CVE-2014-8835

The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary's Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a crafted dictionary to sysmond, related to an "XPC type confusion" issue.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*

Information

Published : 2015-01-30 03:59

Updated : 2017-09-07 18:29


NVD link : CVE-2014-8835

Mitre link : CVE-2014-8835


JSON object : View

CWE
CWE-19

Data Processing Errors

Advertisement

dedicated server usa

Products Affected

apple

  • mac_os_x