CVE-2014-4489

Published Jan 30, 2015

Last updated 6 years ago

Overview

Description
IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly initialize event queues, which allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
Source
product-security@apple.com
NVD status
Analyzed

Risk scores

CVSS 2.0

Type
Primary
Base score
10
Impact score
10
Exploitability score
10
Vector string
AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov
NVD-CWE-Other

Social media

Hype score
Not currently trending

Evaluator

Comment
<a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
Impact
-
Solution
-

Configurations