Lucene search
HistoryFeb 27, 2014 - 1:55 a.m.
CVE-2014-1261
cve-2014-1261
integer signedness error
coretext
apple os x
10.9.2
remote attackers
arbitrary code execution
denial of service
application crash
crafted unicode font
nvd
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.8%
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:mac_os_x | apple mac os x | le | 10.9.1 |
| apple:mac_os_x | apple mac os x | eq | 10.9 |
References
Related
prion
prion
Integer overflow
2014-02-27 01:55:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities -07 (Sep 2014)
2014-09-22 00:00:00
seebug
seebug
Apple Mac OS X多个安全漏洞(APPLE-SA-2014-02-25-1)
2014-02-26 00:00:00
nessus
nessus
Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities
2014-02-25 00:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2014-02-28 00:00:00
APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001
2014-02-28 00:00:00
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.8%
Related for CVE-2014-1261