Double Free Vulnerability in Apple Pages Affects Multiple Versions
CVE-2014-1252

Currently unrated

Key Information:

Vendor: Apple
Status: Pages
Vendor: CVE Published:; 24 January 2014

What is CVE-2014-1252?

The vulnerability in Apple Pages arises from a double free error which permits remote attackers to execute arbitrary code or lead to a denial of service when a specially crafted Microsoft Word file is opened. Versions 2.x prior to 2.1 and 5.x prior to 5.1 are particularly susceptible to this issue, making users vulnerable to unexpected application behavior and potential compromise of sensitive information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90672

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1029683

vdb-entryx_refsource_SECTRACK

http://support.apple.com/kb/HT6150

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 24, 2014
Vulnerability Reserved
Jan 8, 2014