CVE-2014-1252

CWE-4153 documents3 sources

Severity

7.5HIGH

EPSS

4.1%

top 11.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Apple MAC OS X Apple Pages

Timeline

PublishedJan 24

Latest updateMay 17

Description

Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDapple/pages5 versions+4

▶NVDapple/mac_os_x10.9.1

▶NVDapple/iphone_os7.0

🔴Vulnerability Details

GHSA

GHSA-w23x-qg88-3f6r: Double free vulnerability in Apple Pages 2↗2022-05-17

▶

CVEList

CVE-2014-1252: Double free vulnerability in Apple Pages 2↗2014-01-24

▶