Apple : Security Vulnerabilities, CVEs, Published In February 2014 (Code Execution)
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269.
Max CVSS
6.8
EPSS Score
1.06%
Published
2014-02-27
Updated
2016-12-08
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270.
Max CVSS
6.8
EPSS Score
1.06%
Published
2014-02-27
Updated
2016-12-08
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.
Max CVSS
6.8
EPSS Score
1.18%
Published
2014-02-27
Updated
2016-12-08
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font.
Max CVSS
7.5
EPSS Score
0.74%
Published
2014-02-27
Updated
2014-02-27
QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
Max CVSS
6.8
EPSS Score
0.99%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
Max CVSS
6.8
EPSS Score
0.10%
Published
2014-02-27
Updated
2014-03-10
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
Max CVSS
6.8
EPSS Score
1.18%
Published
2014-02-27
Updated
2014-02-27
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document.
Max CVSS
6.8
EPSS Score
0.99%
Published
2014-02-27
Updated
2014-02-27
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file.
Max CVSS
9.3
EPSS Score
9.60%
Published
2014-02-27
Updated
2015-10-21
Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.
Max CVSS
9.3
EPSS Score
0.64%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.
Max CVSS
9.3
EPSS Score
1.06%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.
Max CVSS
9.3
EPSS Score
1.06%
Published
2014-02-27
Updated
2014-03-10
Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.
Max CVSS
9.3
EPSS Score
3.30%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.
Max CVSS
9.3
EPSS Score
4.86%
Published
2014-02-27
Updated
2014-02-27
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.
Max CVSS
9.3
EPSS Score
3.65%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
Max CVSS
9.3
EPSS Score
5.08%
Published
2014-02-27
Updated
2015-10-21
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
Max CVSS
9.3
EPSS Score
3.03%
Published
2014-02-27
Updated
2014-02-27
17 vulnerabilities found