6.9
MEDIUM

CVE-2014-4398

Published: 19/09/2014 Updated: 29/08/2017
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

Vulnerability Summary

An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X prior to 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Access Complexity: MEDIUM
Authentication: NONE
Access Vector: LOCAL
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Affected Products

Vendor Product Versions
AppleMac Os X10.8.5, 10.9, 10.9.1, 10.9.2, 10.9.3, 10.9.4

References