2 matches found
CVE-2014-1255
Apple Type Services ATS in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages...
Sandbox Escape: OSX ATS arbitrary free issue may lead to App Sandbox bypass
This issue was reported directly to Apple and has been resolved in OSX Security Update 2014-001. http://support.apple.com/kb/HT6150 Available for: OS X Mavericks 10.9 and 10.9.1 Impact: The App Sandbox may be bypassed Description: An arbitrary free issue existed in the handling of Mach messages...