CVE-2014-8611

Current Description

The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.

Basic Data

PublishedSeptember 18, 2015
Last ModifiedApril 06, 2016
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-119
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score6.9
SeverityMEDIUM
Exploitability Score3.4
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSAppleIphone Os********8.4.1
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSFreebsdFreebsd10.1*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSAppleMac Os X********10.10.5

Vulnerable Software List

VendorProductVersions
Apple Iphone Os *
Apple Mac Os X *
Freebsd Freebsd 10.1

References

NameSourceURLTags
APPLE-SA-2015-09-16-1http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.htmlAPPLEVendor Advisory
APPLE-SA-2015-09-30-3http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.htmlAPPLEVendor Advisory
https://support.apple.com/HT205212https://support.apple.com/HT205212CONFIRMVendor Advisory
https://support.apple.com/HT205267https://support.apple.com/HT205267CONFIRMVendor Advisory
https://svnweb.freebsd.org/base?view=revision&revision=275665https://svnweb.freebsd.org/base?view=revision&revision=275665CONFIRM
FreeBSD-SA-14:27https://www.freebsd.org/security/advisories/FreeBSD-SA-14:27.stdio.ascFREEBSDVendor Advisory