Sign-up

ID

VAR-201409-0471


CVE

CVE-2014-4384


TITLE

Apple iOS Directory traversal vulnerability in the application installation function

Trust: 0.8

sources: JVNDB: JVNDB-2014-004311

DESCRIPTION

Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle. Apple iOS and TV are prone to multiple security vulnerabilities. These issues affect the following components: 802.1X, Accounts, Accessibility, Accounts Framework, Address Book, App Installation, Assets, Bluetooth, CoreGraphics, Foundation, Home & Lock Screen, iMessage, IOAcceleratorFamily, IOAcceleratorFamily, IOHIDFamily, IOHIDFamily, IOKit, Kernel, Libnotify, Mail, Profiles, Safari, Sandbox Profiles, syslog and WebKit components. Successfully exploiting these issues may allow attackers to crash the affected device, bypass security restrictions, obtain sensitive information, or execute arbitrary code. Other attacks are also possible. This BID is being retired. The following individual records exist to better document the issues: 69913 Apple iOS and TV CVE-2014-4364 Spoofing Vulnerability 69917 Apple iOS CVE-2014-4423 Information Disclosure Vulnerability 69926 Apple iOS Lock Screen CVE-2014-4368 Security Bypass Vulnerability 69930 Apple iOS and TV CVE-2014-4357 Local Information Disclosure Security Vulnerability 69932 Apple iOS CVE-2014-4352 Local Information Disclosure Security Vulnerability 69936 Apple iOS CVE-2014-4386 Local Privilege Escalation Vulnerability 69940 Apple iOS CVE-2014-4384 Local Privilege Escalation Vulnerability 69941 Apple iOS and TV CVE-2014-4383 Security Bypass Vulnerability 69943 Apple iOS CVE-2014-4354 Unspecified Security Vulnerability 69903 Multiple Apple Products CVE-2014-4377 PDF Handling Integer Overflow Vulnerability 69915 Apple TV/Mac OS X/iOS CVE-2014-4378 Out of Bounds Read Memory Corruption Vulnerability 69905 Apple Mac OS X and iOS CVE-2014-4374 XML External Entity Information Disclosure Vulnerability 69921 Apple TV/Mac OS X/iOS CVE-2014-4379 Out of Bounds Read Memory Corruption Vulnerability 69929 Apple TV and iOS CVE-2014-4369 NULL Pointer Dereference Denial of Service Vulnerability 69934 Apple TV and iOS CVE-2014-4373 NULL Pointer Dereference Denial of Service Vulnerability 69938 Apple TV and iOS CVE-2014-4405 NULL Pointer Dereference Remote Code Execution Vulnerability 69942 Apple TV and iOS CVE-2014-4380 Out of Bounds Read Write Remote Code Execution Vulnerability 69947 Apple TV and iOS CVE-2014-4404 Heap Based Buffer Overflow Vulnerability 69949 Apple iOS CVE-2014-4361 Security Bypass Vulnerability 69951 Apple iOS CVE-2014-4353 Race Condition Local Information Disclosure Vulnerability 69912 Apple iOS and TV CVE-2014-4407 Information Disclosure Security Vulnerability 69919 Apple iOS and TV CVE-2014-4371 Unspecified Security Vulnerability 69924 Apple iOS and TV CVE-2014-4421 Unspecified Security Vulnerability 69927 Apple iOS and TV CVE-2014-4420 Unspecified Security Vulnerability 69928 Apple iOS and TV CVE-2014-4419 Unspecified Security Vulnerability 69939 Apple iOS and TV CVE-2014-4408 Out of Bounds Read Local Memory Corruption Vulnerability 69944 Apple iOS and TV CVE-2014-4375 Local Memory Corruption Vulnerability 69946 Apple iOS and TV CVE-2014-4418 Remote Code Execution Vulnerability 69948 Apple TV/Mac OS X/iOS CVE-2014-4388 Remote Code Execution Vulnerability 69950 Apple TV/Mac OS X/iOS CVE-2014-4389 Integer Buffer Overflow Vulnerability 69937 WebKit Private Browsing CVE-2014-4409 Security Bypass Vulnerability 69911 Apple iOS and TV CVE-2014-4422 Security Bypass Vulnerability 69931 Apple TV/Mac OS X/iOS CVE-2014-4381 Arbitrary Code Execution Vulnerability 69914 Apple iOS CVE-2014-4366 Information Disclosure Vulnerability 69945 Apple iOS CVE-2014-4367 Security Vulnerability 69920 Apple iOS CVE-2014-4362 Information Disclosure Vulnerability 69922 Apple iOS CVE-2014-4356 Local Information Disclosure Vulnerability 69923 Apple iOS and TV CVE-2014-4372 Local Security Bypass Vulnerability 69937 WebKit Private Browsing CVE-2014-4409 Security Bypass Vulnerability. Successfully exploiting this issue can allow attackers to elevate privileges and and install unverified applications. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. A local attacker could exploit this vulnerability to install unauthenticated applications

Trust: 2.25

sources: NVD: CVE-2014-4384 // JVNDB: JVNDB-2014-004311 // BID: 69882 // BID: 69940 // VULHUB: VHN-72324

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:eqversion:7.0

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:7.1.1

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:7.0.4

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:7.0.6

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:7.0.5

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:7.1

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:7.0.1

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:7.0.2

Trust: 1.6

vendor:applemodel:iphone osscope:eqversion:7.0.3

Trust: 1.6

vendor:applemodel:iphone osscope:lteversion:7.1.2

Trust: 1.0

vendor:applemodel:iosscope:ltversion:8 (ipad 2 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8 (iphone 4s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8 (ipod touch first 5 after generation )

