Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
BID:69907
Info
Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
Bugtraq ID:
69907
Class:
Boundary Condition Error
CVE:
CVE-2014-1391
Remote:
Yes
Local:
No
Published:
Sep 17 2014 12:00AM
Updated:
Oct 29 2014 12:58AM
Credit:
Fernando Munoz working with iDefense VCP, Tom Gallagher & Paul Bates working with HP's Zero Day Initiative
Vulnerable:
Apple QuickTime Player 7.7.2
Apple QuickTime Player 7.7.1
Apple QuickTime Player 7.6.8
Apple QuickTime Player 7.6.7
Apple QuickTime Player 7.6.6 (1671)
Apple QuickTime Player 7.6.6
Apple QuickTime Player 7.6.5
Apple QuickTime Player 7.6.4
Apple QuickTime Player 7.6.2
Apple QuickTime Player 7.6.1
Apple QuickTime Player 7.5.5
+
Apple Mac OS X 10.4.9
+
Apple Mac OS X 10.3.9
+
Apple Mac OS X 10.5
+
Apple Mac OS X Server 10.4.9
+
Apple Mac OS X Server 10.3.9
+
Apple Mac OS X Server 10.5
Apple QuickTime Player 7.4.5
+
Apple Mac OS X 10.4.9
+
Apple Mac OS X 10.3.9
+
Apple Mac OS X 10.5
+
Apple Mac OS X Server 10.4.9
+
Apple Mac OS X Server 10.3.9
+
Apple Mac OS X Server 10.5
Apple QuickTime Player 7.4.1
Apple QuickTime Player 7.3.1 .70
Apple QuickTime Player 7.3.1
Apple QuickTime Player 7.1.6
Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 6.5.2
Apple QuickTime Player 6.5.1
Apple QuickTime Player 6.5
Apple QuickTime Player 6.1
Apple QuickTime Player 5.0.2
-
Apple Mac OS 9 9.2.2
-
Apple Mac OS 9 9.2.2
-
Apple Mac OS 9 9.2.1
-
Apple Mac OS 9 9.2.1
-
Apple Mac OS 9 9.2
-
Apple Mac OS 9 9.2
-
Apple Mac OS 9 9.1
-
Apple Mac OS 9 9.1
-
Apple Mac OS 9 9.0.4
-
Apple Mac OS 9 9.0.4
-
Apple Mac OS 9 9.0
-
Apple Mac OS 9 9.0
-
Apple Mac OS X 10.1.5
-
Apple Mac OS X 10.1.5
-
Apple Mac OS X 10.1.4
-
Apple Mac OS X 10.1.4
-
Apple Mac OS X 10.1.3
-
Apple Mac OS X 10.1.3
-
Apple Mac OS X 10.1.2
-
Apple Mac OS X 10.1.2
-
Apple Mac OS X 10.1.1
-
Apple Mac OS X 10.1.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.0.4
-
Apple Mac OS X 10.0.4
-
Apple Mac OS X 10.0.3
-
Apple Mac OS X 10.0.3
-
Apple Mac OS X 10.0.2
-
Apple Mac OS X 10.0.1
-
Apple Mac OS X 10.0.1
-
Apple Mac OS X 10.0
-
Apple Mac OS X 10.0
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
-
Microsoft Windows 2000 Server
-
Microsoft Windows 2000 Terminal Services SP2
-
Microsoft Windows 2000 Terminal Services SP2
-
Microsoft Windows 2000 Terminal Services SP1
-
Microsoft Windows 2000 Terminal Services SP1
-
Microsoft Windows 2000 Terminal Services
-
Microsoft Windows 2000 Terminal Services
-
Microsoft Windows 95 SR2
-
Microsoft Windows 95 SR2
-
Microsoft Windows 95
-
Microsoft Windows 95
-
Microsoft Windows 98
-
Microsoft Windows 98
-
Microsoft Windows 98SE
-
Microsoft Windows 98SE
-
Microsoft Windows ME
-
Microsoft Windows ME
-
Microsoft Windows NT Enterprise Server 4.0 SP6a
-
Microsoft Windows NT Enterprise Server 4.0 SP6a
-
Microsoft Windows NT Enterprise Server 4.0 SP6
-
Microsoft Windows NT Enterprise Server 4.0 SP6
-
Microsoft Windows NT Enterprise Server 4.0 SP5
-
Microsoft Windows NT Enterprise Server 4.0 SP5
-
Microsoft Windows NT Enterprise Server 4.0 SP4
-
Microsoft Windows NT Enterprise Server 4.0 SP4
-
