OS X
by Apple Inc.
CVEs (545)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-1258 | 0.00 | — | 0.01 | Feb 27, 2014 | Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image. | |||
| CVE-2014-1257 | 0.00 | — | 0.00 | Feb 27, 2014 | CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an unattended workstation. | |||
| CVE-2014-1256 | 0.00 | — | 0.00 | Feb 27, 2014 | Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | |||
| CVE-2014-1255 | 0.00 | — | 0.00 | Feb 27, 2014 | Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | |||
| CVE-2014-1254 | 0.00 | — | 0.01 | Feb 27, 2014 | Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document. |
- CVE-2014-1258Feb 27, 2014risk 0.00cvss —epss 0.01
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
- CVE-2014-1257Feb 27, 2014risk 0.00cvss —epss 0.00
CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an unattended workstation.
- CVE-2014-1256Feb 27, 2014risk 0.00cvss —epss 0.00
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
- CVE-2014-1255Feb 27, 2014risk 0.00cvss —epss 0.00
Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
- CVE-2014-1254Feb 27, 2014risk 0.00cvss —epss 0.01
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document.
Page 28 of 28