Arbitrary Code Execution and Denial of Service Vulnerability in Apple OS X's Byte-Swapping Implementation

Arbitrary Code Execution and Denial of Service Vulnerability in Apple OS X's Byte-Swapping Implementation

CVE-2014-1370 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive.

Learn more about our Web Application Penetration Testing UK.