CVE-2014-1380 Information

Description

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers which allows physically proximate attackers to bypass the screen-lock protection mechanism and enter characters into an arbitrary window under the lock window via keyboard input.

Reference

http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html http://support.apple.com/kb/HT6296 http://www.securitytracker.com/id/1030505