Sign-up

ID

VAR-201501-0625


CVE

CVE-2014-4480


TITLE

Apple iOS and Apple TV of AppleFileConduit of afc Vulnerable to directory traversal

Trust: 0.8

sources: JVNDB: JVNDB-2015-001274

DESCRIPTION

Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink. Multiple Apple products are prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect AppleFileConduit, Kernel, and WebKit components. Attackers can exploit these issues to bypass security restrictions, disclose information, and perform other attacks. Apple iOS is an operating system developed for mobile devices; Apple TV is a high-definition TV set-top box product. AppleFileConduit is a component for viewing system files in jailbroken iOS devices. An attacker could exploit this vulnerability with a malicious 'afc' command to gain access to a protected file system. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-2 iOS 8.1.3 iOS 8.1.3 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem Description: A vulnerability existed in the symbolic linking mechanism of afc. This issue was addressed by adding additional path checks. CVE-ID CVE-2014-4480 : TaiG Jailbreak Team CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4481 : Felipe Andres Manzano of the Binamuse VRT, via the iSIGHT Partners GVP Program dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute unsigned code Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes. CVE-ID CVE-2014-4455 : TaiG Jailbreak Team FontParser Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4483 : Apple FontParser Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted .dfont file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of .dfont files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4484 : Gaurav Baruah working with HP's Zero Day Initiative Foundation Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted XML file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the XML parser. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4485 : Apple IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in IOAcceleratorFamily's handling of resource lists. This issue was addressed by removing unneeded code. CVE-ID CVE-2014-4486 : Ian Beer of Google Project Zero IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A buffer overflow existed in IOHIDFamily. This issue was addressed through improved size validation. CVE-ID CVE-2014-4487 : TaiG Jailbreak Team IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in IOHIDFamily's handling of resource queue metadata. This issue was addressed through improved validation of metadata. CVE-ID CVE-2014-4488 : Apple IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in IOHIDFamily's handling of event queues. This issue was addressed through improved validation. CVE-ID CVE-2014-4489 : @beist iTunes Store Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A website may be able to bypass sandbox restrictions using the iTunes Store Description: An issue existed in the handling of URLs redirected from Safari to the iTunes Store that could allow a malicious website to bypass Safari's sandbox restrictions. The issue was addressed with improved filtering of URLs opened by the iTunes Store. CVE-ID CVE-2014-8840 : lokihardt@ASRT working with HP's Zero Day Initiative Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Maliciously crafted or compromised iOS applications may be able to determine addresses in the kernel Description: An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. This issue was addressed by unsliding the addresses before returning them. CVE-ID CVE-2014-4491 : @PanguTeam, Stefan Esser Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An issue existed in the kernel shared memory subsystem that allowed an attacker to write to memory that was intended to be read-only. This issue was addressed with stricter checking of shared memory permissions. CVE-ID CVE-2014-4495 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Maliciously crafted or compromised iOS applications may be able to determine addresses in the kernel Description: The mach_port_kobject kernel interface leaked kernel addresses and heap permutation value, which may aid in bypassing address space layout randomization protection. This was addressed by disabling the mach_port_kobject interface in production configurations. CVE-ID CVE-2014-4496 : TaiG Jailbreak Team libnetcore Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious, sandboxed app can compromise the networkd daemon Description: Multiple type confusion issues existed in networkd's handling of interprocess communication. By sending a maliciously formatted message to networkd, it may have been possible to execute arbitrary code as the networkd process. The issue is addressed through additional type checking. CVE-ID CVE-2014-4492 : Ian Beer of Google Project Zero MobileInstallation Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious enterprise-signed application may be able to take control of the local container for applications already on a device Description: A vulnerability existed in the application installation process. This was addressed by preventing enterprise applications from overriding existing applications in specific scenarios. CVE-ID CVE-2014-4493 : Hui Xue and Tao Wei of FireEye, Inc. Springboard Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Enterprise-signed applications may be launched without prompting for trust Description: An issue existed in determining when to prompt for trust when first opening an enterprise-signed application. This issue was addressed through improved code signature validation. CVE-ID CVE-2014-4494 : Song Jin, Hui Xue, and Tao Wei of FireEye, Inc. WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: A UI spoofing issue existed in the handling of scrollbar boundaries. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4467 : Jordan Milne WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Style sheets are loaded cross-origin which may allow for data exfiltration Description: An SVG loaded in an img element could load a CSS file cross-origin. This issue was addressed through enhanced blocking of external CSS references in SVGs. CVE-ID CVE-2014-4465 : Rennie deGraaf of iSEC Partners WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2014-3192 : cloudfuzzer CVE-2014-4459 CVE-2014-4466 : Apple CVE-2014-4468 : Apple CVE-2014-4469 : Apple CVE-2014-4470 : Apple CVE-2014-4471 : Apple CVE-2014-4472 : Apple CVE-2014-4473 : Apple CVE-2014-4474 : Apple CVE-2014-4475 : Apple CVE-2014-4476 : Apple CVE-2014-4477 : lokihardt@ASRT working with HP's Zero Day Initiative CVE-2014-4479 : Apple Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "8.1.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iQIcBAEBAgAGBQJUx8umAAoJEBcWfLTuOo7tTskQAI5o4uXj16m90mQhSqUYG35F pCbUBiLJj4IWcgLsNDKgnhcmX6YOA+q7LnyCuU91K4DLybFZr5/OrxDU4/qCsKQb 8o6uRHdtfq6zrOrUgv+hKXP36Rf5v/zl/P9JViuJoKZXMQow6DYoTpCaUAUwp23z mrF3EwzZyxfT2ICWwPS7r8A9annIprGBZLJz1Yr7Ek90WILTg9RbgnI60IBfpLzn Bi4ej9FqV2HAy4S9Fad6jyB9E0rAsl6PRMPGKVvOa2o1/mLqiFGR06qyHwJ+ynj8 tTGcnVhiZVaiur807DY1hb6uB2oLFQXxHFYe3T17l3igM/iminMpWfcq/PmnIIwR IASrhc24qgUywOGK6FfVKdoh5KNgb3xK4X7U9YL9/eMwgT48a2qO6lLTfYdFfBCh wEzMAFEDpnkwOSw/s5Ry0eCY+p+DU0Kxr3Ter3zkNO0abf2yXjAtu4nHBk3I1t4P y8fM8vcWhPDTdfhIWp5Vwcs6sxCGXO1/w6Okuv4LlEDkSJ0Vm2AdhnE0TmhWW0BB w7XMGRYdUCYRbGIta1wciD8yR1xeAWGIOL9+tYROfK4jgPgFGNjtkhqMWNxLZwnR IEHZ2hYBhf3bWCtEDP5nZBV7jdUUdMxDzDX9AuPp67SXld2By+iMe8AYgu6EVhfY CfDJ+b9mxdd8GswiT3OO =j9pr -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2014-4480 // JVNDB: JVNDB-2015-001274 // BID: 72334 // VULHUB: VHN-72420 // PACKETSTORM: 130130 // PACKETSTORM: 130129

