Apple Pages < 2.1 / 5.1 Microsoft Word Document Handling Double Free Arbitrary Code Execution

Medium Nessus Plugin ID 72281


An application on the remote host could allow arbitrary code execution.


According to its self-reported version number, the Apple Pages install on the remote Mac OS X host reportedly has a double-free issue in its handling of Microsoft Word documents that could lead to unexpected program termination or arbitrary code execution.


Upgrade to Apple Pages 2.1 / 5.1 or later.

See Also

Plugin Details

Severity: Medium

ID: 72281

File Name: macosx_pages_5_1.nasl

Version: $Revision: 1.1 $

Type: local

Agent: macosx

Published: 2014/02/04

Modified: 2014/02/04

Dependencies: 72280

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:apple:pages

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, MacOSX/Pages/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/01/23

Vulnerability Publication Date: 2014/01/23

Reference Information

CVE: CVE-2014-1252

BID: 65113

OSVDB: 102460

APPLE-SA: APPLE-SA-2014-01-23-1