CVE-2014-1354

medium

Description

CoreGraphics in Apple iOS before 7.1.2 does not properly restrict allocation of stack memory for processing of XBM images, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image data.

References

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

http://www.securityfocus.com/bid/68276

http://www.securitytracker.com/id/1030500

Details

Source: MITRE

Published: 2014-07-01

Updated: 2017-01-07

Type: CWE-399

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM