|
291901
|
- |
|
apple
|
mac_os_x
|
Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after the viewing of file ACL information, which allows local users to bypass intended access restrictions in opportunistic circumstan…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1264
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291902
|
- |
|
apple
|
mac_os_x
|
curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name…
|
CWE-310
Cryptographic Issues
|
CVE-2014-1263
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291903
|
- |
|
apple
|
mac_os_x
|
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1262
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291904
|
- |
|
apple
|
mac_os_x
|
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font.
|
CWE-189
Numeric Errors
|
CVE-2014-1261
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291905
|
- |
|
apple
|
mac_os_x
|
QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1260
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291906
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1259
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291907
|
- |
|
apple
|
mac_os_x
|
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1258
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291908
|
- |
|
apple
|
mac_os_x
|
CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1257
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291909
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1256
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291910
|
- |
|
apple
|
mac_os_x
|
Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach mes…
|
CWE-20
Improper Input Validation
|
CVE-2014-1255
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
