VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 1, 2014· Updated May 6, 2026

CVE-2014-1377

CVE-2014-1377

Description

Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Array index error in the IOAcceleratorFamily kernel extension in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.

Vulnerability

An array index error exists in the IOAcceleratorFamily kernel extension in Apple OS X before version 10.9.4. This bug allows an attacker to trigger out-of-bounds memory access by crafting a malicious application. The affected versions include OS X Mavericks 10.9 through 10.9.3, as well as earlier OS X versions prior to 10.9.4 [1].

Exploitation

An attacker must deliver a crafted application to the target system and convince the user to run it. No additional privileges are required beyond normal user access. When the application is executed, it triggers the array index error within the IOAcceleratorFamily kernel extension, leading to a memory corruption condition that the attacker can leverage for further exploitation [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code in the kernel context. This results in complete compromise of the system, including full control over processes, data, and system resources. The attack does not require any special system configuration or user interaction beyond running the malicious application [1].

Mitigation

Apple addressed this vulnerability in OS X Mavericks 10.9.4, released on July 1, 2014. Users should update to the latest version via Software Update or from the Apple Support website. No workaround is available for unpatched systems [1].

References
  1. About the security content of OS X Mavericks v10.9.4 and Security Update 2014-003 - Apple Support

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

12
  • Apple Inc./Mac Os X11 versions
    cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*range: <=10.9.3
    • cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.8.5:supplemental_update:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.9.2:*:*:*:*:*:*:*
  • Apple Inc./OS Xllm-fuzzy
    Range: <10.9.4

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.