CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 1CVE-2014-1379 – Apple Security Advisory 2014-06-30-2
https://notcve.org/view.php?id=CVE-2014-1379
01 Jul 2014 — Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a 32-bit executable file for a crafted application. Graphics Drivers en Apple OS X anterior a 10.9.4 permite a atacantes ganar privilegios o causar una denegación de servicio (referencia a puntero nulo y caída de sistema) a través de un fichero ejecutable de 32-bits para una aplicación manipulada. OS X Mavericks 10.9.4 and Security Update 2014-003 are ... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2014-1381 – Apple Security Advisory 2014-06-30-2
https://notcve.org/view.php?id=CVE-2014-1381
01 Jul 2014 — Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call. Thunderbolt en Apple OS X anterior a 10.9.4 no restringe debidamente las llamadas IOThunderBoltController API, lo que permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (acceso a memoria fuera de rango y caída de aplicación) a t... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 6%CPEs: 23EXPL: 0CVE-2014-1370 – Apple Security Advisory 2014-06-30-2
https://notcve.org/view.php?id=CVE-2014-1370
01 Jul 2014 — The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive. La implementación de intercambio de bytes en copyfile en Apple OS X anterior a 10.9.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (acceso a memoria fuera de rango y caída de aplicación) a través de un fichero App... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 0CVE-2014-1359 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2014-1359
01 Jul 2014 — Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application. Subdesbordamiento de enteros en launchd en Apple iOS anterior a 7.1.2, Apple OS X anterior a 10.9.4, y Apple TV anterior a 6.1.2 permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada. OS X Mavericks 10.9.4 and Security Update 2014-003 are now available and address application termination, code executio... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 1CVE-2014-1377 – Apple Security Advisory 2014-06-30-2
https://notcve.org/view.php?id=CVE-2014-1377
01 Jul 2014 — Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application. Error en el indice del array en IOAcceleratorFamily en Apple OS X anterior a 10.9.4 permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada. OS X Mavericks 10.9.4 and Security Update 2014-003 are now available and address application termination, code execution, sandbox circumvention, bypass, and various other vulnerabilities. • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html •
CVSS: 5.3EPSS: 0%CPEs: 18EXPL: 0CVE-2014-1361 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2014-1361
01 Jul 2014 — Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 does not ensure that a DTLS message is accepted only for a DTLS connection, which allows remote attackers to obtain potentially sensitive information from uninitialized process memory by providing a DTLS message within a TLS connection. Secure Transport en Apple iOS anterior a 7.1.2, Apple OS X anterior a 10.9.4, y Apple TV anterior a 6.1.2 no asegura que un mensaje DTLS está aceptado únicamente para una conexión... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 0CVE-2014-1357 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2014-1357
01 Jul 2014 — Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages. Desbordamiento de buffer basado en memoria dinámica en launchd en Apple iOS anterior a 7.1.2, Apple OS X anterior a 10.9.4, y Apple TV anterior a 6.1.2 permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada que genera mensajes del registro. OS X Mavericks 10.9.4 and ... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 1CVE-2014-1373 – Apple Security Advisory 2014-06-30-2
https://notcve.org/view.php?id=CVE-2014-1373
01 Jul 2014 — Intel Graphics Driver in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenGL API call, which allows attackers to execute arbitrary code via a crafted application. Intel Graphics Driver en Apple OS X anterior a 10.9.4 no restringe debidamente una llamada OpenGL API no especificada, lo que permite a atacantes remotos ejecutar código arbitrario a través de una aplicación manipulada. OS X Mavericks 10.9.4 and Security Update 2014-003 are now available and address application termination, c... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 1CVE-2014-1376 – Apple Security Advisory 2014-06-30-2
https://notcve.org/view.php?id=CVE-2014-1376
01 Jul 2014 — Intel Compute in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenCL API call, which allows attackers to execute arbitrary code via a crafted application. Intel Compute en Apple OS X anterior a 10.9.4 no restringe debidamente una llamada OpenCL API no especificada, lo que permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada. OS X Mavericks 10.9.4 and Security Update 2014-003 are now available and address application termination, code execution, sandbox c... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2014-1378 – Apple Security Advisory 2014-06-30-2
https://notcve.org/view.php?id=CVE-2014-1378
01 Jul 2014 — IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object. IOGraphicsFamily en Apple OS X anterior a 10.9.4 permite a usuarios locales evadir el mecanismo de protección ASLR mediante el aprovechamiento del acceso de lectura a un puntero del kernel en un objeto IOKit. OS X Mavericks 10.9.4 and Security Update 2014-003 are now available and address application termination, code execution, sandbox cir... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-264: Permissions, Privileges, and Access Controls •