Arbitrary Code Execution Vulnerability in IOKit Metadata Validation
CVE-2014-4388 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418.
Learn more about our Cis Benchmark Audit For Apple Ios.