Skip to main content

Apple Pages Double Free Memory Vulnerability

Last Update Date: 29 Jan 2014 Release Date: 27 Jan 2014 3943 Views

RISK: High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability was identified in Apple Pages. A remote user can cause arbitrary code to be executed on the target user's system.

 

A remote user can create a specially crafted Microsoft Word file that, when loaded by the target user, will trigger a double-free memory error and execute arbitrary code on the target system. The code will run with the privileges of the target user.


Impact

  • Remote Code Execution

System / Technologies affected

  • Pages 5.x prior to 5.1  for OS X Mavericks v10.9 or later
  • Pages 2.x prior to 2.1 for iOS 7 or later

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 5.1 for OS X Mavericks v10.9 or later
  • Update to version 2.1 for iOS 7 or later

Vulnerability Identifier


Source


Related Link