CVE-2014-1252

Published Jan 24, 2014

Last updated 7 years ago

Overview

Description: Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file.
Source: product-security@apple.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-415

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:pages:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89533ECC-3866-400C-A3E0-3A46E5C850A5"
          },
          {
            "criteria": "cpe:2.3:a:apple:pages:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCBFCCB1-7621-4670-9C88-84021E472694"
          },
          {
            "criteria": "cpe:2.3:a:apple:pages:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD2BEDE7-0805-4124-B1C8-55D1CD406B62"
          },
          {
            "criteria": "cpe:2.3:a:apple:pages:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3204B1BD-5E90-46C1-9CDD-E4F71ED21090"
          },
          {
            "criteria": "cpe:2.3:a:apple:pages:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A49033F-9608-4F5C-9CF3-5EE525BAB88C"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8303A91-5C8F-4709-83D6-3D211F9C57EE",
            "versionEndIncluding": "10.9.1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F18A638-28CD-4D5C-86EB-74CE423FBE62",
            "versionEndIncluding": "7.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References