7.5

CVE-2014-1371

Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS X Version <= 10.9.3
ApplemacOS X Version10.7.0
ApplemacOS X Version10.7.1
ApplemacOS X Version10.7.2
ApplemacOS X Version10.7.3
ApplemacOS X Version10.7.4
ApplemacOS X Version10.7.5
ApplemacOS X Version10.8.0
ApplemacOS X Version10.8.1
ApplemacOS X Version10.8.2
ApplemacOS X Version10.8.3
ApplemacOS X Version10.8.4
ApplemacOS X Version10.8.5
ApplemacOS X Version10.8.5 Updatesupplemental_update
ApplemacOS X Version10.9
ApplemacOS X Version10.9.1
ApplemacOS X Version10.9.2
ApplemacOS X Server Version10.7.0
ApplemacOS X Server Version10.7.1
ApplemacOS X Server Version10.7.2
ApplemacOS X Server Version10.7.3
ApplemacOS X Server Version10.7.4
ApplemacOS X Server Version10.7.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.79% 0.716
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.