Apple Mac OS X Server Code Execution Vulnerability (CVE-2014-4394)
Release date:
Updated on:
Affected Systems:
Apple Mac OS X <10.9.5
Description:
Bugtraq id: 69891
CVE (CAN) ID: CVE-2014-4394
OS x (formerly Mac OS X) is the latest version of Apple's exclusive operating system developed for Mac tower computers.
In Intel Graphics Driver subsystem earlier than Apple OS X 10.9.5, the integrated Graphics Driver routine does not correctly verify the call. Attackers can exploit this vulnerability to execute arbitrary code through constructed applications.
<* Source: Ian Beer
Link: https://www.apple.com/support/security/pgp/
*>
Suggestion:
Vendor patch:
Apple
-----
Apple has released a Security Bulletin (APPLE-SA-2014-09-17-5) and patches for this:
APPLE-SA-2014-09-17-5: OS X Server 3.2.1
Link: https://www.apple.com/support/security/pgp/
This article permanently updates the link address: