SCAP release November 2014

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:21615	CVE-2014-6324,	Remote elevation of privilege vulnerability in Kerberos KDC in Microsoft Windows
oval:org.secpod.oval:def:21616	CVE-2014-6324, MS14-068,	Vulnerability in Kerberos could allow elevation of privilege – MS14-068
oval:org.secpod.oval:def:21605	CVE-2014-0586,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0586
oval:org.secpod.oval:def:21606	CVE-2014-0585,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0585
oval:org.secpod.oval:def:21607	CVE-2014-0584,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0584
oval:org.secpod.oval:def:21608	CVE-2014-0583,	Heap-based buffer overflow vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0583
oval:org.secpod.oval:def:21609	CVE-2014-0582,	Heap-based buffer overflow vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0582
oval:org.secpod.oval:def:21610	CVE-2014-0581,	Memory corruption vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0581
oval:org.secpod.oval:def:21611	CVE-2014-0577,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0577
oval:org.secpod.oval:def:21612	CVE-2014-0576,	Memory corruption vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0576
oval:org.secpod.oval:def:21613	CVE-2014-0574,	Double free vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0574
oval:org.secpod.oval:def:21614	CVE-2014-0573,	Use-after-free vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0573
oval:org.secpod.oval:def:21598	CVE-2014-8441,	Memory corruption vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8441
oval:org.secpod.oval:def:21597	CVE-2014-8442,	Privilege escalation vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8442
oval:org.secpod.oval:def:21596	APSB14-24, CVE-2014-0573, CVE-2014-0574, CVE-2014-0576, CVE-2014-0577, CVE-2014-0581, CVE-2014-0582, CVE-2014-0583, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0588, CVE-2014-0589, CVE-2014-0590, CVE-2014-8437, CVE-2014-8438, CVE-2014-8440, CVE-2014-8441, CVE-2014-8442,	Multiple vulnerabilities in Adobe Flash Player and Adobe AIR via unspecified vectors – APSB14-24
oval:org.secpod.oval:def:21599	CVE-2014-8440,	Memory corruption vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8440
oval:org.secpod.oval:def:21600	CVE-2014-8438,	Use-after-free vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8438
oval:org.secpod.oval:def:21601	CVE-2014-8437,	Information disclosure vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8437
oval:org.secpod.oval:def:21602	CVE-2014-0590,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0590
oval:org.secpod.oval:def:21603	CVE-2014-0589,	Heap-based overflow vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0589
oval:org.secpod.oval:def:21604	CVE-2014-0588,	Use-after-free vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0588
oval:org.secpod.oval:def:702283	CVE-2014-3657,CVE-2014-7823,USN-2404-1,	USN-2404-1 — libvirt vulnerabilities
