Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hackeroneUnknownH1:18850
HistoryFeb 26, 2014 - 12:00 a.m.

Sandbox Escape: OSX ATS memory corruption may lead to App Sandbox bypass

2014-02-2600:00:00
Unknown
hackerone.com
56

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

64.6%

JSON

This issue was reported directly to Apple and has been resolved in OSX Security Update 2014-001.

http://support.apple.com/kb/HT6150

> Available for: OS X Mavericks 10.9 and 10.9.1
>
> Impact: The App Sandbox may be bypassed
>
> Description: A memory corruption issue existed in the handling of Mach messages passed to ATS. This issue was addressed through improved bounds checking.
>
> CVE-2014-1262 : Meder Kydyraliev of the Google Security Team

Related

prion 1
cve 1
openvas 1
seebug 1
nessus 1
securityvulns 2
prion
prion
Memory corruption
2014-02-27 01:55:00
cve
cve
CVE-2014-1262
2014-02-27 01:55:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities -07 (Sep 2014)
2014-09-22 00:00:00
seebug
seebug
Apple Mac OS X多个安全漏洞(APPLE-SA-2014-02-25-1)
2014-02-26 00:00:00
nessus
nessus
Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities
2014-02-25 00:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2014-02-28 00:00:00
APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001
2014-02-28 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

64.6%

JSON
Related for H1:18850
prion1cve1openvas1seebug1nessus1securityvulns2