CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0CVE-2014-1296
https://notcve.org/view.php?id=CVE-2014-1296
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction. CFNetwork en Apple iOS anterior a 7.1.1, Apple OS X hasta 10.9.2 y Apple TV anterior a 6.1.1 no asegura que una cabecera HTTP de configuración de cookie está completa antes de interpretar el valor de la cabecera, lo que permite a atacantes remotos evadir restricciones de acceso mediante la provocación de el cierre de una conexión TCP durante la transmisión de una cabecera, tal y como fue demostrado por una restricción HTTPOnly. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1314 – Apple OS X WindowsServer Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2014-1314
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application. WindowServer en Apple OS X hasta 10.9.2 no previene la creación de sesión mediante una aplicación en una sandbox, lo que permite a atacantes evadir el mecanismo de protección sandbox y ejecutar código arbitrario a través de una aplicación manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within WindowServer. The issue lies in the failure to prevent sandboxed applications from creating new sessions. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1318 – (Pwn2Own\Pwn4Fun) Apple OS X Graphics Driver Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1318
The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application. Intel Graphics Driver en Apple OS X hasta 10.9.2 no valida debidamente cierto puntero, lo que permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Intel graphics driver. The issue lies in the failure to properly validate a pointer. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 3%CPEs: 15EXPL: 0CVE-2014-1320 – (Pwn2Own\Pwn4Fun) Apple OS X IOKit Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-1320
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object. IOKit en Apple iOS anterior a 7.1.1, Apple OS X hasta 10.9.2 y Apple TV anterior a 6.1.1 coloca punteros de kernel dentro de una estructura de datos de objeto, lo que facilita a usuarios locales evadir el mecanismo de protección ASLR mediante la lectura de atributos no especificados del objeto. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within IOKit. The issue lies in the storage of kernel pointers in an object's data structure that could be retrieved from userland. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 1CVE-2014-1322 – Apple Mac OSX - Local Security Bypass
https://notcve.org/view.php?id=CVE-2014-1322
The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object. El kernel en Apple OS X hasta 10.9.2 coloca un puntero de kernel en una estructura de datos de objeto XNU accesible de espacio de usuario, lo que facilita a usuarios locales evadir el mecanismo de protección ASLR mediante la lectura de un atributo no especificado del objeto. • https://www.exploit-db.com/exploits/39147 http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •