var-201501-0277
Vulnerability from variot
The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Apple iOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of SSL connections. The issue lies in the implicit trust of sites that offer URL redirection services. An attacker can leverage this vulnerability to execute code outside the context of the sandbox. Apple iOS is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect iTunes Store, MobileInstallation, Springboard, and WebKit components. Attackers can exploit these issues to gain unauthorized access, perform unauthorized actions, bypass security restrictions, and perform other attacks. These issues affect iOS versions prior to 8.1.3. Apple iOS is an operating system developed by Apple (Apple) for mobile devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201501-0277",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "8.1.3 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "8.1.3 (iphone 4s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "8.1.3 (ipod touch first 5 after generation )"
},
{
"model": "ios",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"db": "BID",
"id": "72333"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
},
{
"db": "NVD",
"id": "CVE-2014-8840"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lokihardt@ASRT working with HP\u0027s Zero Day Initiative , Jordan Milne, Song Jin, Hui Xue, and Tao Wei of FireEye, Inc.",
"sources": [
{
"db": "BID",
"id": "72333"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
}
],
"trust": 0.9
},
"cve": "CVE-2014-8840",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-8840",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8840",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-76785",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8840",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8840",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2014-8840",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-712",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-76785",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"db": "VULHUB",
"id": "VHN-76785"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
},
{
"db": "NVD",
"id": "CVE-2014-8840"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Apple iOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of SSL connections. The issue lies in the implicit trust of sites that offer URL redirection services. An attacker can leverage this vulnerability to execute code outside the context of the sandbox. Apple iOS is prone to multiple security vulnerabilities. \nThe update addresses new vulnerabilities that affect iTunes Store, MobileInstallation, Springboard, and WebKit components. \nAttackers can exploit these issues to gain unauthorized access, perform unauthorized actions, bypass security restrictions, and perform other attacks. \nThese issues affect iOS versions prior to 8.1.3. Apple iOS is an operating system developed by Apple (Apple) for mobile devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8840"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"db": "BID",
"id": "72333"
},
{
"db": "VULHUB",
"id": "VHN-76785"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8840",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-010",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1031652",
"trust": 1.1
},
{
"db": "BID",
"id": "72333",
"trust": 0.9
},
{
"db": "JVN",
"id": "JVNVU96447236",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2612",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201501-712",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-76785",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"db": "VULHUB",
"id": "VHN-76785"
},
{
"db": "BID",
"id": "72333"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
},
{
"db": "NVD",
"id": "CVE-2014-8840"
}
]
},
"id": "VAR-201501-0277",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76785"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T19:33:09.476000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT204245",
"trust": 1.5,
"url": "http://support.apple.com/en-us/HT204245"
},
{
"title": "APPLE-SA-2015-01-27-2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
},
{
"title": "HT204245",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT204245"
},
{
"title": "osxupd10.10.2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53587"
},
{
"title": "iPhone7,1_8.1.3_12B466_Restore",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53586"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76785"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"db": "NVD",
"id": "CVE-2014-8840"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00001.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/ht204245"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-15-010/"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031652"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100533"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8840"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96447236/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8840"
},
{
"trust": 0.7,
"url": "http://support.apple.com/en-us/ht204245"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/72333"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ipad/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/iphone/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ipodtouch/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"db": "VULHUB",
"id": "VHN-76785"
},
{
"db": "BID",
"id": "72333"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
},
{
"db": "NVD",
"id": "CVE-2014-8840"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"db": "VULHUB",
"id": "VHN-76785"
},
{
"db": "BID",
"id": "72333"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
},
{
"db": "NVD",
"id": "CVE-2014-8840"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-27T00:00:00",
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"date": "2015-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-76785"
},
{
"date": "2015-01-27T00:00:00",
"db": "BID",
"id": "72333"
},
{
"date": "2015-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"date": "2015-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-712"
},
{
"date": "2015-01-30T11:59:49.470000",
"db": "NVD",
"id": "CVE-2014-8840"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-27T00:00:00",
"db": "ZDI",
"id": "ZDI-15-010"
},
{
"date": "2017-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-76785"
},
{
"date": "2015-02-04T00:01:00",
"db": "BID",
"id": "72333"
},
{
"date": "2015-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001306"
},
{
"date": "2015-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-712"
},
{
"date": "2024-11-21T02:19:51.273000",
"db": "NVD",
"id": "CVE-2014-8840"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple iOS of iTunes Store In the component Safari Vulnerability bypassing sandbox protection mechanisms",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001306"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-712"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…