To Customer Support To Customer Support

iOS 7_1 exploit for CVE-2014-4377 critical flaw publicly available

  • 23 September 2014
  • 1 reply
  • 169 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
by Pierluigi Paganini on September 23rd, 2014 http://securityaffairs.co/wordpress/wp-content/uploads/2014/09/ios7-300x133.jpg  

Users which haven’t upgraded their systems to the Apple iOS 8 could be victims of a new iOS 7.1 exploit targeting the CVE-2014-4377 vulnerability.

Security experts at Binamuse firm have discovered the availability online of the exploit kit which targets the vulnerability coded CVE-2014-4377, a memory corruption issue in iOS’s core graphics library. The exploitation of CVE-2014-4377 could allow a threat actor to deliver a malformed PDF through the Safari Browser and get victim to execute an arbitrary code which allow the attacker to gain complete control of the victim’s device.
The list of devices potentially affected by the CVE-2014-4377 flaw is long, iPhone, iPad or iPod Touch that are still running iOS 7.1.x or its jail broken are affected by the vulnerability. The vulnerability also affects Apple TV version below 7.
 
Full Article

1 reply

R
Rank
Userlevel 7
Ok flaws...................Apple and the rest of the developers are pushing out these IPad's and IPod's by the thousands with little or no concern on security flaws.....but money talks........

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.