CVE-2014-1315

MEDIUM

Description

Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a URL.

References

http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html

Details

Source: MITRE

Published: 2014-04-23

Updated: 2014-04-23

Type: CWE-134

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM