U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2014-4459

Change History

Modified Analysis by NIST 7/16/2019 8:22:39 AM

Action Type Old Value New Value
Changed CPE Configuration 
OR
     *cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:* versions up to (including) 12.1
 
OR
     *cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:* versions up to (excluding) 12.2
Changed CPE Configuration 
OR
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (including) 6.2.0
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (including) 7.1.0
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to (including) 8.0.0
 
OR
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions from (including) 6.0 up to (excluding) 6.2.1
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions from (including) 7.0 up to (excluding) 7.1.1
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions from (including) 8.0 up to (excluding) 8.0.1
Changed CPE Configuration 
OR
     *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (including) 8.1.2
 
OR
     *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (excluding) 8.1.3
Changed CPE Configuration 
OR
     *cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.7.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.7.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.7.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.7.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.8.5:supplemental_update:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.9.2:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.9.3:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.9.4:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (including) 10.10.0
 
OR
     *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (excluding) 10.10.1
Changed CPE Configuration 
OR
     *cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to (including) 7.0.1
 
OR
     *cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to (excluding) 7.0.3
Changed Reference Type 
http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html Vendor Advisory
 
http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html Mailing List, Vendor Advisory
Changed Reference Type 
http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html Vendor Advisory
 
http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html Mailing List, Vendor Advisory
Changed Reference Type 
http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html Vendor Advisory
 
http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html Mailing List, Vendor Advisory
Changed Reference Type 
http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html No Types Assigned
 
http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html Mailing List, Vendor Advisory
Changed Reference Type 
http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html No Types Assigned
 
http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html Mailing List, Vendor Advisory
Changed Reference Type 
http://secunia.com/advisories/62503 No Types Assigned
 
http://secunia.com/advisories/62503 Third Party Advisory
Changed Reference Type 
http://www.securityfocus.com/bid/71144 No Types Assigned
 
http://www.securityfocus.com/bid/71144 Third Party Advisory, VDB Entry
Changed Reference Type 
http://www.securitytracker.com/id/1031230 No Types Assigned
 
http://www.securitytracker.com/id/1031230 Third Party Advisory, VDB Entry
Changed Reference Type 
https://exchange.xforce.ibmcloud.com/vulnerabilities/98784 No Types Assigned
 
https://exchange.xforce.ibmcloud.com/vulnerabilities/98784 Third Party Advisory, VDB Entry
Changed Reference Type 
https://support.apple.com/en-us/HT204419 No Types Assigned
 
https://support.apple.com/en-us/HT204419 Vendor Advisory
Changed Reference Type 
https://support.apple.com/kb/HT204949 No Types Assigned
 
https://support.apple.com/kb/HT204949 Vendor Advisory
Changed Evaluator Description 
<a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>

Per an <a href="http://support.apple.com/en-us/HT204246">Apple Security Advisory</a> Apple TV  before 7.0.3 was also vulnerable.
Per an <a href="http://support.apple.com/en-us/HT204245">Apple Security Advisory</a> Apple iOS before 8.1.3 was also vulnerable.
Per an <a href="http://support.apple.com/en-us/HT6596">Apple Security Advisory</a> Apple Safari before versions 8.0.1, 7.1.1 and 6.2.1 were also vulnerable.

These product additions are reflected in the vulnerable configuration.
 
<a href="http://cwe.mitre.org/data/definitions/416.html" rel="nofollow">CWE-416: Use After Free</a>

Per an <a href="http://support.apple.com/en-us/HT204246" rel="nofollow">Apple Security Advisory</a> Apple TV  before 7.0.3 was also vulnerable.
Per an <a href="http://support.apple.com/en-us/HT204245" rel="nofollow">Apple Security Advisory</a> Apple iOS before 8.1.3 was also vulnerable.
Per an <a href="http://support.apple.com/en-us/HT6596" rel="nofollow">Apple Security Advisory</a> Apple Safari before versions 8.0.1, 7.1.1 and 6.2.1 were also vulnerable.

These product additions are reflected in the vulnerable configuration.