CVE-2014-1370

CWE-119 — Buffer Overflow6 documents6 sources

Severity

6.8MEDIUM

EPSS

1.8%

top 17.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedJul 1

Latest updateJan 14

Description

The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

▶NVDapple/mac_os_x10.9.3+15

▶NVDapple/mac_os_x_server6 versions+5

🔴Vulnerability Details

OSV

f2fs: use global inline_xattr_slab instead of per-sb slab cache↗2026-01-14

▶

GHSA

GHSA-m8x9-3w5p-964r: The byte-swapping implementation in copyfile in Apple OS X before 10↗2022-05-17

▶

CVEList

CVE-2014-1370: The byte-swapping implementation in copyfile in Apple OS X before 10↗2014-07-01

▶