CVE-2014-1354

Published: Jul 1, 2014Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

CoreGraphics in Apple iOS before 7.1.2 does not properly restrict allocation of stack memory for processing of XBM images, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image data.

Affected (9)

Products: Apple: Iphone Os

Apple

1 product

Iphone Os

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Up to 7.1.1
Apple Iphone Os	Version 7.0.1
Apple Iphone Os	Version 7.0.2
Apple Iphone Os	Version 7.0.3
Apple Iphone Os	Version 7.0.4
Apple Iphone Os	Version 7.0.5
Apple Iphone Os	Version 7.0.6
Apple Iphone Os	Version 7.0
Apple Iphone Os	Version 7.1

Related CWEs

CWE-399

References (6)

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Source: product-security@apple.com

http://www.securityfocus.com/bid/68276

Source: product-security@apple.com

http://www.securitytracker.com/id/1030500

Source: product-security@apple.com

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/68276

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030500

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.