Apple Pages Double Free Memory Vulnerability
Last Update Date:
29 Jan 2014
Release Date:
27 Jan 2014
3943
Views
RISK: High Risk
TYPE: Clients - Productivity Products
A vulnerability was identified in Apple Pages. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted Microsoft Word file that, when loaded by the target user, will trigger a double-free memory error and execute arbitrary code on the target system. The code will run with the privileges of the target user.
Impact
- Remote Code Execution
System / Technologies affected
- Pages 5.x prior to 5.1 for OS X Mavericks v10.9 or later
- Pages 2.x prior to 2.1 for iOS 7 or later
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 5.1 for OS X Mavericks v10.9 or later
- Update to version 2.1 for iOS 7 or later
Vulnerability Identifier
Source
Related Link
Share with