cvelistv5 - cve-2014-1312

CVE-2014-1312 (GCVE-0-2014-1312)

Vulnerability from cvelistv5

Published

2014-04-02 15:00

Modified

2024-08-06 09:34

Severity ?

CWE

Summary

References

URL

Tags

	product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
	product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
	product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
	product-security@apple.com	https://support.apple.com/kb/HT6537
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
	af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT6537

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:34:41.109Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2014-04-22-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "name": "APPLE-SA-2014-04-22-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
          },
          {
            "name": "APPLE-SA-2014-04-01-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2014-04-22-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "name": "APPLE-SA-2014-04-22-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
        },
        {
          "name": "APPLE-SA-2014-04-01-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2014-1312",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2014-04-22-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "APPLE-SA-2014-04-22-3",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
            },
            {
              "name": "APPLE-SA-2014-04-01-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2014-1312",
    "datePublished": "2014-04-02T15:00:00",
    "dateReserved": "2014-01-08T00:00:00",
    "dateUpdated": "2024-08-06T09:34:41.109Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-1312\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2014-04-02T16:17:07.167\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.\"},{\"lang\":\"es\",\"value\":\"WebKit, utilizado en Apple Safari anterior a 6.1.3 y 7.x anterior a 7.0.3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit listados en APPLE-SA-2014-04-01-1.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.1.2\",\"matchCriteriaId\":\"54197A85-706B-4EF1-A426-5A38C22CCBE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BA4B009-6BF2-4174-A05C-77B75C45377C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"136A760D-2873-4216-AB60-E3D93DE82BCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF3DFE0-2587-4E91-ACC2-45E9B51EF4C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"076B9C00-EFB0-4284-A617-FAEE341F80FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8851ED07-715F-4F6A-AE29-FA95D069F972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65EBA204-5E12-429A-9414-400CBAA0BA89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A600193-92E3-4A31-824D-94BC87E513B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74543772-8C0C-4055-BC1E-D7EAA8A55B51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"391B4255-4434-4EB3-929B-3E593D9CD249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40B87D10-55B3-42E7-8FF6-93EDF003337D\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/kb/HT6537\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT6537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-w68c-rhw3-7qjv

Vulnerability from github

Published

2022-05-17 03:23

Modified

2022-05-17 03:23

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-1312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-04-02T16:17:00Z",
    "severity": "MODERATE"
  },
  "details": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.",
  "id": "GHSA-w68c-rhw3-7qjv",
  "modified": "2022-05-17T03:23:00Z",
  "published": "2022-05-17T03:23:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1312"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT6537"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Apple TV 6.1.1
Apple	N/A	Apple OS X Lion versions 10.7.5 et antérieures
Apple	N/A	Apple iOS 7.1.1
Apple	N/A	Apple OS X Lion Server versions 10.7.5 et antérieures
Apple	N/A	Apple OS X Mountain Lion versions 10.8.5 et antérieures
Apple	N/A	Apple AirPort Base Station Firmware Update 7.7.3
Apple	N/A	Apple OS X Mountain Lion Server versions 10.8.5 et antérieures
Apple	N/A	Apple OS X Mavericks versions 10.9.2 et antérieures

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT6209 du 22 avril 2014	None	vendor-advisory
Bulletin de sécurité Apple HT6207 du 22 avril 2014	None	vendor-advisory
Bulletin de sécurité Apple HT6203 du 22 avril 2014	None	vendor-advisory
Bulletin de sécurité Apple HT6208 du 22 avril 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple TV 6.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple OS X Lion versions 10.7.5 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple iOS 7.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple OS X Lion Server versions 10.7.5 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple OS X Mountain Lion versions 10.8.5 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple AirPort Base Station Firmware Update 7.7.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple OS X Mountain Lion Server versions 10.8.5 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple OS X Mavericks versions 10.9.2 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-1320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1320"
    },
    {
      "name": "CVE-2014-1312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1312"
    },
    {
      "name": "CVE-2013-4164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4164"
    },
    {
      "name": "CVE-2014-1298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1298"
    },
    {
      "name": "CVE-2014-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0160"
    },
    {
      "name": "CVE-2014-1313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1313"
    },
    {
      "name": "CVE-2013-6393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6393"
    },
    {
      "name": "CVE-2014-1296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1296"
    },
    {
      "name": "CVE-2014-1302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1302"
    },
    {
      "name": "CVE-2013-5170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5170"
    },
    {
      "name": "CVE-2014-1304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1304"
    },
    {
      "name": "CVE-2014-1311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1311"
    },
    {
      "name": "CVE-2014-1300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1300"
    },
    {
      "name": "CVE-2014-1305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1305"
    },
    {
      "name": "CVE-2014-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1713"
    },
    {
      "name": "CVE-2014-1307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1307"
    },
    {
      "name": "CVE-2014-1314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1314"
    },
    {
      "name": "CVE-2014-1299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1299"
    },
    {
      "name": "CVE-2014-1295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1295"
    },
    {
      "name": "CVE-2014-1322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1322"
    },
    {
      "name": "CVE-2014-1319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1319"
    },
    {
      "name": "CVE-2014-1318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1318"
    },
    {
      "name": "CVE-2014-1310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1310"
    },
    {
      "name": "CVE-2014-1321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1321"
    },
    {
      "name": "CVE-2014-1303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1303"
    },
    {
      "name": "CVE-2014-1309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1309"
    },
    {
      "name": "CVE-2014-1316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1316"
    },
    {
      "name": "CVE-2014-1308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1308"
    },
    {
      "name": "CVE-2013-2871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2871"
    },
    {
      "name": "CVE-2014-1315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1315"
    }
  ],
  "initial_release_date": "2014-04-23T00:00:00",
  "last_revision_date": "2014-04-23T00:00:00",
  "links": [],
  "reference": "CERTFR-2014-AVI-201",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-04-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6209 du 22 avril 2014",
      "url": "http://support.apple.com/kb/HT6209"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6207 du 22 avril 2014",
      "url": "http://support.apple.com/kb/HT6207"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6203 du 22 avril 2014",
      "url": "http://support.apple.com/kb/HT6203"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6208 du 22 avril 2014",
      "url": "http://support.apple.com/kb/HT6208"
    }
  ]
}

