Tvos
CVE-2014-1287
HIGH
Severity by source
AV:L/AC:L/Au:N/C:C/I:C/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:L/Au:N/C:C/I:C/A:C
Lifecycle Timeline
1DescriptionCVE.org
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.
AnalysisAI
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages. Affected products include: Apple Tvos, Apple Iphone Os. Version information: before 7.1.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authenticati
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01
WebKit memory corruption in Safari 18.6 and multiple Apple platforms allows remote code execution when processing malici
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrar
An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is low attack comp
An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authenticati
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor repo
An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploi
An issue was discovered in certain Apple products. Rated critical severity (CVSS 9.8), this vulnerability is remotely ex
An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploi
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attacke
An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploi
Same weakness CWE-119 – Buffer Overflow
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today