CVE-2014-1370

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X; Mac Os X Server
Vendor: CVE Published:; 1 July 2014

Summary

The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive.

References

http://support.apple.com/kb/HT6296

x_refsource_CONFIRM

http://www.securitytracker.com/id/1030505

vdb-entryx_refsource_SECTRACK

http://archives.neohapsis.com/archives/bugtraq/2014-06/01...

vendor-advisoryx_refsource_APPLE

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 1, 2014
Vulnerability Reserved
Jan 8, 2014