CVE-2014-4402
https://notcve.org/view.php?id=CVE-2014-4402
An unspecified IOAcceleratorFamily function in Apple OS X before 10.9.5 lacks proper bounds checking on read operations, which allows attackers to execute arbitrary code in a privileged context via a crafted application. Una función IOAcceleratorFamily no especificada en Apple OS X anterior a 10.9.5 carece de límites adecuados de comprobación en operaciones de lectura, lo que permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada. • http://support.apple.com/kb/HT6443 http://www.securityfocus.com/bid/69925 http://www.securitytracker.com/id/1030868 https://code.google.com/p/google-security-research/issues/detail?id=33 https://exchange.xforce.ibmcloud.com/vulnerabilities/96063 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-4376
https://notcve.org/view.php?id=CVE-2014-4376
IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments. IOKit en IOAcceleratorFamily en Apple OS X anterior a 10.9.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (referencia a puntero nulo) a través de una aplicación que provee argumentos de API manipulados. • http://support.apple.com/kb/HT6443 http://www.securityfocus.com/bid/69906 http://www.securitytracker.com/id/1030868 https://code.google.com/p/google-security-research/issues/detail?id=31 https://exchange.xforce.ibmcloud.com/vulnerabilities/96051 •
CVE-2014-4398
https://notcve.org/view.php?id=CVE-2014-4398
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416. Una rutina no especificada del driver de gráficos integrados en el subsistema Intel Graphics Driver en Apple OS X anterior a 10.9.5 no valida debidamente las llamadas, lo que permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401 y CVE-2014-4416. • http://support.apple.com/kb/HT6443 http://www.securityfocus.com/bid/69894 http://www.securitytracker.com/id/1030868 https://code.google.com/p/google-security-research/issues/detail?id=32 https://exchange.xforce.ibmcloud.com/vulnerabilities/96058 • CWE-20: Improper Input Validation •
CVE-2014-4401
https://notcve.org/view.php?id=CVE-2014-4401
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, and CVE-2014-4416. Una rutina no especificada del driver de gráficos integrados en el subsistema Intel Graphics Driver en Apple OS X anterior a 10.9.5 no valida debidamente las llamadas, lo que permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400 y CVE-2014-4416. • http://support.apple.com/kb/HT6443 http://www.securityfocus.com/bid/69897 http://www.securitytracker.com/id/1030868 https://code.google.com/p/google-security-research/issues/detail?id=30 https://exchange.xforce.ibmcloud.com/vulnerabilities/96061 • CWE-20: Improper Input Validation •
CVE-2014-4395
https://notcve.org/view.php?id=CVE-2014-4395
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416. Una rutina no especificada del driver de gráficos integrados en el subsistema Intel Graphics Driver en Apple OS X anterior a 10.9.5 no valida debidamente las llamadas, lo que permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2014-4394, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401 y CVE-2014-4416. • http://support.apple.com/kb/HT6443 http://www.securityfocus.com/bid/69888 http://www.securitytracker.com/id/1030868 https://code.google.com/p/google-security-research/issues/detail?id=29 https://exchange.xforce.ibmcloud.com/vulnerabilities/96055 • CWE-20: Improper Input Validation •