AFFECTED PRODUCTS

vendor:applemodel:tvosscope:lteversion:7.0.1

Trust: 1.0

vendor:applemodel:iphone osscope:lteversion:8.1.2

Trust: 1.0

vendor:applemodel:tvscope:ltversion:7.0.3 (apple tv first 3 after generation )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.1.3 (ipad 2 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.1.3 (iphone 4s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:8.1.3 (ipod touch first 5 after generation )

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:8.1.2

Trust: 0.6

vendor:applemodel:tvscope:eqversion:7.0.2

Trust: 0.6

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.4

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:tvscope:eqversion:1.0

Trust: 0.3

sources: BID: 72334 // JVNDB: JVNDB-2015-001274 // CNNVD: CNNVD-201501-752 // NVD: CVE-2014-4480

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-4480
value: HIGH

Trust: 1.0

NVD: CVE-2014-4480
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201501-752
value: CRITICAL

Trust: 0.6

VULHUB: VHN-72420
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-4480
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-72420
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-72420 // JVNDB: JVNDB-2015-001274 // CNNVD: CNNVD-201501-752 // NVD: CVE-2014-4480

PROBLEMTYPE DATA

problemtype:CWE-59

Trust: 1.9

sources: VULHUB: VHN-72420 // JVNDB: JVNDB-2015-001274 // NVD: CVE-2014-4480

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201501-752

TYPE

post link

Trust: 0.6

sources: CNNVD: CNNVD-201501-752

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-001274

PATCH
title:APPLE-SA-2015-01-27-2url:http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html
Trust: 0.8
title:APPLE-SA-2015-01-27-1url:http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html
Trust: 0.8
title:HT204245url:http://support.apple.com/en-us/HT204245
Trust: 0.8
title:HT204246url:http://support.apple.com/en-us/HT204246
Trust: 0.8
title:HT204245url:http://support.apple.com/ja-jp/HT204245
Trust: 0.8
title:HT204246url:http://support.apple.com/ja-jp/HT204246
Trust: 0.8
title:osxupd10.10.2url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53587
Trust: 0.6
title:iPhone7,1_8.1.3_12B466_Restoreurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53586
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2015-001274 // 
            
