Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.
http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html
http://secunia.com/advisories/61318
http://support.apple.com/kb/HT6441
http://support.apple.com/kb/HT6442
http://support.apple.com/kb/HT6443
http://www.securityfocus.com/bid/69882
http://www.securityfocus.com/bid/69931
OR
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.9.4 (inclusive)
OR
cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.0.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:7.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 7.1.2 (inclusive)
OR
cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:6.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:6.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:6.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:6.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to 6.2 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
77822 | Apple TV < 7 Multiple Vulnerabilities | Nessus | Misc. | high |
8394 | Mac OS X < 10.9.5 Multiple Vulnerabilities (Security Update 2014-004) | Nessus Network Monitor | Web Clients | critical |
8392 | Apple TV < 7 Multiple Vulnerabilities | Nessus Network Monitor | Internet Services | critical |
77749 | Mac OS X Multiple Vulnerabilities (Security Update 2014-004) | Nessus | MacOS X Local Security Checks | critical |
77748 | Mac OS X 10.9.x < 10.9.5 Multiple Vulnerabilities | Nessus | MacOS X Local Security Checks | critical |
77745 | Apple iOS < 8 Multiple Vulnerabilities | Nessus | Mobile Devices | high |
8393 | Apple iOS < 8.0 Multiple Vulnerabilities | Nessus Network Monitor | Mobile Devices | high |