Apple iOS vulnerabilities

CVE-2014-4451 [HIGH] CWE-264 CVE-2014-4451: Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier fo Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of guesses.

CVE-2014-4457 [HIGH] CWE-264 CVE-2014-4457: The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run during a time period when debugging is not enabled.

CVE-2014-4452 [MEDIUM] CWE-399 CVE-2014-4452: WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to exec WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462.

CVE-2014-4459 [MEDIUM] CVE-2014-4459: Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attacker Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.

CVE-2014-4453 [MEDIUM] CWE-200 CVE-2014-4453: Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotl Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.

CVE-2014-4462 [MEDIUM] CVE-2014-4462: WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to exec WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452.

CVE-2014-4463 [LOW] CWE-264 CVE-2014-4463: Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection me Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.

CVE-2014-4455 [LOW] CWE-264 CVE-2014-4455: dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segmen dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file.

CVE-2014-4460 [LOW] CWE-200 CVE-2014-4460: CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cac CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.

CVE-2014-4449 [MEDIUM] CWE-310 CVE-2014-4449: iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certificates from TLS servers, whic iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-4448 [LOW] CWE-310 CVE-2014-4448: House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.

CVE-2014-4450 [LOW] CWE-255 CVE-2014-4450: The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within unintended DOM input elements.

CVE-2014-3192 [HIGH] CWE-416 CVE-2014-3192: Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/Pro Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2014-4380 [CRITICAL] CWE-119 CVE-2014-4380: The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds che The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application.

CVE-2014-4381 [CRITICAL] CWE-119 CVE-2014-4381: Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operatio Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.

CVE-2014-4405 [CRITICAL] CVE-2014-4405: IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code i IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties.

CVE-2014-4389 [CRITICAL] CWE-189 CVE-2014-4389: Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute ar Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.

CVE-2014-4418 [HIGH] CVE-2014-4418: IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object meta IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4388.

CVE-2014-4422 [HIGH] CWE-310 CVE-2014-4422: The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator du The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related to the random numbers.

CVE-2014-4375 [HIGH] CVE-2014-4375: Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain pri Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.