Main Vulnerability Database SB2014070111

SB2014070111 - Permissions, Privileges, and Access Controls in Apple tvOS

Published: July 1, 2014 Updated: August 10, 2020

Security Bulletin ID SB2014070111

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2014-1383)

The vulnerability allows a remote #AU# to read and manipulate data.

Apple TV before 6.1.2 allows remote authenticated users to bypass an intended password requirement for iTunes Store purchase transactions via unspecified vectors.

Remediation

Install update from vendor's website.

References

http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html
http://www.securitytracker.com/id/1030503