CVE-2014-1372

{"id": "CVE-2014-1372", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-07-01T10:17:27.220", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html", "source": "product-security@apple.com"}, {"url": "http://secunia.com/advisories/59475", "source": "product-security@apple.com"}, {"url": "http://support.apple.com/kb/HT6296", "source": "product-security@apple.com"}, {"url": "http://www.securitytracker.com/id/1030505", "source": "product-security@apple.com"}, {"url": "https://code.google.com/p/google-security-research/issues/detail?id=18", "tags": ["Exploit"], "source": "product-security@apple.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call."}, {"lang": "es", "value": "Graphics Driver en Apple OS X anterior a 10.9.4 no restringe debidamente operaciones de lectura durante el procesamiento de una llamada del sistema no especificada, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la memoria del kernel y evadir el mecanismo de protecci\u00f3n ASLR a trav\u00e9s de una llamada manipulada."}], "lastModified": "2015-11-20T16:10:19.243", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EB864BA-7FED-47E3-9391-B89598594AF8", "versionEndIncluding": "10.9.3"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2082D62-3821-4DBA-8690-67489F44C38D"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F0DB1BC-DC16-423E-B0C7-8E9C996A50B5"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E59315BA-B9F1-46A5-86E7-8BE2ED97BA4F"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55841123-F78F-42E0-8D40-C688C4B4D29C"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "252640D3-5CB8-4C3D-9E8B-ED452293C805"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3D30B4B-DA63-40B0-B0C9-F3992CF25706"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.5:supplemental_update:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F1DAD30-BA77-40C2-9245-05DF871FDDC0"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A48A5310-A589-4E9B-99BC-F840CC1A6A44"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F241EBFB-CCB3-4D16-B476-AC1578D3C435"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AEAD650-87D1-49BB-A8C7-BA39FD47285C"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}