Sign-up

ID

VAR-201410-1078


CVE

CVE-2014-4443


TITLE

Apple OS X Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-004883

DESCRIPTION

Apple OS X before 10.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted ASN.1 data. Apple Mac OS X is prone to a remote denial-of-service vulnerability. A remote attacker can leverage this issue to crash the affected application, denying service to legitimate users

Trust: 1.98

sources: NVD: CVE-2014-4443 // JVNDB: JVNDB-2014-004883 // BID: 70625 // VULHUB: VHN-72383

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.9.5

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.10

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.9.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.3

Trust: 0.3

vendor:cosmicperlmodel:directory proscope:eqversion:10.0.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.03

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.11

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1

Trust: 0.3

sources: BID: 70625 // JVNDB: JVNDB-2014-004883 // CNNVD: CNNVD-201410-621 // NVD: CVE-2014-4443

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-4443
value: HIGH

Trust: 1.0

NVD: CVE-2014-4443
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201410-621
value: HIGH

Trust: 0.6

VULHUB: VHN-72383
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-4443
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2014-4443
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-72383
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-72383 // JVNDB: JVNDB-2014-004883 // CNNVD: CNNVD-201410-621 // NVD: CVE-2014-4443

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-72383 // JVNDB: JVNDB-2014-004883 // NVD: CVE-2014-4443

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-621

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201410-621

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-004883

PATCH
title:HT6535url:http://support.apple.com/kb/HT6535
Trust: 0.8
title:HT6535url:http://support.apple.com/kb/HT6535?viewlocale=ja_JP
Trust: 0.8
title:OS X Yosemite 10.10 MAS 14A389( Official version of the full firmware )url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52113
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2014-004883 // 
            
            
            
            CNNVD: CNNVD-201410-621

EXTERNAL IDS
db:NVDid:CVE-2014-4443
Trust: 2.8
db:BIDid:70625
Trust: 1.4
db:SECTRACKid:1031063
Trust: 1.1
db:JVNid:JVNVU97537282
Trust: 0.8
db:JVNDBid:JVNDB-2014-004883
Trust: 0.8
db:CNNVDid:CNNVD-201410-621
Trust: 0.7
db:VULHUBid:VHN-72383
Trust: 0.1
sources:
            
            
            VULHUB: VHN-72383 // 
            
            
            
            BID: 70625 // 
            
            
            
            JVNDB: JVNDB-2014-004883 // 
            
            
            
            CNNVD: CNNVD-201410-621 // 
            
            
            
            NVD: CVE-2014-4443

REFERENCES
url:http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
Trust: 2.5
url:https://support.apple.com/kb/ht6535
Trust: 1.7
url:http://www.securityfocus.com/bid/70625
Trust: 1.1
url:http://www.securitytracker.com/id/1031063
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/97624
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4443
Trust: 0.8
url:http://jvn.jp/vu/jvnvu97537282/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4443
Trust: 0.8
url:http://www.apple.com/macosx/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-72383 // 
            
            
            
            BID: 70625 // 
            
            
            
            JVNDB: JVNDB-2014-004883 // 
            
            
            
            CNNVD: CNNVD-201410-621 // 
            
            
            
            NVD: CVE-2014-4443

CREDITS
Coverity
Trust: 0.3
sources:
            
            
            BID: 70625

SOURCES
db:VULHUBid:VHN-72383
db:BIDid:70625
db:JVNDBid:JVNDB-2014-004883
db:CNNVDid:CNNVD-201410-621
db:NVDid:CVE-2014-4443

LAST UPDATE DATE
2025-04-13T22:48:37.736000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-72383date:2017-08-29T00:00:00
db:BIDid:70625date:2014-10-21T18:02:00
db:JVNDBid:JVNDB-2014-004883date:2014-10-22T00:00:00
db:CNNVDid:CNNVD-201410-621date:2014-10-22T00:00:00
db:NVDid:CVE-2014-4443date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-72383date:2014-10-18T00:00:00
db:BIDid:70625date:2014-10-16T00:00:00
db:JVNDBid:JVNDB-2014-004883date:2014-10-22T00:00:00
db:CNNVDid:CNNVD-201410-621date:2014-10-22T00:00:00
db:NVDid:CVE-2014-4443date:2014-10-18T01:55:13.887