Microsoft Windows NT Enterprise Server 4.0 SP3
-
Microsoft Windows NT Enterprise Server 4.0 SP3
-
Microsoft Windows NT Enterprise Server 4.0 SP2
-
Microsoft Windows NT Enterprise Server 4.0 SP2
-
Microsoft Windows NT Enterprise Server 4.0 SP1
-
Microsoft Windows NT Enterprise Server 4.0 SP1
-
Microsoft Windows NT Enterprise Server 4.0
-
Microsoft Windows NT Enterprise Server 4.0
-
Microsoft Windows NT Server 4.0 SP6a
-
Microsoft Windows NT Server 4.0 SP6a
-
Microsoft Windows NT Server 4.0 SP6
-
Microsoft Windows NT Server 4.0 SP6
-
Microsoft Windows NT Server 4.0 SP5
-
Microsoft Windows NT Server 4.0 SP5
-
Microsoft Windows NT Server 4.0 SP4
-
Microsoft Windows NT Server 4.0 SP4
-
Microsoft Windows NT Server 4.0 SP3
-
Microsoft Windows NT Server 4.0 SP3
-
Microsoft Windows NT Server 4.0 SP2
-
Microsoft Windows NT Server 4.0 SP2
-
Microsoft Windows NT Server 4.0 SP1
-
Microsoft Windows NT Server 4.0 SP1
-
Microsoft Windows NT Server 4.0
-
Microsoft Windows NT Server 4.0
-
Microsoft Windows NT Terminal Server 4.0 SP6a
-
Microsoft Windows NT Terminal Server 4.0 SP6
-
Microsoft Windows NT Terminal Server 4.0 SP6
-
Microsoft Windows NT Terminal Server 4.0 SP5
-
Microsoft Windows NT Terminal Server 4.0 SP5
-
Microsoft Windows NT Terminal Server 4.0 SP4
-
Microsoft Windows NT Terminal Server 4.0 SP4
-
Microsoft Windows NT Terminal Server 4.0 SP3
-
Microsoft Windows NT Terminal Server 4.0 SP3
-
Microsoft Windows NT Terminal Server 4.0 SP2
-
Microsoft Windows NT Terminal Server 4.0 SP2
-
Microsoft Windows NT Terminal Server 4.0 SP1
-
Microsoft Windows NT Terminal Server 4.0 SP1
-
Microsoft Windows NT Terminal Server 4.0
-
Microsoft Windows NT Terminal Server 4.0
-
Microsoft Windows NT Workstation 4.0 SP6a
-
Microsoft Windows NT Workstation 4.0 SP6a
-
Microsoft Windows NT Workstation 4.0 SP6
-
Microsoft Windows NT Workstation 4.0 SP6
-
Microsoft Windows NT Workstation 4.0 SP5
-
Microsoft Windows NT Workstation 4.0 SP5
-
Microsoft Windows NT Workstation 4.0 SP4
-
Microsoft Windows NT Workstation 4.0 SP4
-
Microsoft Windows NT Workstation 4.0 SP3
-
Microsoft Windows NT Workstation 4.0 SP3
-
Microsoft Windows NT Workstation 4.0 SP2
-
Microsoft Windows NT Workstation 4.0 SP2
-
Microsoft Windows NT Workstation 4.0 SP1
-
Microsoft Windows NT Workstation 4.0 SP1
-
Microsoft Windows NT Workstation 4.0
-
Microsoft Windows NT Workstation 4.0
Apple QuickTime Player 7.7
Apple QuickTime Player 7.64.17.73
Apple QuickTime Player 7.6.9
Apple QuickTime Player 7.6
Apple QuickTime Player 7.5
Apple QuickTime Player 7.4
Apple QuickTime Player 7.3
Apple QuickTime Player 7.2
Apple QuickTime Player 7.1
Apple QuickTime Player 6.4
-
Apple Mac OS 9 9.2.2
-
Apple Mac OS 9 9.2.1
-
Apple Mac OS 9 9.2
-
Apple Mac OS 9 9.1
-
Apple Mac OS 9 9.0.4
-
Apple Mac OS 9 9.0
-
Apple Mac OS X 10.1.5
-
Apple Mac OS X 10.1.4
-
Apple Mac OS X 10.1.3
-
Apple Mac OS X 10.1.2
-
Apple Mac OS X 10.1.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.0.4
-
Apple Mac OS X 10.0.3
-
Apple Mac OS X 10.0.2
-
Apple Mac OS X 10.0.1
-
Apple Mac OS X 10.0
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
-
