Total vulnerabilities in the database
The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app.
| Software | From | Fixed in |
|---|---|---|
| apple / mac_os_x | - | 10.10.1.x |
| apple / iphone_os | - | 8.1.2.x |
| apple / tvos | - | 7.0.1.x |