CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 0CVE-2014-1357
https://notcve.org/view.php?id=CVE-2014-1357
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages. Desbordamiento de buffer basado en memoria dinámica en launchd en Apple iOS anterior a 7.1.2, Apple OS X anterior a 10.9.4, y Apple TV anterior a 6.1.2 permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada que genera mensajes del registro. • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html http://secunia.com/advisories/59475 http://support.apple.com/kb/HT6296 http://www.securitytracker.com/id/1030500 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-1317
https://notcve.org/view.php?id=CVE-2014-1317
iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file. iBooks Commerce en Apple OS X anterior a 10.9.4 coloca credenciales Apple ID en el registro de iBooks, lo que permite a usuarios locales obtener información sensible mediante la lectura de este fichero. • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html http://secunia.com/advisories/59475 http://support.apple.com/kb/HT6296 http://www.securitytracker.com/id/1030505 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 0CVE-2014-1356
https://notcve.org/view.php?id=CVE-2014-1356
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that sends IPC messages. Desbordamiento de buffer basado en memoria dinámica en launchd en Apple iOS anterior a 7.1.2, Apple OS X anterior a 10.9.4, y Apple TV anterior a 6.1.2 permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada que envía mensajes IPC. • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html http://secunia.com/advisories/59475 http://support.apple.com/kb/HT6296 http://www.securitytracker.com/id/1030500 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-1378
https://notcve.org/view.php?id=CVE-2014-1378
IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object. IOGraphicsFamily en Apple OS X anterior a 10.9.4 permite a usuarios locales evadir el mecanismo de protección ASLR mediante el aprovechamiento del acceso de lectura a un puntero del kernel en un objeto IOKit. • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html http://support.apple.com/kb/HT6296 http://www.securitytracker.com/id/1030505 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 1CVE-2014-1377
https://notcve.org/view.php?id=CVE-2014-1377
Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application. Error en el indice del array en IOAcceleratorFamily en Apple OS X anterior a 10.9.4 permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada. • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html http://secunia.com/advisories/59475 http://support.apple.com/kb/HT6296 http://www.securitytracker.com/id/1030505 https://code.google.com/p/google-security-research/issues/detail?id=17 •