Details of VAR-201409-0464

ID

VAR-201409-0464

CVE

CVE-2014-4423

TITLE

Apple iOS of Accounts Vulnerabilities that bypass the sandbox protection mechanism in the subsystem

Trust: 0.8

sources: JVNDB: JVNDB-2014-004333

DESCRIPTION

The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application. Apple iOS and TV are prone to multiple security vulnerabilities. These issues affect the following components: 802.1X, Accounts, Accessibility, Accounts Framework, Address Book, App Installation, Assets, Bluetooth, CoreGraphics, Foundation, Home & Lock Screen, iMessage, IOAcceleratorFamily, IOAcceleratorFamily, IOHIDFamily, IOHIDFamily, IOKit, Kernel, Libnotify, Mail, Profiles, Safari, Sandbox Profiles, syslog and WebKit components. Successfully exploiting these issues may allow attackers to crash the affected device, bypass security restrictions, obtain sensitive information, or execute arbitrary code. Other attacks are also possible. This BID is being retired. The following individual records exist to better document the issues: 69913 Apple iOS and TV CVE-2014-4364 Spoofing Vulnerability 69917 Apple iOS CVE-2014-4423 Information Disclosure Vulnerability 69926 Apple iOS Lock Screen CVE-2014-4368 Security Bypass Vulnerability 69930 Apple iOS and TV CVE-2014-4357 Local Information Disclosure Security Vulnerability 69932 Apple iOS CVE-2014-4352 Local Information Disclosure Security Vulnerability 69936 Apple iOS CVE-2014-4386 Local Privilege Escalation Vulnerability 69940 Apple iOS CVE-2014-4384 Local Privilege Escalation Vulnerability 69941 Apple iOS and TV CVE-2014-4383 Security Bypass Vulnerability 69943 Apple iOS CVE-2014-4354 Unspecified Security Vulnerability 69903 Multiple Apple Products CVE-2014-4377 PDF Handling Integer Overflow Vulnerability 69915 Apple TV/Mac OS X/iOS CVE-2014-4378 Out of Bounds Read Memory Corruption Vulnerability 69905 Apple Mac OS X and iOS CVE-2014-4374 XML External Entity Information Disclosure Vulnerability 69921 Apple TV/Mac OS X/iOS CVE-2014-4379 Out of Bounds Read Memory Corruption Vulnerability 69929 Apple TV and iOS CVE-2014-4369 NULL Pointer Dereference Denial of Service Vulnerability 69934 Apple TV and iOS CVE-2014-4373 NULL Pointer Dereference Denial of Service Vulnerability 69938 Apple TV and iOS CVE-2014-4405 NULL Pointer Dereference Remote Code Execution Vulnerability 69942 Apple TV and iOS CVE-2014-4380 Out of Bounds Read Write Remote Code Execution Vulnerability 69947 Apple TV and iOS CVE-2014-4404 Heap Based Buffer Overflow Vulnerability 69949 Apple iOS CVE-2014-4361 Security Bypass Vulnerability 69951 Apple iOS CVE-2014-4353 Race Condition Local Information Disclosure Vulnerability 69912 Apple iOS and TV CVE-2014-4407 Information Disclosure Security Vulnerability 69919 Apple iOS and TV CVE-2014-4371 Unspecified Security Vulnerability 69924 Apple iOS and TV CVE-2014-4421 Unspecified Security Vulnerability 69927 Apple iOS and TV CVE-2014-4420 Unspecified Security Vulnerability 69928 Apple iOS and TV CVE-2014-4419 Unspecified Security Vulnerability 69939 Apple iOS and TV CVE-2014-4408 Out of Bounds Read Local Memory Corruption Vulnerability 69944 Apple iOS and TV CVE-2014-4375 Local Memory Corruption Vulnerability 69946 Apple iOS and TV CVE-2014-4418 Remote Code Execution Vulnerability 69948 Apple TV/Mac OS X/iOS CVE-2014-4388 Remote Code Execution Vulnerability 69950 Apple TV/Mac OS X/iOS CVE-2014-4389 Integer Buffer Overflow Vulnerability 69937 WebKit Private Browsing CVE-2014-4409 Security Bypass Vulnerability 69911 Apple iOS and TV CVE-2014-4422 Security Bypass Vulnerability 69931 Apple TV/Mac OS X/iOS CVE-2014-4381 Arbitrary Code Execution Vulnerability 69914 Apple iOS CVE-2014-4366 Information Disclosure Vulnerability 69945 Apple iOS CVE-2014-4367 Security Vulnerability 69920 Apple iOS CVE-2014-4362 Information Disclosure Vulnerability 69922 Apple iOS CVE-2014-4356 Local Information Disclosure Vulnerability 69923 Apple iOS and TV CVE-2014-4372 Local Security Bypass Vulnerability 69937 WebKit Private Browsing CVE-2014-4409 Security Bypass Vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to further attacks

