CVE-2014-4481

Apple <8.1.3, <10.10.2, <7.0.3 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-4481. PoCs published by feliam.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2014-4481, a heap overflow vulnerability in Apple CoreGraphics when parsing CCITT group 3 encoded data. The exploit generates a malicious PDF file that triggers arbitrary code execution in Mobile Safari.

Description

Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

Exploits (1)

nomisec WORKING POC 5 stars

by feliam · poc

https://github.com/feliam/CVE-2014-4481

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2014-4481, a heap overflow vulnerability in Apple CoreGraphics when parsing CCITT group 3 encoded data. The exploit generates a malicious PDF file that triggers arbitrary code execution in Mobile Safari.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Apple CoreGraphics (iOS/macOS)

No auth needed

Prerequisites: Victim must open a malicious PDF file in Mobile Safari or another vulnerable application

MITRE ATT&CK