Vulnerability Details CVE-2014-4403
The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.8%
CVSS Severity
CVSS v2 Score 2.1
References
- http://support.apple.com/kb/HT6443
- http://www.securityfocus.com/bid/69910
- http://www.securitytracker.com/id/1030868
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96064
- http://support.apple.com/kb/HT6443
- http://www.securityfocus.com/bid/69910
- http://www.securitytracker.com/id/1030868
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96064
Products affected by CVE-2014-4403
-
cpe:2.3:o:apple:mac_os_x:10.9
-
cpe:2.3:o:apple:mac_os_x:10.9.1
-
cpe:2.3:o:apple:mac_os_x:10.9.2
-
cpe:2.3:o:apple:mac_os_x:10.9.3
-
cpe:2.3:o:apple:mac_os_x:10.9.4