Microsoft Windows 2000 Terminal Services SP2
-
Microsoft Windows 2000 Terminal Services SP1
-
Microsoft Windows 2000 Terminal Services
-
Microsoft Windows 95 SR2
-
Microsoft Windows 95
-
Microsoft Windows 98
-
Microsoft Windows 98SE
-
Microsoft Windows ME
-
Microsoft Windows NT Enterprise Server 4.0 SP6a
-
Microsoft Windows NT Enterprise Server 4.0 SP6
-
Microsoft Windows NT Enterprise Server 4.0 SP5
-
Microsoft Windows NT Enterprise Server 4.0 SP4
-
Microsoft Windows NT Enterprise Server 4.0 SP3
-
Microsoft Windows NT Enterprise Server 4.0 SP2
-
Microsoft Windows NT Enterprise Server 4.0 SP1
-
Microsoft Windows NT Enterprise Server 4.0
-
Microsoft Windows NT Server 4.0 SP6a
-
Microsoft Windows NT Server 4.0 SP6
-
Microsoft Windows NT Server 4.0 SP5
-
Microsoft Windows NT Server 4.0 SP4
-
Microsoft Windows NT Server 4.0 SP3
-
Microsoft Windows NT Server 4.0 SP2
-
Microsoft Windows NT Server 4.0 SP1
-
Microsoft Windows NT Server 4.0
-
Microsoft Windows NT Terminal Server 4.0 SP6a
-
Microsoft Windows NT Terminal Server 4.0 SP6
-
Microsoft Windows NT Terminal Server 4.0 SP5
-
Microsoft Windows NT Terminal Server 4.0 SP4
-
Microsoft Windows NT Terminal Server 4.0 SP3
-
Microsoft Windows NT Terminal Server 4.0 SP2
-
Microsoft Windows NT Terminal Server 4.0 SP1
-
Microsoft Windows NT Terminal Server 4.0
-
Microsoft Windows NT Workstation 4.0 SP6a
-
Microsoft Windows NT Workstation 4.0 SP6
-
Microsoft Windows NT Workstation 4.0 SP5
-
Microsoft Windows NT Workstation 4.0 SP4
-
Microsoft Windows NT Workstation 4.0 SP3
-
Microsoft Windows NT Workstation 4.0 SP2
-
Microsoft Windows NT Workstation 4.0 SP1
-
Microsoft Windows NT Workstation 4.0
Apple QuickTime Player 6
-
Apple Mac OS 9 9.2.2
-
Apple Mac OS 9 9.2.2
-
Apple Mac OS 9 9.2.1
-
Apple Mac OS 9 9.2.1
-
Apple Mac OS 9 9.2
-
Apple Mac OS 9 9.2
-
Apple Mac OS 9 9.1
-
Apple Mac OS 9 9.1
-
Apple Mac OS 9 9.0.4
-
Apple Mac OS 9 9.0.4
-
Apple Mac OS 9 9.0
-
Apple Mac OS 9 9.0
-
Apple Mac OS X 10.1.5
-
Apple Mac OS X 10.1.4
-
Apple Mac OS X 10.1.4
-
Apple Mac OS X 10.1.3
-
Apple Mac OS X 10.1.3
-
Apple Mac OS X 10.1.2
-
Apple Mac OS X 10.1.2
-
Apple Mac OS X 10.1.1
-
Apple Mac OS X 10.1.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.1
-
Apple Mac OS X 10.0.4
-
Apple Mac OS X 10.0.4
-
Apple Mac OS X 10.0.3
-
Apple Mac OS X 10.0.3
-
Apple Mac OS X 10.0.2
-
Apple Mac OS X 10.0.2
-
Apple Mac OS X 10.0.1
-
Apple Mac OS X 10.0.1
-
Apple Mac OS X 10.0
-
Apple Mac OS X 10.0
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
-
Microsoft Windows 2000 Server
-
Microsoft Windows 2000 Terminal Services SP2
-
Microsoft Windows 2000 Terminal Services SP2
-
Microsoft Windows 2000 Terminal Services SP1
-
Microsoft Windows 2000 Terminal Services SP1
-
Microsoft Windows 2000 Terminal Services
-
Microsoft Windows 2000 Terminal Services
-
Microsoft Windows 95 SR2
-
Microsoft Windows 95 SR2
-
Microsoft Windows 95
-
Microsoft Windows 95
-
Microsoft Windows 98
-
Microsoft Windows 98
-
Microsoft Windows 98SE
-
Microsoft Windows 98SE
-
Microsoft Windows ME
-
Microsoft Windows ME
-
Microsoft Windows NT Enterprise Server 4.0 SP6a
-
