ID CVE-2014-1300
Summary Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 08-12-2016 - 03:04)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
apple
  • APPLE-SA-2014-04-01-1
  • APPLE-SA-2014-04-22-2
  • APPLE-SA-2014-04-22-3
confirm https://support.apple.com/kb/HT6537
misc
Last major update 08-12-2016 - 03:04
Published 26-03-2014 - 14:55
Back to Top