oval:org.secpod.oval:def:702284	CVE-2014-3608,CVE-2014-7230,USN-2407-1,	USN-2407-1 — openstack nova vulnerabilities
oval:org.secpod.oval:def:702285	CVE-2014-3621,USN-2406-1,	USN-2406-1 — openstack keystone vulnerability
oval:org.secpod.oval:def:702286	CVE-2014-6414,USN-2408-1,	USN-2408-1 — openstack neutron vulnerability
oval:org.secpod.oval:def:702287	CVE-2014-8564,USN-2403-1,	USN-2403-1 — gnutls vulnerability
oval:org.secpod.oval:def:702288	CVE-2014-3615,CVE-2014-3640,CVE-2014-3689, CVE-2014-5263, CVE-2014-5388, CVE-2014-7815, USN-2409-1,	USN-2409-1 — qemu vulnerabilities
oval:org.secpod.oval:def:702289	CVE-2014-3641,CVE-2014-7230,USN-2405-1,	USN-2405-1 — openstack cinder vulnerabilities
oval:org.secpod.oval:def:107878	CVE-2014-3566,FEDORA-2014-14234,	FEDORA-2014-14234 — Fedora 20 claws-mail-3.11.1-2.fc20
oval:org.secpod.oval:def:107879	CVE-2013-4544,CVE-2014-0142,CVE-2014-0150, CVE-2014-0182, CVE-2014-0222, CVE-2014-0223, CVE-2014-2894, CVE-2014-3461, CVE-2014-3615, CVE-2014-3640, CVE-2014-3689, CVE-2014-7815, FEDORA-2014-14033,	FEDORA-2014-14033 — Fedora 20 qemu-1.6.2-10.fc20
oval:org.secpod.oval:def:107880	CVE-2014-3566,FEDORA-2014-14234,	FEDORA-2014-14234 — Fedora 20 claws-mail-plugins-3.11.1-1.fc20
oval:org.secpod.oval:def:107881	FEDORA-2014-13017,	FEDORA-2014-13017 — Fedora 19 zarafa-7.1.11-1.fc19
oval:org.secpod.oval:def:107882	CVE-2014-3566,FEDORA-2014-13781,	FEDORA-2014-13781 — Fedora 20 subscription-manager-1.13.6-1.fc20
oval:org.secpod.oval:def:107883	CVE-2014-8088,CVE-2014-8089,FEDORA-2014-14043,	FEDORA-2014-14043 — Fedora 19 php-ZendFramework2-2.2.8-2.fc19
oval:org.secpod.oval:def:107884	FEDORA-2014-13451,	FEDORA-2014-13451 — Fedora 19 webkitgtk3-2.0.4-4.fc19
oval:org.secpod.oval:def:107885	CVE-2014-3694,CVE-2014-3695,CVE-2014-3696, CVE-2014-3697, CVE-2014-3698, FEDORA-2014-14069,	FEDORA-2014-14069 — Fedora 20 pidgin-2.10.10-1.fc20
oval:org.secpod.oval:def:107886	CVE-2014-3686,FEDORA-2014-13778,	FEDORA-2014-13778 — Fedora 19 hostapd-2.0-5.fc19
oval:org.secpod.oval:def:107888	CVE-2014-3566,FEDORA-2014-13794,	FEDORA-2014-13794 — Fedora 19 python-rhsm-1.13.6-1.fc19
oval:org.secpod.oval:def:107890	CVE-2014-3566,FEDORA-2014-14234,	FEDORA-2014-14234 — Fedora 20 libetpan-1.6-1.fc20
oval:org.secpod.oval:def:107892	FEDORA-2014-12994,	FEDORA-2014-12994 — Fedora 19 firefox-33.0-1.fc19
oval:org.secpod.oval:def:107893	CVE-2014-3686,FEDORA-2014-13783,	FEDORA-2014-13783 — Fedora 20 hostapd-2.3-1.fc20
oval:org.secpod.oval:def:107894	CVE-2005-2090,CVE-2011-3389,CVE-2012-4929, CVE-2014-3566, FEDORA-2014-13764,	FEDORA-2014-13764 — Fedora 19 Pound-2.6-8.fc19
oval:org.secpod.oval:def:107896	CVE-2014-0015,CVE-2014-0138,CVE-2014-3613, CVE-2014-3620, CVE-2014-3707, FEDORA-2014-14354,	FEDORA-2014-14354 — Fedora 20 curl-7.32.0-15.fc20
oval:org.secpod.oval:def:107897	CVE-2014-4650,FEDORA-2014-14227,	FEDORA-2014-14227 — Fedora 20 python-2.7.5-15.fc20
oval:org.secpod.oval:def:107898	CVE-2014-3566,FEDORA-2014-13781,	FEDORA-2014-13781 — Fedora 20 python-rhsm-1.13.6-1.fc20