CERTFR-2014-AVI-155

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Apple Safari. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	Safari	versions antérieures à Safari 7.0.3
	Apple	Safari	Versions antérieures à Safari 6.1.3

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT6181 du 01 avril 2014

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "versions ant\u00e9rieures \u00e0 Safari 7.0.3",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Versions ant\u00e9rieures \u00e0 Safari 6.1.3",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-1312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1312"
    },
    {
      "name": "CVE-2013-6625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6625"
    },
    {
      "name": "CVE-2014-1293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1293"
    },
    {
      "name": "CVE-2014-1298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1298"
    },
    {
      "name": "CVE-2014-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1290"
    },
    {
      "name": "CVE-2014-1313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1313"
    },
    {
      "name": "CVE-2014-1301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1301"
    },
    {
      "name": "CVE-2014-1302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1302"
    },
    {
      "name": "CVE-2014-1304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1304"
    },
    {
      "name": "CVE-2013-2928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2928"
    },
    {
      "name": "CVE-2014-1311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1311"
    },
    {
      "name": "CVE-2014-1300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1300"
    },
    {
      "name": "CVE-2014-1305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1305"
    },
    {
      "name": "CVE-2014-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1713"
    },
    {
      "name": "CVE-2013-2926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2926"
    },
    {
      "name": "CVE-2014-1307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1307"
    },
    {
      "name": "CVE-2014-1299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1299"
    },
    {
      "name": "CVE-2014-1297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1297"
    },
    {
      "name": "CVE-2014-1310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1310"
    },
    {
      "name": "CVE-2014-1294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1294"
    },
    {
      "name": "CVE-2014-1289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1289"
    },
    {
      "name": "CVE-2014-1291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1291"
    },
    {
      "name": "CVE-2014-1303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1303"
    },
    {
      "name": "CVE-2014-1309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1309"
    },
    {
      "name": "CVE-2014-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1292"
    },
    {
      "name": "CVE-2014-1308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1308"
    },
    {
      "name": "CVE-2013-2871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2871"
    }
  ],
  "initial_release_date": "2014-04-02T00:00:00",
  "last_revision_date": "2014-04-02T00:00:00",
  "links": [],
  "reference": "CERTFR-2014-AVI-155",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-04-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple Safari\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de\nservice \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6181 du 01 avril 2014",
      "url": "http://support.apple.com/kb/HT6181"
    }
  ]
}

fkie_cve-2014-1312

Vulnerability from fkie_nvd

Published

2014-04-02 16:17

Modified

2025-04-12 10:46

Severity ?

Summary

References

	URL	Tags
	product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
	product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
	product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
	product-security@apple.com	https://support.apple.com/kb/HT6537
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
	af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT6537

