CVE-2014-4389
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0148 (1.5%)
Percentile: 81.1%
EPSS: 2026-05-06
Affects
apple:iphone_osapple:tvosapple:mac_os_xTechnical description
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
Published: 9/18/2014, 10:55:09 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
- http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html
- http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
- http://support.apple.com/HT204244
- http://support.apple.com/kb/HT6441
- http://support.apple.com/kb/HT6442
- http://support.apple.com/kb/HT6443
- http://www.securityfocus.com/bid/69882