CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1314 – Apple OS X WindowsServer Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2014-1314
23 Apr 2014 — WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application. WindowServer en Apple OS X hasta 10.9.2 no previene la creación de sesión mediante una aplicación en una sandbox, lo que permite a atacantes evadir el mecanismo de protección sandbox y ejecutar código arbitrario a través de una aplicación manipulada. This vulnerability allows remote atta... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 3%CPEs: 15EXPL: 0CVE-2014-1320 – (Pwn2Own\Pwn4Fun) Apple OS X IOKit Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-1320
23 Apr 2014 — IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object. IOKit en Apple iOS anterior a 7.1.1, Apple OS X hasta 10.9.2 y Apple TV anterior a 6.1.1 coloca punteros de kernel dentro de una estructura de datos de objeto, lo que facilita a usuarios locales evadir el mecanismo de protección ASLR mediante la... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2014-1322 – Apple Mac OSX - Local Security Bypass
https://notcve.org/view.php?id=CVE-2014-1322
23 Apr 2014 — The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object. El kernel en Apple OS X hasta 10.9.2 coloca un puntero de kernel en una estructura de datos de objeto XNU accesible de espacio de usuario, lo que facilita a usuarios locales evadir el mecanismo de protección ASLR mediante la lectura de un atributo no especi... • https://www.exploit-db.com/exploits/39147 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-1316 – Apple Security Advisory 2014-04-22-1
https://notcve.org/view.php?id=CVE-2014-1316
23 Apr 2014 — Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service (abort and daemon exit) via ASN.1 data encountered in the Kerberos 5 protocol. Heimdal, utilizado en Apple OS X hasta 10.9.2, permite a atacantes remotos causar una denegación de servicio (abortar y salida de demonio) a través de datos ASN.1 encontrados en el protocolo Kerberos 5. Security Update 2014-002 is now available and addresses vulnerabilities in CFNetwork HTTPProtocol, CoreServicesUIAgent, FontParser... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 2CVE-2013-7338 – Gentoo Linux Security Advisory 201503-10
https://notcve.org/view.php?id=CVE-2013-7338
22 Apr 2014 — Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function. Python anterior a 3.3.4 RC1 permite a atacantes remotos causar una denegación de servicio (bucle infinito y consumo de CPU) a través de un valor de tamaño de archivo más grande que el tamaño del archivo zi... • http://bugs.python.org/issue20078 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 25%CPEs: 76EXPL: 1CVE-2013-5704 – httpd: bypass of mod_headers rules via chunked requests
https://notcve.org/view.php?id=CVE-2013-5704
15 Apr 2014 — The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." El módulo mod_headers en el servidor de Apache HTTP 2.2.22 permite a atacantes remotos evadir directivas "RequestHeader unset" mediante la colocación de una cabera en la porción "trailer" de datos enviados con codificación de tran... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2014-0106 – sudo: certain environment variables not sanitized when env_reset is disabled
https://notcve.org/view.php?id=CVE-2014-0106
06 Mar 2014 — Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable. Sudo 1.6.9 anterior a 1.8.5, cuando env_reset está deshabilitada, no comprueba debidamente variables de entorno para la restricción env_delete, lo que permite a usuarios locales con permisos sudo evadir restricciones de comando a través de una variable de en... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2014-2234
https://notcve.org/view.php?id=CVE-2014-2234
05 Mar 2014 — A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify callback function's documentation, which allows remote attackers to bypass extra verification within a custom application via a crafted certificate chain that is acceptable to TEA but not acceptable to that application. Cierto parche de Apple para OpenSSL en Apple OS X 10.9.2 y anteriores utiliza una funcionalidad... • https://hynek.me/articles/apple-openssl-verification-surprises • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 2CVE-2014-1263 – Apple Security Advisory 2014-02-25-1
https://notcve.org/view.php?id=CVE-2014-1263
26 Feb 2014 — curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate. curl en Apple OS X 10.9.x anterior a 10.9.2 no verifica los certificados X.509 d... • http://curl.haxx.se/docs/adv_20140326C.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-1265 – Apple Security Advisory 2014-02-25-1
https://notcve.org/view.php?id=CVE-2014-1265
26 Feb 2014 — The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock. El programa systemsetup en el subsistema de fecha y hora en Apple OS X anterior a 10.9.2 permite a usuarios locales evadir restricciones de acceso mediante el cambio la hora actual en el reloj del sistema. OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses multiple security issues includin... • http://support.apple.com/kb/HT6150 • CWE-264: Permissions, Privileges, and Access Controls •