what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

CVE-2014-4491

Status Candidate

Overview

The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app.

Related Files

Apple Security Advisory 2015-01-27-4: Posted Jan 28, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-01-27-4 - OS X 10.10.2 and Security Update 2015-001 are now available and address information disclosure, arbitrary code execution, cache clearing, integer overflow, and various other vulnerabilities.; tags | advisory, overflow, arbitrary, vulnerability, code execution, info disclosure; systems | apple, osx; advisories | CVE-2011-2391, CVE-2014-1595, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-4371, CVE-2014-4389, CVE-2014-4419, CVE-2014-4420, CVE-2014-4421, CVE-2014-4426, CVE-2014-4460, CVE-2014-4461, CVE-2014-4481, CVE-2014-4483, CVE-2014-4484, CVE-2014-4485, CVE-2014-4486, CVE-2014-4487, CVE-2014-4488, CVE-2014-4489, CVE-2014-4491, CVE-2014-4492, CVE-2014-4495, CVE-2014-4497, CVE-2014-4498, CVE-2014-4499, CVE-2014-6277; SHA-256 | 434e3bbf065d6ff22de4e7b85d71ce11a7811880de29f04e6a58af05a3e46a97; Download | Favorite | View

Apple Security Advisory 2015-01-27-2: Posted Jan 28, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-01-27-2 - iOS 8.1.3 is now available and addresses access bypass, arbitrary code execution, denial of service, and various other vulnerabilities.; tags | advisory, denial of service, arbitrary, vulnerability, code execution; systems | cisco, apple, ios; advisories | CVE-2014-3192, CVE-2014-4455, CVE-2014-4459, CVE-2014-4465, CVE-2014-4466, CVE-2014-4467, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475, CVE-2014-4476, CVE-2014-4477, CVE-2014-4479, CVE-2014-4480, CVE-2014-4481, CVE-2014-4483, CVE-2014-4484, CVE-2014-4485, CVE-2014-4486, CVE-2014-4487, CVE-2014-4488, CVE-2014-4489, CVE-2014-4491, CVE-2014-4492; SHA-256 | 7d9920a6997e5e7bb8e01611c7dce2b7e3e242c90d9a5c4edeb5181b8c7b8cf1; Download | Favorite | View

Apple Security Advisory 2015-01-27-1: Posted Jan 28, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-01-27-1 - Apple TV 7.0.3 is now available and addresses arbitrary code execution, access bypass, unsigned code execution, information disclosure, and various other vulnerabilities.; tags | advisory, arbitrary, vulnerability, code execution, info disclosure; systems | apple; advisories | CVE-2014-3192, CVE-2014-4455, CVE-2014-4459, CVE-2014-4465, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475, CVE-2014-4476, CVE-2014-4477, CVE-2014-4479, CVE-2014-4480, CVE-2014-4481, CVE-2014-4483, CVE-2014-4484, CVE-2014-4485, CVE-2014-4486, CVE-2014-4487, CVE-2014-4488, CVE-2014-4489, CVE-2014-4491, CVE-2014-4492, CVE-2014-4495; SHA-256 | 5ccfb0bf060b8bfce712b760bdd4bdcf5bc236994aba26bbfdd77d093c7ee7bb; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 93 files
Gentoo 31 files
Debian 21 files
tmrswrr 9 files
Sina Kheirkhah 7 files
bRpsd 4 files
Amit Roy 4 files
Aslam Anwar Mahimkar 3 files
nu11secur1ty 3 files

File Tags

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,075)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,322)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,252)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,647)
UNIX (9,424)
UnixWare (187)
Windows (6,665)
Other

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec