cvelistv5 - CVE-2014-1262

CVE-2014-1262 (GCVE-0-2014-1262)

Vulnerability from cvelistv5

Published

2014-02-27 01:00

Modified

2024-08-06 09:34

Severity ?

CWE

Summary

Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

fkie_cve-2014-1262

Vulnerability from fkie_nvd

Published

2014-02-27 01:55

Modified

2025-04-12 10:46

Severity ?

Summary

Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.

References

	URL	Tags
	product-security@apple.com	http://support.apple.com/kb/HT6150	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6150	Vendor Advisory

Impacted products

	Vendor	Product	Version
	apple	mac_os_x	*
	apple	mac_os_x	10.9

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8303A91-5C8F-4709-83D6-3D211F9C57EE",
              "versionEndIncluding": "10.9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48A5310-A589-4E9B-99BC-F840CC1A6A44",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption."
    },
    {
      "lang": "es",
      "value": "Apple Type Services (ATS) en Apple OS X anterior a 10.9.2 permite a atacantes evadir el mecanismo de protecci\u00f3n App Sandbox a trav\u00e9s de mensajes Mach manipulados que provocan una corrupci\u00f3n de memoria."
    }
  ],
  "id": "CVE-2014-1262",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-02-27T01:55:04.023",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6150"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2014-1262

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.

Aliases

CVE-2014-1262

Aliases

CVE-2014-1262

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-1262",
    "description": "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.",
    "id": "GSD-2014-1262"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-1262"
      ],
      "details": "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.",
      "id": "GSD-2014-1262",
      "modified": "2023-12-13T01:22:51.342066Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2014-1262",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.apple.com/kb/HT6150",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT6150"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.9.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2014-1262"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT6150",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT6150"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-02-27T19:36Z",
      "publishedDate": "2014-02-27T01:55Z"
    }
  }
}

De multiples vulnérabilités ont été corrigées dans Apple OS X Maverick. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Apple OS X Mountain Lion versions antérieures à 10.8.5
Apple	N/A	Apple OS X Lion Server versions antérieures à 10.7.5
Apple	N/A	Apple OS X Mavericks versions antérieures à 10.9.2
Apple	N/A	Apple OS X Lion versions antérieures à 10.7.5

References

Title

Publication Time

ghsa-98gp-4cxp-48r2

Vulnerability from github

Published

2022-05-17 04:51

Modified

2022-05-17 04:51

Details

Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-1262"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-02-27T01:55:00Z",
    "severity": "HIGH"
  },
  "details": "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.",
  "id": "GHSA-98gp-4cxp-48r2",
  "modified": "2022-05-17T04:51:38Z",
  "published": "2022-05-17T04:51:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1262"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT6150"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

var-201402-0401

Vulnerability from variot

Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption. Apple Mac OS X is prone to multiple vulnerabilities. The update addresses new vulnerabilities that affect ATS, CFNetwork Cookies, CoreAnimation, CoreText, Date and Time, curl, QuickTime, QuickLook, Finder, and File Bookmark components. Attackers can exploit these issues to execute arbitrary code, gain unauthorized access, bypass security restrictions, and perform other attacks. Failed attacks may cause denial-of-service conditions. These issues affect OS X versions prior to 10.9.2. Attackers can exploit this vulnerability to bypass the App sandbox

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201402-0401",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.9"
      },
      {
        "model": "mac os x",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.9.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.9"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.9.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.9.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.37"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "65777"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1262"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Roland Moriz of Moriz GmbH, Felix Groebert of the Google Security Team, Meder Kydyraliev of the Google Security Team,\nRob Ansaldo of Amherst College, Graham Bennett Karl Smith of NCC Group, Apple, Lucas Apa and Carlos Mario Penagos of IOActive Labs, Tom Ga",
    "sources": [
      {
        "db": "BID",
        "id": "65777"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-1262",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-1262",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-69201",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-1262",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-1262",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201402-453",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-69201",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69201"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1262"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption. Apple Mac OS X is prone to multiple vulnerabilities. \nThe update addresses new vulnerabilities that affect ATS, CFNetwork Cookies, CoreAnimation, CoreText, Date and Time, curl, QuickTime, QuickLook, Finder, and File Bookmark components. \nAttackers can exploit these issues to execute arbitrary code, gain unauthorized access, bypass security restrictions, and perform other attacks. Failed attacks may cause denial-of-service conditions. \nThese issues affect OS X versions prior to 10.9.2. Attackers can exploit this vulnerability to bypass the App sandbox",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-1262"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "db": "BID",
        "id": "65777"
      },
      {
        "db": "VULHUB",
        "id": "VHN-69201"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-1262",
        "trust": 2.8
      },
      {
        "db": "JVN",
        "id": "JVNVU95868425",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "65777",
        "trust": 0.3
      },
      {
        "db": "VULHUB",
        "id": "VHN-69201",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69201"
      },
      {
        "db": "BID",
        "id": "65777"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1262"
      }
    ]
  },
  "id": "VAR-201402-0401",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69201"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T20:10:02.893000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APPLE-SA-2014-02-25-1",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2014/Feb/msg00000.html"
      },
      {
        "title": "HT6150",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT6150"
      },
      {
        "title": "HT6150",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT6150?viewlocale=ja_JP"
      },
      {
        "title": "OSXUpd10.9.2",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48288"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69201"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1262"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht6150"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1262"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu95868425/"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1262"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/macosx/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69201"
      },
      {
        "db": "BID",
        "id": "65777"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1262"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-69201"
      },
      {
        "db": "BID",
        "id": "65777"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1262"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-02-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-69201"
      },
      {
        "date": "2014-02-25T00:00:00",
        "db": "BID",
        "id": "65777"
      },
      {
        "date": "2014-02-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "date": "2014-02-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      },
      {
        "date": "2014-02-27T01:55:04.023000",
        "db": "NVD",
        "id": "CVE-2014-1262"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-02-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-69201"
      },
      {
        "date": "2014-04-17T00:49:00",
        "db": "BID",
        "id": "65777"
      },
      {
        "date": "2014-02-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      },
      {
        "date": "2014-06-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      },
      {
        "date": "2024-11-21T02:03:56.933000",
        "db": "NVD",
        "id": "CVE-2014-1262"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Mac OS X of  Apple Type Services In  App Sandbox Vulnerabilities that bypass the protection mechanism",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001488"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201402-453"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2014-1262 (GCVE-0-2014-1262)

Vulnerability from cvelistv5

fkie_cve-2014-1262

Vulnerability from fkie_nvd

gsd-2014-1262

Vulnerability from gsd

CERTFR-2014-AVI-095

Vulnerability from certfr_avis

Solution

ghsa-98gp-4cxp-48r2

Vulnerability from github

var-201402-0401

Vulnerability from variot

Tags

Sightings

Nomenclature