CVE-2014-9862CVE-2014-9862

Affected configuration(s):

cpe:/o:apple:mac_os_x:10.11.5

Date published: 2016-07-21T22:59:00.127-04:00

Date last modified: 2017-08-31T21:29:00.317-04:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

Summary: Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.