CVE-2014-1380

Severity

26%

Complexity

19%

Confidentiality

81%

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.

CVSS 2.0 Base Score 2.6. CVSS Attack Vector: local. CVSS Attack Complexity: high. CVSS Vector: (AV:L/AC:H/Au:N/C:P/I:P/A:N).

Overview

First reported 10 years ago

2014-07-01 10:17:00

Last updated 9 years ago

2015-12-22 18:56:00

Affected Software

Apple Mac OS X 10.9

10.9

Apple Mac OS X 10.9.1 (Mavericks)

10.9.1

Apple Mac OS X 10.9.2

10.9.2

Apple Mac OS X 10.9.3

10.9.3

References

APPLE-SA-2014-06-30-2

http://support.apple.com/kb/HT6296

1030505

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.