cbcvebase.
CVE-2014-4389
published 2014-09-18

CVE-2014-4389: Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application…

PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
3.42%
87.4th percentile
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.

Affected

19 ranges
VendorProductVersion rangeFixed in
appleiphone_os<= 7.1.2
appleiphone_os
appleiphone_os
appleiphone_os
appleiphone_os
appleiphone_os
appleiphone_os
appleiphone_os
appleiphone_os
appleiphone_os
applemac_os_x<= 10.9.4
appleos_x_yosemite_v10.10.2_and_security_update_2015-001
appletvos<= 6.2
appletvos
appletvos
appletvos
appletvos
appletvos
appletvos
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.