Out-of-bounds

2014-07-0110:17:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.5%

JSON

Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call.

CPENameOperatorVersion
mac_os_xeq10.9.2
mac_os_xeq10.9
mac_os_xeq10.9.1
mac_os_xeq10.9.3

Name	Operator	Version
mac_os_x	eq	10.9.2
mac_os_x	eq	10.9
mac_os_x	eq	10.9.1
mac_os_x	eq	10.9.3

References

archives.neohapsis.com/archives/bugtraq/2014-06/0172.html

secunia.com/advisories/59475

support.apple.com/kb/HT6296

www.securitytracker.com/id/1030505