Microsoft Windows NT Enterprise Server 4.0 SP6a
-
Microsoft Windows NT Enterprise Server 4.0 SP6
-
Microsoft Windows NT Enterprise Server 4.0 SP6
-
Microsoft Windows NT Enterprise Server 4.0 SP5
-
Microsoft Windows NT Enterprise Server 4.0 SP5
-
Microsoft Windows NT Enterprise Server 4.0 SP4
-
Microsoft Windows NT Enterprise Server 4.0 SP4
-
Microsoft Windows NT Enterprise Server 4.0 SP3
-
Microsoft Windows NT Enterprise Server 4.0 SP3
-
Microsoft Windows NT Enterprise Server 4.0 SP2
-
Microsoft Windows NT Enterprise Server 4.0 SP2
-
Microsoft Windows NT Enterprise Server 4.0 SP1
-
Microsoft Windows NT Enterprise Server 4.0 SP1
-
Microsoft Windows NT Enterprise Server 4.0
-
Microsoft Windows NT Enterprise Server 4.0
-
Microsoft Windows NT Server 4.0 SP6a
-
Microsoft Windows NT Server 4.0 SP6a
-
Microsoft Windows NT Server 4.0 SP6
-
Microsoft Windows NT Server 4.0 SP6
-
Microsoft Windows NT Server 4.0 SP5
-
Microsoft Windows NT Server 4.0 SP5
-
Microsoft Windows NT Server 4.0 SP4
-
Microsoft Windows NT Server 4.0 SP4
-
Microsoft Windows NT Server 4.0 SP3
-
Microsoft Windows NT Server 4.0 SP3
-
Microsoft Windows NT Server 4.0 SP2
-
Microsoft Windows NT Server 4.0 SP2
-
Microsoft Windows NT Server 4.0 SP1
-
Microsoft Windows NT Server 4.0 SP1
-
Microsoft Windows NT Server 4.0
-
Microsoft Windows NT Server 4.0
-
Microsoft Windows NT Terminal Server 4.0 SP6a
-
Microsoft Windows NT Terminal Server 4.0 SP6
-
Microsoft Windows NT Terminal Server 4.0 SP6
-
Microsoft Windows NT Terminal Server 4.0 SP5
-
Microsoft Windows NT Terminal Server 4.0 SP5
-
Microsoft Windows NT Terminal Server 4.0 SP4
-
Microsoft Windows NT Terminal Server 4.0 SP4
-
Microsoft Windows NT Terminal Server 4.0 SP3
-
Microsoft Windows NT Terminal Server 4.0 SP3
-
Microsoft Windows NT Terminal Server 4.0 SP2
-
Microsoft Windows NT Terminal Server 4.0 SP2
-
Microsoft Windows NT Terminal Server 4.0 SP1
-
Microsoft Windows NT Terminal Server 4.0 SP1
-
Microsoft Windows NT Terminal Server 4.0
-
Microsoft Windows NT Terminal Server 4.0
-
Microsoft Windows NT Workstation 4.0 SP6a
-
Microsoft Windows NT Workstation 4.0 SP6a
-
Microsoft Windows NT Workstation 4.0 SP6
-
Microsoft Windows NT Workstation 4.0 SP6
-
Microsoft Windows NT Workstation 4.0 SP5
-
Microsoft Windows NT Workstation 4.0 SP5
-
Microsoft Windows NT Workstation 4.0 SP4
-
Microsoft Windows NT Workstation 4.0 SP4
-
Microsoft Windows NT Workstation 4.0 SP3
-
Microsoft Windows NT Workstation 4.0 SP3
-
Microsoft Windows NT Workstation 4.0 SP2
-
Microsoft Windows NT Workstation 4.0 SP2
-
Microsoft Windows NT Workstation 4.0 SP1
-
Microsoft Windows NT Workstation 4.0 SP1
-
Microsoft Windows NT Workstation 4.0
-
Microsoft Windows NT Workstation 4.0
Apple Quicktime 7.6
Apple Quicktime 7.3.4
Apple Quicktime 7.2
Apple Quicktime 7
Not Vulnerable:
Discussion
Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
Apple Mac OS X is prone to a memory-corruption vulnerability because it fails to perform adequate bounds checks on user-supplied input.
Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions.
Exploit / POC
Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability