CVE-2014-1370

Name of the Vulnerable Software and Affected Versions Apple OS X versions prior to 10.9.4

Description The issue concerns the byte-swapping implementation in the copyfile function, which allows remote attackers to execute arbitrary code or cause a denial of service. This can be achieved by using a crafted AppleDouble file in a ZIP archive, leading to out-of-bounds memory access and potentially causing the application to crash.

Recommendations For Apple OS X versions prior to 10.9.4, update to version 10.9.4 or later to resolve the issue.