CVE-2014-4437
CVE-2014-4437 affects Apple OS X LaunchServices (pre-10.10). The flaw allows a sandboxed application to bypass restrictions by registering a crafted Content-Type handler for an object. Root cause: the LaunchServices interface allowed sandboxed apps to set content-type handlers, enabling sandbox b...