            
            
            CNNVD: CNNVD-201501-752

EXTERNAL IDS
db:NVDid:CVE-2014-4480
Trust: 3.0
db:BIDid:72334
Trust: 2.0
db:SECTRACKid:1031652
Trust: 1.7
db:JVNid:JVNVU96447236
Trust: 0.8
db:JVNDBid:JVNDB-2015-001274
Trust: 0.8
db:CNNVDid:CNNVD-201501-752
Trust: 0.7
db:VULHUBid:VHN-72420
Trust: 0.1
db:PACKETSTORMid:130130
Trust: 0.1
db:PACKETSTORMid:130129
Trust: 0.1
sources:
            
            
            VULHUB: VHN-72420 // 
            
            
            
            BID: 72334 // 
            
            
            
            JVNDB: JVNDB-2015-001274 // 
            
            
            
            PACKETSTORM: 130130 // 
            
            
            
            PACKETSTORM: 130129 // 
            
            
            
            CNNVD: CNNVD-201501-752 // 
            
            
            
            NVD: CVE-2014-4480

REFERENCES
url:http://lists.apple.com/archives/security-announce/2015/jan/msg00000.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2015/jan/msg00001.html
Trust: 1.7
url:http://www.securityfocus.com/bid/72334
Trust: 1.7
url:http://support.apple.com/ht204245
Trust: 1.7
url:http://support.apple.com/ht204246
Trust: 1.7
url:http://www.securitytracker.com/id/1031652
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4480
Trust: 0.8
url:http://jvn.jp/vu/jvnvu96447236/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4480
Trust: 0.8
url:http://www.apple.com/ios/
Trust: 0.3
url:https://www.apple.com/in/appletv/
Trust: 0.3
url:http://support.apple.com/kb/ht1222?viewlocale=en_us
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2014-4479
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4485
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4471
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4484
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4473
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4468
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4483
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4491
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4475
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4487
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4481
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4488
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4476
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4489
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4455
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4474
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-3192
Trust: 0.2
url:https://www.apple.com/support/security/pgp/
Trust: 0.2
url:https://support.apple.com/kb/ht1222
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4480
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4459
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4465
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4469
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4472
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4492
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4477
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4486
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4470
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-4466
Trust: 0.2
url:https://www.apple.com/itunes/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-4467
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-4495
Trust: 0.1
sources:
            
            
            VULHUB: VHN-72420 // 
            
            
            
            BID: 72334 // 
            
            
            
            JVNDB: JVNDB-2015-001274 // 
            
            
            
            PACKETSTORM: 130130 // 
            
            
            
            PACKETSTORM: 130129 // 
            
            
            
            CNNVD: CNNVD-201501-752 // 
            
            
            
            NVD: CVE-2014-4480

CREDITS
TaiG Jailbreak Team and Rennie deGraaf of iSEC Partners
Trust: 0.3
sources:
            
            
            BID: 72334

SOURCES
db:VULHUBid:VHN-72420
db:BIDid:72334
db:JVNDBid:JVNDB-2015-001274
db:PACKETSTORMid:130130
db:PACKETSTORMid:130129
db:CNNVDid:CNNVD-201501-752
db:NVDid:CVE-2014-4480

LAST UPDATE DATE
2025-04-13T21:13:15.610000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-72420date:2019-03-08T00:00:00
db:BIDid:72334date:2016-01-12T02:16:00
db:JVNDBid:JVNDB-2015-001274date:2015-02-12T00:00:00
db:CNNVDid:CNNVD-201501-752date:2019-03-13T00:00:00
db:NVDid:CVE-2014-4480date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-72420date:2015-01-30T00:00:00
db:BIDid:72334date:2015-01-27T00:00:00
db:JVNDBid:JVNDB-2015-001274date:2015-02-12T00:00:00
db:PACKETSTORMid:130130date:2015-01-28T00:30:44
db:PACKETSTORMid:130129date:2015-01-28T00:28:03
db:CNNVDid:CNNVD-201501-752date:2015-01-30T00:00:00
db:NVDid:CVE-2014-4480date:2015-01-30T11:59:12.860