Apple macOS vulnerabilities

CVE-2014-4492 [HIGH] CWE-19 CVE-2014-4492: libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type.

CVE-2014-8828 [HIGH] CWE-264 CVE-2014-8828: Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sand Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sandboxed app that includes a com.apple.sandbox segment in a path.

CVE-2014-4484 [HIGH] CWE-19 CVE-2014-4484: FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows re FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .dfont file.

CVE-2014-8825 [HIGH] CWE-20 CVE-2014-8825: The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-service responses via unspecified vectors.

CVE-2014-8819 [HIGH] CVE-2014-8819: The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via uns The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8820 and CVE-2014-8821.

CVE-2014-8821 [HIGH] CVE-2014-8821: The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via uns The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8820.

CVE-2014-8820 [HIGH] CVE-2014-8820: The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via uns The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8821.

CVE-2014-8829 [HIGH] CWE-119 CVE-2014-8829: SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial o SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.

CVE-2014-4485 [HIGH] CWE-119 CVE-2014-4485: Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X before 10.10.2 Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

CVE-2014-8826 [MEDIUM] CWE-19 CVE-2014-8826: LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allow LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive.

CVE-2014-8832 [MEDIUM] CWE-200 CVE-2014-8832: The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an ex The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this drive.

CVE-2014-8831 [MEDIUM] CWE-264 CVE-2014-8831: security_taskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychai security_taskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a (1) self-signed certificate or (2) Developer ID certificate.

CVE-2014-8830 [MEDIUM] CWE-119 CVE-2014-8830: Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execu Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted accessor element in a Collada file.

CVE-2014-4498 [MEDIUM] CWE-17 CVE-2014-4498: The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmwa The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue.

CVE-2014-8823 [MEDIUM] CWE-264 CVE-2014-8823: The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument.

CVE-2014-4483 [MEDIUM] CWE-119 CVE-2014-4483: Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV bef Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font file in a PDF document.

CVE-2014-8838 [MEDIUM] CWE-264 CVE-2014-8838: The Security component in Apple OS X before 10.10.2 does not properly process cached information abo The Security component in Apple OS X before 10.10.2 does not properly process cached information about app certificates, which allows attackers to bypass the Gatekeeper protection mechanism by leveraging access to a revoked Developer ID certificate for signing a crafted app.

CVE-2014-8839 [MEDIUM] CWE-200 CVE-2014-8839: Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" c Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image's URL.

CVE-2014-4491 [MEDIUM] CWE-200 CVE-2014-4491: The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app.

CVE-2014-8816 [MEDIUM] CWE-399 CVE-2014-8816: CoreGraphics in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a CoreGraphics in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PDF document.