CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-1380

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.7%

CVSS Severity

CVSS v2 Score 2.6

References

http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html
http://support.apple.com/kb/HT6296
http://www.securitytracker.com/id/1030505
http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html
http://support.apple.com/kb/HT6296
http://www.securitytracker.com/id/1030505

Products affected by CVE-2014-1380

Apple » Mac Os X » Version: 10.9

cpe:2.3:o:apple:mac_os_x:10.9
Apple » Mac Os X » Version: 10.9.1

cpe:2.3:o:apple:mac_os_x:10.9.1
Apple » Mac Os X » Version: 10.9.2

cpe:2.3:o:apple:mac_os_x:10.9.2
Apple » Mac Os X » Version: 10.9.3

cpe:2.3:o:apple:mac_os_x:10.9.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-1380

Products

Pricing

Contact Us