CVE-2014-1255

Name of the Vulnerable Software and Affected Versions Apple OS X versions prior to 10.9.2

Description The issue concerns the Apple Type Services (ATS) in Apple OS X, where it fails to properly validate calls to the free function. This allows attackers to bypass the App Sandbox protection mechanism by sending crafted Mach messages.

Recommendations For versions prior to 10.9.2, update to version 10.9.2 or later to resolve the issue.