Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2015-01-30T11:00:00
Updated: 2024-08-06T11:20:26.041Z
Reserved: 2014-06-20T00:00:00
Link: CVE-2014-4494
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2015-01-30T11:59:23.453
Modified: 2015-11-17T16:25:07.453
Link: CVE-2014-4494
Redhat
No data.