Trust: 2.25

sources: NVD: CVE-2014-4423 // JVNDB: JVNDB-2014-004333 // BID: 69882 // BID: 69917 // VULHUB: VHN-72363

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	eq	version:	7.0	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.1.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.4	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.6	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.5	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.3	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	lte	version:	7.1.2	Trust: 1.0
vendor:	apple	model:	ios	scope:	lt	version:	8 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	8 (iphone 4s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	8 (ipod touch first 5 after generation )	Trust: 0.8
vendor:	apple	model:	tv	scope:	eq	version:	2.1	Trust: 0.6
vendor:	apple	model:	tv	scope:	eq	version:	1.0	Trust: 0.6
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.6
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.6
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.1.2	Trust: 0.6
vendor:	apple	model:	tv	scope:	eq	version:	2.2	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	1.1	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.4	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios for developer	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios beta	scope:	eq	version:	64	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios beta	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	8	Trust: 0.3

sources: BID: 69882 // BID: 69917 // JVNDB: JVNDB-2014-004333 // CNNVD: CNNVD-201409-650 // NVD: CVE-2014-4423

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-4423
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-4423
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201409-650
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-72363
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-4423
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-72363
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-72363 // JVNDB: JVNDB-2014-004333 // CNNVD: CNNVD-201409-650 // NVD: CVE-2014-4423

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-72363 // JVNDB: JVNDB-2014-004333 // NVD: CVE-2014-4423

THREAT TYPE

network

Trust: 0.6

sources: BID: 69882 // BID: 69917

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201409-650

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-004333

PATCH

title:	HT6441	url:	http://support.apple.com/kb/HT6441	Trust: 0.8
title:	HT6441	url:	http://support.apple.com/kb/HT6441?viewlocale=ja_JP	Trust: 0.8
title:	AppleTV3,2_7.0_12A365b_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51554	Trust: 0.6
title:	iPhone7,2_8.0_12A365_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51553	Trust: 0.6

sources: JVNDB: JVNDB-2014-004333 // CNNVD: CNNVD-201409-650

EXTERNAL IDS

db:	NVD	id:	CVE-2014-4423	Trust: 2.8
db:	BID	id:	69882	Trust: 1.4
db:	BID	id:	69917	Trust: 1.4
db:	SECTRACK	id:	1030866	Trust: 1.1
db:	JVN	id:	JVNVU93868849	Trust: 0.8
db:	JVNDB	id:	JVNDB-2014-004333	Trust: 0.8
db:	CNNVD	id:	CNNVD-201409-650	Trust: 0.7
db:	VULHUB	id:	VHN-72363	Trust: 0.1

sources: VULHUB: VHN-72363 // BID: 69882 // BID: 69917 // JVNDB: JVNDB-2014-004333 // CNNVD: CNNVD-201409-650 // NVD: CVE-2014-4423

REFERENCES

url:	http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html	Trust: 2.5
url:	http://www.securityfocus.com/bid/69882	Trust: 1.1
url:	http://www.securityfocus.com/bid/69917	Trust: 1.1
url:	http://support.apple.com/kb/ht6441	Trust: 1.1
url:	http://www.securitytracker.com/id/1030866	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/96099	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4423	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu93868849/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4423	Trust: 0.8
url:	http://www.apple.com/iphone/softwareupdate/	Trust: 0.3
url:	http://www.apple.com/ipad/	Trust: 0.3
url:	http://www.apple.com/iphone/	Trust: 0.3
url:	http://www.apple.com/ipodtouch/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3

sources: VULHUB: VHN-72363 // BID: 69882 // BID: 69917 // JVNDB: JVNDB-2014-004333 // CNNVD: CNNVD-201409-650 // NVD: CVE-2014-4423

CREDITS

Pieter Robyns, Bram Bonne, Peter Quax, and Wim Lamotte, Adam Weaver, Hendrik Bettermann, Heli Myllykoski, Jonathan Zdziarski, evad3rs, Raul Siles of DinoSec, Maneet Singh, Sean Bluestein, Felipe Andres Manzano of Binamuse VRT working with the iSIGHT Partne

Trust: 0.3

sources: BID: 69882

SOURCES

db:	VULHUB	id:	VHN-72363
db:	BID	id:	69882
db:	BID	id:	69917
db:	JVNDB	id:	JVNDB-2014-004333
db:	CNNVD	id:	CNNVD-201409-650
db:	NVD	id:	CVE-2014-4423

LAST UPDATE DATE

2025-04-13T20:21:38.230000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-72363	date:	2017-08-29T00:00:00
db:	BID	id:	69882	date:	2014-09-23T00:01:00
db:	BID	id:	69917	date:	2014-09-17T00:00:00
db:	JVNDB	id:	JVNDB-2014-004333	date:	2014-09-22T00:00:00
db:	CNNVD	id:	CNNVD-201409-650	date:	2014-09-19T00:00:00
db:	NVD	id:	CVE-2014-4423	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-72363	date:	2014-09-18T00:00:00
db:	BID	id:	69882	date:	2014-09-17T00:00:00
db:	BID	id:	69917	date:	2014-09-17T00:00:00
db:	JVNDB	id:	JVNDB-2014-004333	date:	2014-09-22T00:00:00
db:	CNNVD	id:	CNNVD-201409-650	date:	2014-09-19T00:00:00
db:	NVD	id:	CVE-2014-4423	date:	2014-09-18T10:55:10.593