CVE-2014-8835
Public Exploits 1
ExploitDB · 1 EDB-35742 [local]
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2014-8835
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary's Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a crafted dictionary to sysmond, related to an "XPC type confusion" issue.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apple Mac OS X 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apple Mac OS X是美国苹果(Apple)公司的为Mac计算机所开发的一套专用操作系统。 Apple Mac OS X 10.10.2之前版本的libxpc中的‘xpc_data_get_bytes’函数存在安全漏洞,该漏洞源于程序没有验证目录属性键中已存在的xpc_data数据类型。攻击者可通过提供特制的目录利用该漏洞执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2014-8835
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2014-8835
请登录查看更多情报信息。
Vendor Advisories for CVE-2014-8835 (4)
- http://support.apple.com/HT204244x_refsource_CONFIRM
Exploits & Public PoCs for CVE-2014-8835 (2)
Mailing List Discussions for CVE-2014-8835 (1)
- http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.htmlvendor-advisoryx_refsource_APPLE
Other References for CVE-2014-8835 (1)
Same Patch Batch · n/a · 2015-01-30 · 47 CVEs total
| CVE-2014-8828 | Apple Mac OS X Sandbox 安全漏洞 | |
| CVE-2014-8831 | Apple Mac OS X security_taskgate 安全漏洞 | |
| CVE-2014-8833 | Apple Mac OS X SpotlightIndex 安全漏洞漏洞 | |
| CVE-2014-8837 | Apple Mac OS X Bluetooth驱动程序代码执行漏洞 | |
| CVE-2014-8838 | Apple Mac OS X Security组件权限许可和访问控制漏洞 | |
| CVE-2014-8839 | Apple Mac OS X Spotlight 信息泄露漏洞 | |
| CVE-2014-8840 | Apple iOS iTunes Store组件加密问题漏洞 | |
| CVE-2014-9161 | Adobe Reader和Acrobat 拒绝服务漏洞 | |
| CVE-2014-8836 | Apple Mac OS X Bluetooth驱动程序安全漏洞 | |
| CVE-2014-8829 | Apple Mac OS X SceneKit 安全漏洞 | |
| CVE-2014-8830 | Apple Mac OS X SceneKit框架基于堆的缓冲区溢出漏洞 | |
| CVE-2014-8827 | Apple Mac OS X LoginWindow 安全绕过漏洞 | |
| CVE-2014-8826 | Apple Mac OS X LaunchServices 安权限许可和访问控制问题漏洞 | |
| CVE-2014-8825 | Apple Mac OS X kernel 安全漏洞 | |
| CVE-2014-8824 | Apple Mac OS X kernel 代码执行漏洞 | |
| CVE-2014-8823 | Apple Mac OS X IOUSBFamily 安全漏洞 | |
| CVE-2014-8822 | Apple Mac OS X 任意代码执行漏洞 | |
| CVE-2014-8821 | Apple Mac OS X Intel Graphics Driver 安全漏洞 | |
| CVE-2014-8820 | Apple Mac OS X Intel Graphics Driver 任意代码执行漏洞 | |
| CVE-2014-8819 | Apple Mac OS X Intel Graphics Driver 权限许可和访问控制漏洞 |
Showing top 20 of 47 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9604
JeecgBoot AiragModelController access control - CVE-2026-9581
JeecgBoot add access control - CVE-2026-9580
JeecgBoot selectDepart LoginController.selectDepart access c - CVE-2026-9579
JeecgBoot SysUser userEdit user.getUsername access control - CVE-2026-9572
GPAC MP4Box media.c Media_GetSample memory leak
V. Comments for CVE-2014-8835
No comments yet