CVE-2014-1255 Information

Description

Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.

Reference

http://support.apple.com/kb/HT6150