Trust: 0.8

vendor:applemodel:tvscope:eqversion:2.1

Trust: 0.6

vendor:applemodel:tvscope:eqversion:1.0

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.6

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.6

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.6

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:5

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:4

Trust: 0.6

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.6

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.6

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.6

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:7.1.2

Trust: 0.6

vendor:applemodel:tvscope:eqversion:2.2

Trust: 0.3

vendor:applemodel:tvscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:1.1

Trust: 0.3

vendor:applemodel:tvscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.4

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.0

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:4.2

Trust: 0.3

sources: BID: 69882 // BID: 69940 // JVNDB: JVNDB-2014-004311 // CNNVD: CNNVD-201409-630 // NVD: CVE-2014-4384

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-4384
value: LOW

Trust: 1.0

NVD: CVE-2014-4384
value: LOW

Trust: 0.8

CNNVD: CNNVD-201409-630
value: LOW

Trust: 0.6

VULHUB: VHN-72324
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2014-4384
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-72324
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-72324 // JVNDB: JVNDB-2014-004311 // CNNVD: CNNVD-201409-630 // NVD: CVE-2014-4384

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

sources: VULHUB: VHN-72324 // JVNDB: JVNDB-2014-004311 // NVD: CVE-2014-4384

THREAT TYPE

local

Trust: 0.9

sources: BID: 69940 // CNNVD: CNNVD-201409-630

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201409-630

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-004311

PATCH
title:HT6441url:http://support.apple.com/kb/HT6441
Trust: 0.8
title:HT6441url:http://support.apple.com/kb/HT6441?viewlocale=ja_JP
Trust: 0.8
title:AppleTV3,2_7.0_12A365b_Restoreurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51554
Trust: 0.6
title:iPhone7,2_8.0_12A365_Restoreurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51553
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2014-004311 // 
            
            
            
            CNNVD: CNNVD-201409-630

EXTERNAL IDS
db:NVDid:CVE-2014-4384
Trust: 2.8
db:BIDid:69882
Trust: 1.4
db:BIDid:69940
Trust: 1.4
db:SECTRACKid:1030866
Trust: 1.1
db:JVNid:JVNVU93868849
Trust: 0.8
db:JVNDBid:JVNDB-2014-004311
Trust: 0.8
db:CNNVDid:CNNVD-201409-630
Trust: 0.6
db:VULHUBid:VHN-72324
Trust: 0.1
sources:
            
            
            VULHUB: VHN-72324 // 
            
            
            
            BID: 69882 // 
            
            
            
            BID: 69940 // 
            
            
            
            JVNDB: JVNDB-2014-004311 // 
            
            
            
            CNNVD: CNNVD-201409-630 // 
            
            
            
            NVD: CVE-2014-4384

REFERENCES
url:http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
Trust: 2.5
url:http://www.securityfocus.com/bid/69882
Trust: 1.1
url:http://www.securityfocus.com/bid/69940
Trust: 1.1
url:http://support.apple.com/kb/ht6441
Trust: 1.1
url:http://www.securitytracker.com/id/1030866
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/96087
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4384
Trust: 0.8
url:http://jvn.jp/vu/jvnvu93868849/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4384
Trust: 0.8
url:http://www.apple.com/iphone/softwareupdate/
Trust: 0.6
url:http://www.apple.com/iphone/
Trust: 0.6
url:http://www.apple.com/ipodtouch/
Trust: 0.6
url:http://www.apple.com/ipad/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-72324 // 
            
            
            
            BID: 69882 // 
            
            
            
            BID: 69940 // 
            
            
            
            JVNDB: JVNDB-2014-004311 // 
            
            
            
            CNNVD: CNNVD-201409-630 // 
            
            
            
            NVD: CVE-2014-4384

CREDITS
Pieter Robyns, Bram Bonne, Peter Quax, and Wim Lamotte, Adam Weaver, Hendrik Bettermann, Heli Myllykoski, Jonathan Zdziarski, evad3rs, Raul Siles of DinoSec, Maneet Singh, Sean Bluestein, Felipe Andres Manzano of Binamuse VRT working with the iSIGHT Partne
Trust: 0.3
sources:
            
            
            BID: 69882

SOURCES
db:VULHUBid:VHN-72324
db:BIDid:69882
db:BIDid:69940
db:JVNDBid:JVNDB-2014-004311
db:CNNVDid:CNNVD-201409-630
db:NVDid:CVE-2014-4384

LAST UPDATE DATE
2025-04-13T21:42:17.216000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-72324date:2017-08-29T00:00:00
db:BIDid:69882date:2014-09-23T00:01:00
db:BIDid:69940date:2015-03-19T08:10:00
db:JVNDBid:JVNDB-2014-004311date:2014-09-22T00:00:00
db:CNNVDid:CNNVD-201409-630date:2014-09-22T00:00:00
db:NVDid:CVE-2014-4384date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-72324date:2014-09-18T00:00:00
db:BIDid:69882date:2014-09-17T00:00:00
db:BIDid:69940date:2014-09-17T00:00:00
db:JVNDBid:JVNDB-2014-004311date:2014-09-22T00:00:00
db:CNNVDid:CNNVD-201409-630date:2014-09-22T00:00:00
db:NVDid:CVE-2014-4384date:2014-09-18T10:55:09.657