CVE-2014-1317

Published: Jul 1, 2014Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.

Affected (4)

Products: Apple: Mac Os X

Apple

1 product

Mac Os X

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Version 10.9.1
Apple Mac Os X	Version 10.9.2
Apple Mac Os X	Version 10.9.3
Apple Mac Os X	Version 10.9

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html

Source: product-security@apple.com

http://secunia.com/advisories/59475

Source: product-security@apple.com

http://support.apple.com/kb/HT6296

Source: product-security@apple.com

http://www.securitytracker.com/id/1030505

Source: product-security@apple.com

http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/59475

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT6296

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030505

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.