Lucene search
HistoryJul 01, 2014 - 10:17 a.m.
CVE-2014-1380
apple
os x
security
keychain
vulnerability
cve-2014-1380
nvd
2.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.9%
The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.
Affected configurations
Node
applemac_os_xMatch10.9
ORapplemac_os_xMatch10.9.1
ORapplemac_os_xMatch10.9.2
ORapplemac_os_xMatch10.9.3
Related
nvd
nvd
CVE-2014-1380
2014-07-01 10:17:27
prion
prion
Input validation
2014-07-01 10:17:00
cvelist
cvelist
CVE-2014-1380
2014-07-01 10:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities -01 (Sep 2014)
2014-09-19 00:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2014-08-04 00:00:00
APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003
2014-08-04 00:00:00
nessus
nessus
Mac OS X 10.9.x < 10.9.4 Multiple Vulnerabilities
2014-07-01 00:00:00
2.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.9%
Related for CVE-2014-1380