IOSurface in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages "type confusion" during serialized-object handling.
Base Score: 9.3
Impact Score: 10
Exploitability Score: 8.6
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to 7.0.3 (inclusive)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 8.1.3 (inclusive)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.10.2 (inclusive)
View all (7 total)