CVE-2014-1361

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 7.1.2 Apple OS X versions prior to 10.9.4 Apple TV versions prior to 6.1.2

Description The issue allows remote attackers to obtain potentially sensitive information from uninitialized process memory by providing a DTLS message within a TLS connection, due to the failure of Secure Transport to ensure that a DTLS message is accepted only for a DTLS connection.

Recommendations For Apple iOS versions prior to 7.1.2, update to version 7.1.2 or later. For Apple OS X versions prior to 10.9.4, update to version 10.9.4 or later. For Apple TV versions prior to 6.1.2, update to version 6.1.2 or later.