PT-2014-5915 · Apple · Spotlight+3
Ashkan Soltani
·
Publicado
2014-11-18
·
Atualizado
2017-08-29
·
CVE-2014-4453
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apple iOS versions prior to 8.1.1
Apple OS X versions prior to 10.10.1
Description
The issue allows remote attackers to obtain sensitive information via unspecified vectors, as location data is included during the establishment of a Spotlight Suggestions server connection by Spotlight or Safari.
Recommendations
For Apple iOS versions prior to 8.1.1, update to version 8.1.1 or later to resolve the issue.
For Apple OS X versions prior to 10.10.1, update to version 10.10.1 or later to resolve the issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Os X
Safari
Spotlight
Ios