oval:org.secpod.oval:def:107899	CVE-2014-4616,CVE-2014-4650,FEDORA-2014-14245,	FEDORA-2014-14245 — Fedora 20 python3-3.3.2-18.fc20
oval:org.secpod.oval:def:107900	CVE-2013-4517,FEDORA-2014-13879,	FEDORA-2014-13879 — Fedora 20 xml-security-1.5.7-1.fc20
oval:org.secpod.oval:def:107902	FEDORA-2014-13753,	FEDORA-2014-13753 — Fedora 19 seamonkey-2.30-1.fc19
oval:org.secpod.oval:def:107903	CVE-2014-3623,FEDORA-2014-13720,	FEDORA-2014-13720 — Fedora 20 wss4j-1.6.17-1.fc20
oval:org.secpod.oval:def:107904	FEDORA-2014-12989,	FEDORA-2014-12989 — Fedora 20 zarafa-7.1.11-1.fc20
oval:org.secpod.oval:def:501448	CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055, RHSA-2014:1826-01,	RHSA-2014:1826-01 — Redhat libvncserver
oval:org.secpod.oval:def:501449	CVE-2014-8564, RHSA-2014:1846-01,	RHSA-2014:1846-01 — Redhat gnutls
oval:org.secpod.oval:def:501450	CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559, RHSA-2014:1859-01,	RHSA-2014:1859-01 — Redhat mysql55-mysql
oval:org.secpod.oval:def:501451	CVE-2014-6053, CVE-2014-6054, CVE-2014-6055, RHSA-2014:1827-01,	RHSA-2014:1827-01 — Redhat kdenetwork
oval:org.secpod.oval:def:501452	CVE-2014-3185, CVE-2014-3611, CVE-2014-3645, CVE-2014-3646, RHSA-2014:1843-01,	RHSA-2014:1843-01 — Redhat kernel, perf
oval:org.secpod.oval:def:501453	CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559, RHSA-2014:1861-01,	RHSA-2014:1861-01 — Redhat mariadb
oval:org.secpod.oval:def:1500795	CVE-2014-3181, CVE-2014-3185, CVE-2014-3535, CVE-2014-3611, ELSA-2014-3086,	ELSA-2014-3086 — Oracle kernel-uek_ofa_mlnx_en
oval:org.secpod.oval:def:1500796	CVE-2014-3181, CVE-2014-3185, CVE-2014-3535, CVE-2014-3611, ELSA-2014-3086,	ELSA-2014-3086 — Oracle kernel-uek_ofa_mlnx_en
oval:org.secpod.oval:def:1500797	CVE-2014-4337, CVE-2014-4338, ELSA-2014-1795,	ELSA-2014-1795 — Oracle cups-filters
oval:org.secpod.oval:def:203483	CESA-2014:1826, CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055,	CESA-2014:1826 — centos 6 libvncserver
oval:org.secpod.oval:def:203484	CESA-2014:1827, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055,	CESA-2014:1827 — centos 7 kdenetwork
oval:org.secpod.oval:def:203485	CESA-2014:1861, CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559,	CESA-2014:1861 — centos 7 mariadb
oval:org.secpod.oval:def:203486	CESA-2014:1859, CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559,	CESA-2014:1859 — centos 5 mysql55-mysql
oval:org.secpod.oval:def:203487	CESA-2014:1846, CVE-2014-8564,	CESA-2014:1846 — centos 7 gnutls
oval:org.secpod.oval:def:203488	CESA-2014:1843, CVE-2014-3185, CVE-2014-3611, CVE-2014-3645, CVE-2014-3646,	CESA-2014:1843 — centos 6 kernel,python-perf,perf
oval:org.secpod.oval:def:203489	CESA-2014:1826, CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055,	CESA-2014:1826 — centos 7 libvncserver
oval:org.secpod.oval:def:107905	CVE-2014-8651, FEDORA-2014-14813,	FEDORA-2014-14813 — Fedora 20 kde-workspace-4.11.14-1.fc20
oval:org.secpod.oval:def:107906	CVE-2014-8321, CVE-2014-8322, CVE-2014-8323, CVE-2014-8324, FEDORA-2014-14247,	FEDORA-2014-14247 — Fedora 20 aircrack-ng-1.2-0.3.rc1.fc20
