7.5

CVE-2014-1256

Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS X Version <= 10.9.1
ApplemacOS X Version10.7.0
ApplemacOS X Version10.7.1
ApplemacOS X Version10.7.2
ApplemacOS X Version10.7.3
ApplemacOS X Version10.7.4
ApplemacOS X Version10.7.5
ApplemacOS X Version10.8.0
ApplemacOS X Version10.8.1
ApplemacOS X Version10.8.2
ApplemacOS X Version10.8.3
ApplemacOS X Version10.8.4
ApplemacOS X Version10.8.5
ApplemacOS X Version10.8.5 Updatesupplemental_update
ApplemacOS X Version10.9
ApplemacOS X Server Version10.7.0
ApplemacOS X Server Version10.7.1
ApplemacOS X Server Version10.7.2
ApplemacOS X Server Version10.7.3
ApplemacOS X Server Version10.7.4
ApplemacOS X Server Version10.7.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.38% 0.564
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.