CVE-2014-4453 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-4453 PUBLISHED CVSS 5 MEDIUM

Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.

EPSS 0.78% · 73.6th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

0.78%

73.6th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
apple	mac_os_x	10.9.5, 10.9.1, 10.9.2
apple	iphone_os	8.0, 8.0.1, 8.0.2

Timeline

Nov 18, 2014 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

APPLE-SA-2014-11-17-1 vendor-advisory
71135 vdb
1031230 vdb
62503 third-party-advisory
https://support.apple.com/en-us/HT6590 url
APPLE-SA-2014-11-17-2 vendor-advisory
https://support.apple.com/en-us/HT204419 url
62504 third-party-advisory
macos-cve20144453-info-disc(98782) vdb
https://support.apple.com/en-us/HT204418 url
https://support.apple.com/en-us/HT6591 url
https://support.apple.com/en-us/HT6592 advisory
https://nvd.nist.gov/vuln/detail/CVE-2014-4453 advisory

Open in Interactive Console →