CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-1381

Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 79.0%

CVSS Severity

CVSS v2 Score 10.0

References

http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html
http://secunia.com/advisories/59475
http://support.apple.com/kb/HT6296
http://www.securitytracker.com/id/1030505
http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html
http://secunia.com/advisories/59475
http://support.apple.com/kb/HT6296
http://www.securitytracker.com/id/1030505

Products affected by CVE-2014-1381

Apple » Mac Os X » Version: 10.9

cpe:2.3:o:apple:mac_os_x:10.9
Apple » Mac Os X » Version: 10.9.1

cpe:2.3:o:apple:mac_os_x:10.9.1
Apple » Mac Os X » Version: 10.9.2

cpe:2.3:o:apple:mac_os_x:10.9.2
Apple » Mac Os X » Version: 10.9.3

cpe:2.3:o:apple:mac_os_x:10.9.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-1381

Products

Pricing

Contact Us