The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420. <a href"http://cwe.mitre.org/data/definitions/824.html" target"_blank">CWE-665: Improper Initialization</a>
Publication date: Thu, 18 Sep 2014 15:55:00 +0000