CVE-2014-8835
The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary’s Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a...
The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary’s Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a...
UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF document’s password in a printing preference file, which allows local users to obtain sensitive information by reading a file. Date published : 2015-01-30...
SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during access to a permission cache, which allows local users to read search results associated with other users’ protected files via a...
The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this drive. Date published...
security_taskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a (1) self-signed certificate or (2) Developer ID certificate....
Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted accessor element in a Collada...
SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app. Date published : 2015-01-30 http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244
Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sandboxed app that includes a com.apple.sandbox segment in a path. Date published : 2015-01-30 http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately upon being woken from sleep, which allows physically proximate attackers to obtain sensitive information by reading the screen. Date...
LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive. Date published : 2015-01-30 http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://www.securityfocus.com/bid/72341
The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-service responses via unspecified vectors. Date published...
The kernel in Apple OS X before 10.10.2 does not properly validate IODataQueue object metadata fields, which allows attackers to execute arbitrary code in a privileged context via a crafted app. Date published :...
The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first...
IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an...