Bypassing App Sandbox Protection in Apple OS X through Apple Type Services (ATS) Vulnerability

Bypassing App Sandbox Protection in Apple OS X through Apple Type Services (ATS) Vulnerability

CVE-2014-1255 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.

Learn more about our Web Application Penetration Testing UK.