CVE-2014-4403 — Sensitive Information Exposure in Apple MAC OS X

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 78.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedSep 19

Latest updateMay 17

Description

The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/mac_os_x5 versions+4

🔴Vulnerability Details

GHSA

GHSA-r44w-5gqx-ww66: The kernel in Apple OS X before 10↗2022-05-17

▶

Project0

More Mac OS X and iPhone sandbox escapes and kernel bugs - Project Zero↗2014-10-01

▶