Google Security Team\nCVE-2014-4419 : Fermin J. Serna of the Google Security Team\nCVE-2014-4420 : Fermin J. Serna of the Google Security Team\nCVE-2014-4421 : Fermin J. Serna of the Google Security Team\n\nKernel\nImpact: A maliciously crafted file system may cause unexpected\nsystem shutdown or arbitrary code execution\nDescription: A heap-based buffer overflow issue existed in the\nhandling of HFS resource forks. A maliciously crafted filesystem may\ncause an unexpected system shutdown or arbitrary code execution with\nkernel privileges. The issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-4433 : Maksymilian Arciemowicz\n\nKernel\nImpact: A malicious file system may cause unexpected system shutdown\nDescription: A NULL dereference issue existed in the handling of HFS\nfilenames. A maliciously crafted filesystem may cause an unexpected\nsystem shutdown. This issue was addressed by avoiding the NULL\ndereference. \nCVE-ID\nCVE-2014-4434 : Maksymilian Arciemowicz\n\nKernel\nImpact: A local user may be able to cause an unexpected system\ntermination or arbitrary code execution in the kernel\nDescription: A double free issue existed in the handling of Mach\nports. This issue was addressed through improved validation of Mach\nports. \nCVE-ID\nCVE-2014-4375 : an anonymous researcher\n\nKernel\nImpact: A person with a privileged network position may cause a\ndenial of service\nDescription: A race condition issue existed in the handling of IPv6\npackets. This issue was addressed through improved lock state\nchecking. \nCVE-ID\nCVE-2011-2391 : Marc Heuse\n\nKernel\nImpact: A local user may be able to cause an unexpected system\ntermination or arbitrary code execution in the kernel\nDescription: An out-of-bounds read issue existed in rt_setgate. This\nmay lead to memory disclosure or memory corruption. This issue was\naddressed through improved bounds checking. \nCVE-ID\nCVE-2014-4408\n\nKernel\nImpact: A local user can cause an unexpected system termination\nDescription: A reachable panic existed in the handling of messages\nsent to system control sockets. This issue was addressed through\nadditional validation of messages. \nCVE-ID\nCVE-2014-4442 : Darius Davis of VMware\n\nKernel\nImpact: Some kernel hardening measures may be bypassed\nDescription: The random number generator used for kernel hardening\nmeasures early in the boot process was not cryptographically secure. \nSome of its output was inferable from user space, allowing bypass of\nthe hardening measures. This issue was addressed by using a\ncryptographically secure algorithm. \nCVE-ID\nCVE-2014-4422 : Tarjei Mandt of Azimuth Security\n\nLaunchServices\nImpact: A local application may bypass sandbox restrictions\nDescription: The LaunchServices interface for setting content type\nhandlers allowed sandboxed applications to specify handlers for\nexisting content types. A compromised application could use this to\nbypass sandbox restrictions. The issue was addressed by restricting\nsandboxed applications from specifying content type handlers. \nCVE-ID\nCVE-2014-4437 : Meder Kydyraliev of the Google Security Team\n\nLoginWindow\nImpact: Sometimes the screen might not lock\nDescription: A race condition existed in LoginWindow, which would\nsometimes prevent the screen from locking. The issue was addressed by\nchanging the order of operations. \nCVE-ID\nCVE-2014-4438 : Harry Sintonen of nSense, Alessandro Lobina of\nHelvetia Insurances, Patryk Szlagowski of Funky Monkey Labs\n\nMail\nImpact: Mail may send email to unintended recipients\nDescription: A user interface inconsistency in Mail application\nresulted in email being sent to addresses that were removed from the\nlist of recipients. The issue was addressed through improved user\ninterface consistency checks. \nCVE-ID\nCVE-2014-4439 : Patrick J Power of Melbourne, Australia\n\nMCX Desktop Config Profiles\nImpact: When mobile configuration profiles were uninstalled, their\nsettings were not removed\nDescription: Web proxy settings installed by a mobile configuration\nprofile were not removed when the profile was uninstalled. This issue\nwas addressed through improved handling of profile uninstallation. \nCVE-ID\nCVE-2014-4440 : Kevin Koster of Cloudpath Networks\n\nNetFS Client Framework\nImpact: File Sharing may enter a state in which it cannot be\ndisabled\nDescription: A state management issue existed in the File Sharing\nframework. This issue was addressed through improved state\nmanagement. \nCVE-ID\nCVE-2014-4441 : Eduardo Bonsi of BEARTCOMMUNICATIONS\n\nQuickTime\nImpact: Playing a maliciously crafted m4a file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of audio\nsamples. