4.9
MEDIUM

CVE-2014-1322

Published: 23/04/2014 Updated: 24/04/2014
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

Vulnerability Summary

The kernel in Apple OS X up to and including 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object.

Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Access Complexity: LOW
Authentication: NONE
Access Vector: LOCAL
Confidentiality Impact: COMPLETE
Integrity Impact: NONE
Availability Impact: NONE

Affected Products

Vendor Product Versions
AppleMac Os X10.9, 10.9.1, 10.9.2

Exploits

source: wwwsecurityfocuscom/bid/67023/info Apple Mac OS X is prone to a local security-bypass vulnerability Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions Apple Mac OS X 1092 is vulnerable; other versions may also be affected #include <stdioh> #include <strings ...

References