Apple iOS vulnerabilities

CVE-2014-4404 [HIGH] CWE-787 CVE-2014-4404: Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attacke Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.

CVE-2014-4388 [HIGH] CWE-20 CVE-2014-4388: IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object meta IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418.

CVE-2014-4379 [HIGH] CWE-119 CVE-2014-4379: An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.

CVE-2014-4369 [HIGH] CVE-2014-4369: The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attack The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments.

CVE-2014-4414 [MEDIUM] CWE-119 CVE-2014-4414: WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbi WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4412 [MEDIUM] CWE-119 CVE-2014-4412: WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbi WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4413 [MEDIUM] CWE-119 CVE-2014-4413: WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbi WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4364 [MEDIUM] CWE-310 CVE-2014-4364: The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authenticat The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.

CVE-2014-4373 [MEDIUM] CVE-2014-4373: The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.

CVE-2014-4409 [MEDIUM] CWE-200 CVE-2014-4409: WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private brow WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.

CVE-2014-4366 [MEDIUM] CWE-255 CVE-2014-4366: Mail in Apple iOS before 8 does not prevent sending a LOGIN command to a LOGINDISABLED IMAP server, Mail in Apple iOS before 8 does not prevent sending a LOGIN command to a LOGINDISABLED IMAP server, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.

CVE-2014-4361 [MEDIUM] CWE-200 CVE-2014-4361: The Home & Lock Screen subsystem in Apple iOS before 8 does not properly restrict the private API fo The Home & Lock Screen subsystem in Apple iOS before 8 does not properly restrict the private API for app prominence, which allows attackers to determine the frontmost app by leveraging access to a crafted background app.

CVE-2014-4378 [MEDIUM] CWE-119 CVE-2014-4378: CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document.

CVE-2014-4354 [MEDIUM] CWE-264 CVE-2014-4354: Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote at Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.

CVE-2014-4423 [MEDIUM] CWE-264 CVE-2014-4423: The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechani The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application.

CVE-2014-4368 [MEDIUM] CWE-264 CVE-2014-4368: The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events.

CVE-2014-4374 [MEDIUM] CVE-2014-4374: NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML dat NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

CVE-2014-4415 [MEDIUM] CWE-119 CVE-2014-4415: WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbi WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4362 [MEDIUM] CWE-200 CVE-2014-4362: The Sandbox Profiles implementation in Apple iOS before 8 does not properly restrict the third-party The Sandbox Profiles implementation in Apple iOS before 8 does not properly restrict the third-party app sandbox profile, which allows attackers to obtain sensitive Apple ID information via a crafted app.

CVE-2014-4411 [MEDIUM] CWE-119 CVE-2014-4411: WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbi WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.