Apple OS X WindowServer Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CoreGraphics. By...

(Pwn2Own) Apple OS X WindowServer Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CFData...

CVE-2014-1314

WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application...

Design/Logic Flaw

WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application...

CVE-2014-1314

CVE-2014-1314 affects Apple OS X (WindowServer) up to 10.9.2. The root cause is that WindowServer could be accessed by sandboxed applications to create new sessions, bypassing the sandbox and allowing arbitrary code execution. In practice, multiple sources (NVD entry for CVE-2014-1314 and ZDI adv...

CVE-2014-1314

WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application...