Lucene search
HistorySep 19, 2014 - 10:55 a.m.
CVE-2014-4403
cve-2014-4403
apple
os x
kernel
aslr protection
local users
sensitive address information
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.
Affected configurations
Node
applemac_os_xMatch10.9
ORapplemac_os_xMatch10.9.1
ORapplemac_os_xMatch10.9.2
ORapplemac_os_xMatch10.9.3
ORapplemac_os_xMatch10.9.4
Related
cvelist
cvelist
CVE-2014-4403
2014-09-19 10:00:00
nvd
nvd
CVE-2014-4403
2014-09-19 10:55:04
prion
prion
Information disclosure
2014-09-19 10:55:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-05 (Oct 2015)
2015-10-29 00:00:00
googleprojectzero
googleprojectzero
More Mac OS X and iPhone sandbox escapes and kernel bugs
2014-10-01 00:00:00
securityvulns
securityvulns
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
2014-09-21 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2014-09-21 00:00:00
nessus
nessus
Mac OS X 10.9.x < 10.9.5 Multiple Vulnerabilities
2014-09-18 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-4403