Apple : Security Vulnerabilities, CVEs, Published In October 2014 (Code Execution)
The IOHIDSecurePromptClient function in Apple OS X does not properly validate pointer values, which allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted web site.
Max CVSS
9.3
EPSS Score
1.18%
Published
2014-10-05
Updated
2014-10-10
Heap-based buffer overflow in the kernel in Apple OS X before 10.10 allows physically proximate attackers to execute arbitrary code via crafted resource forks in an HFS filesystem.
Max CVSS
7.2
EPSS Score
0.13%
Published
2014-10-18
Updated
2017-08-29
Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file.
Max CVSS
6.8
EPSS Score
3.45%
Published
2014-10-18
Updated
2017-08-29
3 vulnerabilities found