CVE-2014-1315
Apple OS X 10.9.x-10.9.2 - Remote Code Execution via Format String Specifiers in URL
Title source: llmDescription
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a URL.
References (1)
Core 1
Core References
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html
Scores
EPSS
0.0184
EPSS Percentile
76.2%
Details
CWE
CWE-134
Status
published
Products (3)
apple/mac_os_x
10.9
apple/mac_os_x
10.9.1
apple/mac_os_x
10.9.2
Published
Apr 23, 2014
Tracked Since
Feb 18, 2026