oval:org.secpod.oval:def:107908	CVE-2014-8483, FEDORA-2014-13791,	FEDORA-2014-13791 — Fedora 20 konversation-1.5.1-1.fc20
oval:org.secpod.oval:def:107910	CVE-2014-3675, CVE-2014-3676, CVE-2014-3677, FEDORA-2014-14058,	FEDORA-2014-14058 — Fedora 20 mokutil-0.2.0-1.fc20
oval:org.secpod.oval:def:107912	CVE-2013-4238, CVE-2014-4616, CVE-2014-4650, FEDORA-2014-14257,	FEDORA-2014-14257 — Fedora 19 python3-3.3.2-10.fc19
oval:org.secpod.oval:def:107913	FEDORA-2014-12991,	FEDORA-2014-12991 — Fedora 20 deluge-1.3.10-1.fc20
oval:org.secpod.oval:def:107915	CVE-2005-2090, CVE-2011-3389, CVE-2012-4929, CVE-2014-3566, FEDORA-2014-13777,	FEDORA-2014-13777 — Fedora 20 Pound-2.6-8.fc20
oval:org.secpod.oval:def:107916	CVE-2013-0343, CVE-2013-1059, CVE-2013-2232, CVE-2013-2234, CVE-2013-2888, CVE-2013-2889, CVE-2013-2891, CVE-2013-2892, CVE-2013-2893, CVE-2013-2894, CVE-2013-2895, CVE-2013-2896, CVE-2013-2897, CVE-2013-2899, CVE-2013-4125, CVE-2013-4254, CVE-2013-4343, CVE-2013-4345, CVE-2013-4348, CVE-2013-4350, CVE-2013-4387, CVE-2013-4470, CVE-2013-4563, CVE-2013-4579, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6378, CVE-2013-6380, CVE-2013-6382, CVE-2013-6405, CVE-2014-0049, CVE-2014-0055, CVE-2014-0069, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101, CVE-2014-0102, CVE-2014-0131, CVE-2014-0155, CVE-2014-0206, CVE-2014-1438, CVE-2014-1446, CVE-2014-1737, CVE-2014-1738, CVE-2014-1874, CVE-2014-2039, CVE-2014-2309, CVE-2014-2523, CVE-2014-2568, CVE-2014-2580, CVE-2014-2678, CVE-2014-2851, CVE-2014-3122, CVE-2014-3144, CVE-2014-3145, CVE-2014-3153, CVE-2014-3181, CVE-2014-3186, CVE-2014-3534, CVE-2014-3610, CVE-2014-3611, CVE-2014-3631, CVE-2014-3646, CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-3690, CVE-2014-3917, CVE-2014-3940, CVE-2014-4014, CVE-2014-4171, CVE-2014-4508, CVE-2014-4699, CVE-2014-4715, CVE-2014-4943, CVE-2014-5045, CVE-2014-5077, CVE-2014-6410, CVE-2014-7970, CVE-2014-7975, CVE-2014-8369, FEDORA-2014-14068,	FEDORA-2014-14068 — Fedora 19 kernel-3.14.23-100.fc19
oval:org.secpod.oval:def:107917	CVE-2014-8517, FEDORA-2014-14113,	FEDORA-2014-14113 — Fedora 20 tnftp-20141031-1.fc20
oval:org.secpod.oval:def:107919	CVE-2014-3675, CVE-2014-3676, CVE-2014-3677, FEDORA-2014-14059,	FEDORA-2014-14059 — Fedora 19 mokutil-0.2.0-1.fc19
oval:org.secpod.oval:def:107920	CVE-2014-8321, CVE-2014-8322, CVE-2014-8323, CVE-2014-8324, FEDORA-2014-14233,	FEDORA-2014-14233 — Fedora 19 aircrack-ng-1.2-0.3.rc1.fc19
oval:org.secpod.oval:def:107921	CVE-2014-0092, CVE-2014-1959, CVE-2014-8564, FEDORA-2014-14760,	FEDORA-2014-14760 — Fedora 20 gnutls-3.1.28-1.fc20
oval:org.secpod.oval:def:107922	CVE-2014-8651, FEDORA-2014-14865,	FEDORA-2014-14865 — Fedora 19 kde-workspace-4.11.14-1.fc19
oval:org.secpod.oval:def:107923	CVE-2014-8483, FEDORA-2014-13702,	FEDORA-2014-13702 — Fedora 19 konversation-1.5.1-1.fc19
oval:org.secpod.oval:def:107924	CVE-2014-3675, CVE-2014-3676, CVE-2014-3677, FEDORA-2014-14059,	FEDORA-2014-14059 — Fedora 19 shim-signed-0.8-2
