CVE-2014-1314 — Apple MAC OS X vulnerability

CWE-2643 documents3 sources

Severity

10.0CRITICALNVD

EPSS

0.7%

top 27.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedApr 23

Latest updateMay 17

Description

WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/mac_os_x10.9.2+8

🔴Vulnerability Details

GHSA

GHSA-pp8v-7jff-9xxv: WindowServer in Apple OS X through 10↗2022-05-17

▶

💬Community

Bugzilla

CVE-2014-8483 quassel, konversation: out-of-bounds read on a heap-allocated array↗2014-10-24

▶