Buffer Overflow in Apple Type Services Affects OS X
CVE-2014-1256

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X; Mac Os X Server
Vendor: CVE Published:; 27 February 2014

What is CVE-2014-1256?

A buffer overflow vulnerability in Apple Type Services (ATS) within Apple OS X prior to version 10.9.2 permits attackers to exploit crafted Mach messages, circumventing the App Sandbox protection mechanism. Successful exploitation may allow unauthorized access and manipulation of system resources, posing significant security risks.

References

http://support.apple.com/kb/HT6150

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 27, 2014
Vulnerability Reserved
Jan 8, 2014