oval:org.secpod.oval:def:107925	CVE-2014-3675, CVE-2014-3676, CVE-2014-3677, FEDORA-2014-14058,	FEDORA-2014-14058 — Fedora 20 shim-signed-0.8-3
oval:org.secpod.oval:def:21626	CVE-2014-0586,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0586 (Mac OS X)
oval:org.secpod.oval:def:21627	CVE-2014-0585,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0585 (Mac OS X)
oval:org.secpod.oval:def:21628	CVE-2014-0584,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0584 (Mac OS X)
oval:org.secpod.oval:def:21629	CVE-2014-0583,	Heap-based buffer overflow vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0583 (Mac OS X)
oval:org.secpod.oval:def:21630	CVE-2014-0582,	Heap-based buffer overflow vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0582 (Mac OS X)
oval:org.secpod.oval:def:21631	CVE-2014-0581,	Memory corruption vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0581 (Mac OS X)
oval:org.secpod.oval:def:21632	CVE-2014-0577,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0577 (Mac OS X)
oval:org.secpod.oval:def:21633	CVE-2014-0576,	Memory corruption vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0576 (Mac OS X)
oval:org.secpod.oval:def:21634	CVE-2014-0574,	Double free vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0574 (Mac OS X)
oval:org.secpod.oval:def:21635	CVE-2014-0573,	Use-after-free vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0573 (Mac OS X)
oval:org.secpod.oval:def:21618	CVE-2014-8442,	Privilege escalation vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8442 (Mac OS X)
oval:org.secpod.oval:def:21617	APSB14-24, CVE-2014-0573, CVE-2014-0574, CVE-2014-0576, CVE-2014-0577, CVE-2014-0581, CVE-2014-0582, CVE-2014-0583, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0588, CVE-2014-0589, CVE-2014-0590, CVE-2014-8437, CVE-2014-8438, CVE-2014-8440, CVE-2014-8441, CVE-2014-8442,	Multiple vulnerabilities in Adobe Flash Player and Adobe AIR via unspecified vectors – APSB14-24 (Mac OS X)
oval:org.secpod.oval:def:21619	CVE-2014-8441,	Memory corruption vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8441 (Mac OS X)
oval:org.secpod.oval:def:21620	CVE-2014-8440,	Memory corruption vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8440 (Mac OS X)
oval:org.secpod.oval:def:21621	CVE-2014-8438,	Use-after-free vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8438 (Mac OS X)
oval:org.secpod.oval:def:21622	CVE-2014-8437,	Information disclosure vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-8437 (Mac OS X)
oval:org.secpod.oval:def:21623	CVE-2014-0590,	Type confusion vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0590 (Mac OS X)
oval:org.secpod.oval:def:21624	CVE-2014-0589,	Heap-based overflow vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0589 (Mac OS X)
oval:org.secpod.oval:def:21625	CVE-2014-0588,	Use-after-free vulnerability in Adobe Flash Player and Adobe AIR via unspecified vectors – CVE-2014-0588 (Mac OS X)