CVE-2014-8817 Information

Description

coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages which allows attackers to execute arbitrary code in a privileged context via a crafted app as demonstrated by lack of verification of xpc_dictionary_get_value API return values during handling of a (1) match_mmap_archives (2) delete_mmap_archives (3) write_mmap_archive or (4) read_mmap_archive command.

Reference

http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://code.google.com/p/google-security-research/issues/detail?id=80 https://exchange.xforce.ibmcloud.com/vulnerabilities/100496