Remote Code Execution Vulnerability in Apple OS X Archive Utility
CVE-2014-1370

Currently unrated

Key Information:

Vendor

Apple
Status
Mac Os X
Mac Os X Server
Vendor
CVE Published:
1 July 2014

What is CVE-2014-1370?

A vulnerability exists in the byte-swapping implementation of the copyfile function in Apple OS X, which can be exploited by remote attackers through a specially crafted AppleDouble file compressed in a ZIP archive. This leads to arbitrary code execution or a denial of service, resulting in out-of-bounds memory access and application crashes. Patch updates are recommended to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://support.apple.com/kb/HT6296
x_refsource_CONFIRM
http://www.securitytracker.com/id/1030505
vdb-entryx_refsource_SECTRACK
http://archives.neohapsis.com/archives/bugtraq/2014-06/01...
vendor-advisoryx_refsource_APPLE

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.