CVE-2014-1320

IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.

Published: Apr 23, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-1320
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:L/AC:L/Au:N/C:C/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
apple / mac_os_x	10.9	10.9.x
apple / mac_os_x	10.9.1	10.9.1.x
apple / mac_os_x	-	10.9.2.x
apple / iphone_os	7.0.4	7.0.4.x
apple / iphone_os	-	7.1.x
apple / iphone_os	7.0.5	7.0.5.x
apple / iphone_os	7.0.6	7.0.6.x
apple / iphone_os	7.0.1	7.0.1.x
apple / iphone_os	7.0.2	7.0.2.x
apple / iphone_os	7.0	7.0.x
apple / iphone_os	7.0.3	7.0.3.x
apple / tvos	6.0	6.0.x
apple / tvos	6.0.1	6.0.1.x
apple / tvos	6.0.2	6.0.2.x
apple / tvos	-	6.1.x

http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html
http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html

Vulnerability Database

289,697

CVE-2014-1320