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4351 : Karl Smith of NCC Group\n\nSafari\nImpact: History of pages recently visited in an open tab may remain\nafter clearing of history\nDescription: Clearing Safari\u0027s history did not clear the\nback/forward history for open tabs. This issue was addressed by\nclearing the back/forward history. \nCVE-ID\nCVE-2013-5150\n\nSafari\nImpact: Opting in to push notifications from a maliciously crafted\nwebsite may cause future Safari Push Notifications to be missed\nDescription: An uncaught exception issue existed in\nSafariNotificationAgent\u0027s handling of Safari Push Notifications. This\nissue was addressed through improved handling of Safari Push\nNotifications. \nCVE-ID\nCVE-2014-4417 : Marek Isalski of Faelix Limited\n\nSecure Transport\nImpact: An attacker may be able to decrypt data protected by SSL\nDescription: There are known attacks on the confidentiality of SSL\n3.0 when a cipher suite uses a block cipher in CBC mode. An attacker\ncould force the use of SSL 3.0, even when the server would support a\nbetter TLS version, by blocking TLS 1.0 and higher connection\nattempts. This issue was addressed by disabling CBC cipher suites\nwhen TLS connection attempts fail. \nCVE-ID\nCVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of\nGoogle Security Team\n\nSecurity\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A null dereference existed in the handling of ASN.1\ndata. This issue was addressed through additional validation of ASN.1\ndata. \nCVE-ID\nCVE-2014-4443 : Coverity\n\nSecurity\nImpact: A local user might have access to another user\u0027s Kerberos\ntickets\nDescription: A state management issue existed in SecurityAgent. \nWhile Fast User Switching, sometimes a Kerberos ticket for the\nswitched-to user would be placed in the cache for the previous user. \nThis issue was addressed through improved state management. \nCVE-ID\nCVE-2014-4444 : Gary Simon of Sandia National Laboratories, Ragnar\nSundblad of KTH Royal Institute of Technology, Eugene Homyakov of\nKaspersky Lab\n\nSecurity - Code Signing\nImpact: Tampered applications may not be prevented from launching\nDescription: Apps signed on OS X prior to OS X Mavericks 10.9 or\napps using custom resource rules, may have been susceptible to\ntampering that would not have invalidated the signature. On systems\nset to allow only apps from the Mac App Store and identified\ndevelopers, a downloaded modified app could have been allowed to run\nas though it were legitimate. This issue was addressed by ignoring\nsignatures of bundles with resource envelopes that omit resources\nthat may influence execution. \nCVE-ID\nCVE-2014-4391 : Christopher Hickstein working with HP\u0027s Zero Day\nInitiative\n\n\nNote: OS X Yosemite includes Safari 8.0, which incorporates\nthe security content of Safari 7.1. For further details see\n\"About the security content of Safari 7.1\" at\nhttps://support.apple.com/kb/HT6440. \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJUQCItAAoJEBcWfLTuOo7tVTMQAIpXH2MO4xElrJDdFvz+9hEq\n0I/Md7JZMvm66AZZG6AlHPnGn/UfNSD6BxGmuuz2MnVyr3kBTHfGQbsRtoZ/54dZ\nOJrFVD+HE+WmjhB2xLoLTMDP5QgdpBY0gpmNF5Ze4tRogpbfrhDQJjjWls4xbB3B\n0MYF5Cq+9nMwHquh/gQpp4pRCms+S/3TdHrjunlfnWFJMNT+XTs0Y5+QPZQ8OMAb\nlqDGjjjulN3+WLCekIWXX1WeAFjqW5ICSWqt0b8/yWVnLWuYmWvHPC8LrP52+s87\nXHgx+9tW/5L+ZMGxfDYKnhkXNsQaFPai1iPgztjz7/c3NON7ogdIbJd290j2GZ2S\nCUoozCx2rVn9l7hFYSDP5fHt8x1itvWeH1UX6WP6Ydkf4iXe63ksMaVSFqccEb7r\nHlBlx/dE1FuWD+gkOQwDPkKZR1yiMArqrHz1YwC4GZ6/A3aG9B++y1TBCetQO8xs\nbFmlhX4Rvmme+NED0Hli7yN/++axkYUfAHTLwnucq1MW+eP9jecsBpFsOMKJ0ika\nXrZoquwIM4zQPgY1qBz15Nxeb8lX2IcpL5PKGEeqiKX3SRPerdQKUnUBk1DtHg2h\nfl+BG2AfN6uaYGJvGL9G2OX95SylOWW9uoYvfTVafwU7f9tE8RUEStnXhQD00j/r\nP2OKoqPuE6SsFq6L2VwF\n=Ucxd\n-----END PGP SIGNATURE-----\n\n. \nCVE-ID\nCVE-2014-4428 : Mike Ryan of iSEC Partners\n\nHouse Arrest\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Files transferred to the device may be written with\ninsufficient cryptographic protection\nDescription: Files could be transferred to an app\u0027s Documents\ndirectory and encrypted with a key protected only by the hardware\nUID. This issue was addressed by encrypting the transferred files\nwith a key protected by the hardware UID and the user\u0027s passcode. \nCVE-ID\nCVE-2014-4448 : Jonathan Zdziarski and Kevin DeLong\n\niCloud Data Access\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker in a privileged network position may force\niCloud data access clients to leak sensitive information\nDescription: A TLS certificate validation vulnerability existed in\niCloud data access clients. \nCVE-ID\nCVE-2014-4449 : Carl Mehner of USAA\n\nKeyboards\nAvailable for: iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: QuickType could learn users\u0027 credentials\nDescription: QuickType could learn users\u0027 credentials when switching\nbetween elements. This issue was addressed by QuickType not learning\nfrom fields where autocomplete is disabled and reapplying the\ncriteria when switching between DOM input elements in legacy WebKit. \nCVE-ID\nCVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of\nGoogle Security Team\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"8.1\"",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4428"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"db": "BID",
"id": "70636"
},
{
"db": "VULHUB",
"id": "VHN-72368"
},
{
"db": "PACKETSTORM",
"id": "128729"
},
{
"db": "PACKETSTORM",
"id": "128770"
},
{
"db": "PACKETSTORM",
"id": "128769"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4428",
"trust": 3.1
},
{
"db": "BID",
"id": "70636",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "61825",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61827",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031063",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU97537282",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004869",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201410-607",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-72368",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128729",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128769",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72368"
},
{
"db": "BID",
"id": "70636"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"db": "PACKETSTORM",
"id": "128729"
},
{
"db": "PACKETSTORM",
"id": "128770"
},
{
"db": "PACKETSTORM",
"id": "128769"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-607"
},
{
"db": "NVD",
"id": "CVE-2014-4428"
}
]
},
"id": "VAR-201410-1059",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-72368"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:52:08.395000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT6541",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6541"
},
{
"title": "HT6542",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6542"
},
{
"title": "HT6535",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6535"
},
{
"title": "HT6535",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6535?viewlocale=ja_JP"
},
{
"title": "HT6542",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6542?viewlocale=ja_JP"
},
{
"title": "HT6541",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6541?viewlocale=ja_JP"
},
{
"title": "OS X Yosemite 10.10 MAS 14A389( Official version of the full firmware )",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52113"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-607"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72368"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"db": "NVD",
"id": "CVE-2014-4428"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/archive/1/533747"
},
{
"trust": 1.7,
"url": "https://support.apple.com/kb/ht6535"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533746"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70636"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6541"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6542"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031063"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61825"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61827"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97641"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4428"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97537282/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4428"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4428"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "http://gpgtools.org"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4408"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4380"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht6440."
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht6005."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4405"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4419"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4404"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4373"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4407"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4417"
},
{
"trust": 0.1,
"url": "http://dustin.li/),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4375"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4418"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4371"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4449"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4448"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72368"
},
{
"db": "BID",
"id": "70636"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"db": "PACKETSTORM",
"id": "128729"
},
{
"db": "PACKETSTORM",
"id": "128770"
},
{
"db": "PACKETSTORM",
"id": "128769"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-607"
},
{
"db": "NVD",
"id": "CVE-2014-4428"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-72368"
},
{
"db": "BID",
"id": "70636"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"db": "PACKETSTORM",
"id": "128729"
},
{
"db": "PACKETSTORM",
"id": "128770"
},
{
"db": "PACKETSTORM",
"id": "128769"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-607"
},
{
"db": "NVD",
"id": "CVE-2014-4428"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-72368"
},
{
"date": "2014-10-16T00:00:00",
"db": "BID",
"id": "70636"
},
{
"date": "2014-10-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"date": "2014-10-17T15:02:27",
"db": "PACKETSTORM",
"id": "128729"
},
{
"date": "2014-10-21T01:10:32",
"db": "PACKETSTORM",
"id": "128770"
},
{
"date": "2014-10-21T01:06:53",
"db": "PACKETSTORM",
"id": "128769"
},
{
"date": "2014-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-607"
},
{
"date": "2014-10-18T01:55:13.277000",
"db": "NVD",
"id": "CVE-2014-4428"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-72368"
},
{
"date": "2014-10-21T00:02:00",
"db": "BID",
"id": "70636"
},
{
"date": "2014-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004869"
},
{
"date": "2014-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-607"
},
{
"date": "2024-11-21T02:10:10.440000",
"db": "NVD",
"id": "CVE-2014-4428"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-607"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple OS X of Bluetooth Vulnerabilities impersonating devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004869"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-607"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.