Impacted products

Vendor	Product	Version
apple	safari	*
apple	safari	6.0
apple	safari	6.0.1
apple	safari	6.0.2
apple	safari	6.0.3
apple	safari	6.0.4
apple	safari	6.0.5
apple	safari	6.1
apple	safari	6.1.1
apple	safari	7.0
apple	safari	7.0.1
apple	safari	7.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54197A85-706B-4EF1-A426-5A38C22CCBE2",
              "versionEndIncluding": "6.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BA4B009-6BF2-4174-A05C-77B75C45377C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "136A760D-2873-4216-AB60-E3D93DE82BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFF3DFE0-2587-4E91-ACC2-45E9B51EF4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "076B9C00-EFB0-4284-A617-FAEE341F80FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8851ED07-715F-4F6A-AE29-FA95D069F972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "65EBA204-5E12-429A-9414-400CBAA0BA89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A600193-92E3-4A31-824D-94BC87E513B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "74543772-8C0C-4055-BC1E-D7EAA8A55B51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391B4255-4434-4EB3-929B-3E593D9CD249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40B87D10-55B3-42E7-8FF6-93EDF003337D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1."
    },
    {
      "lang": "es",
      "value": "WebKit, utilizado en Apple Safari anterior a 6.1.3 y 7.x anterior a 7.0.3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit listados en APPLE-SA-2014-04-01-1."
    }
  ],
  "id": "CVE-2014-1312",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-04-02T16:17:07.167",
  "references": [
    {
      "source": "product-security@apple.com",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://support.apple.com/kb/HT6537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/kb/HT6537"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-201404-0205

Vulnerability from variot

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. CVE-ID CVE-2014-1297 : Ian Beer of Google Project Zero

For OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3 and Safari 6.1.3 may be obtained from Mac App Store.

For OS X Lion systems Safari 6.1.3 is available via the Apple Software Update application. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2014-04-22-2 iOS 7.1.1

iOS 7.1.1 is now available and addresses the following:

CFNetwork HTTPProtocol Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position can obtain web site credentials Description: Set-Cookie HTTP headers would be processed even if the connection closed before the header line was complete. An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie. This issue was addressed by ignoring incomplete HTTP header lines. CVE-ID CVE-2014-1296 : Antoine Delignat-Lavaud of Prosecco at Inria Paris

IOKit Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user can read kernel pointers, which can be used to bypass kernel address space layout randomization Description: A set of kernel pointers stored in an IOKit object could be retrieved from userland. This issue was addressed through removing the pointers from the object. CVE-ID CVE-2014-1320 : Ian Beer of Google Project Zero working with HP's Zero Day Initiative

Security - Secure Transport Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may capture data or change the operations performed in sessions protected by SSL Description: In a 'triple handshake' attack, it was possible for an attacker to establish two connections which had the same encryption keys and handshake, insert the attacker's data in one connection, and renegotiate so that the connections may be forwarded to each other. To prevent attacks based on this scenario, Secure Transport was changed so that, by default, a renegotiation must present the same server certificate as was presented in the original connection. CVE-ID CVE-2014-1295 : Antoine Delignat-Lavaud, Karthikeyan Bhargavan and Alfredo Pironti of Prosecco at Inria Paris

WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2013-2871 : miaubiz CVE-2014-1298 : Google Chrome Security Team CVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of University of Szeged / Samsung Electronics CVE-2014-1300 : Ian Beer of Google Project Zero working with HP's Zero Day Initiative CVE-2014-1302 : Google Chrome Security Team, Apple CVE-2014-1303 : KeenTeam working with HP's Zero Day Initiative CVE-2014-1304 : Apple CVE-2014-1305 : Apple CVE-2014-1307 : Google Chrome Security Team CVE-2014-1308 : Google Chrome Security Team CVE-2014-1309 : cloudfuzzer CVE-2014-1310 : Google Chrome Security Team CVE-2014-1311 : Google Chrome Security Team CVE-2014-1312 : Google Chrome Security Team CVE-2014-1313 : Google Chrome Security Team CVE-2014-1713 : VUPEN working with HP's Zero Day Initiative

Installation note:

This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

Navigate to Settings
Select General
Select About. The version after applying this update will be "7.1.1".

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTVet5AAoJEPefwLHPlZEwx3YP/iL/NwYn7T1q1ezvAVHQ6T3F 9X+ylJYZ+Ago+ij0wdzlDNJfVLPPbWde3biss6p10zDtLHHJK1jOQJLcZOBHtABG 7+OjIxFw5ZZCmWfOkF/GkfL/kBZllN0GuDCb7v4DVUf6GQPtWBsszQ9pre9Peotx TZOHxpPd2TBdz1GkLoFSd4I2yXIT5uIkRfvv9vgDXeNihDMlrJdq8ZBSlfKt+eXT kQ3+hGW2knT7np3BdWPQgqo9+YIfcAXN4Rnj0rPXVzzeKwpUrVjLwJgivecwhB7w mF+AWfH5oajw+ANzMeFm/DirlAADcM5LgdxtHnXH2Xh1NV5tOCSnaYWyFK4Nadex rVEWTOW4VxSb881dOikwY182kBlpaMjVgpvb04GA5zMAW+MtS7o4hj/H6ywGe7zm t7ZdyAo7i3QRFwBGEcJw1KjyTWnP1ILuBC9dekek+3DmxRAeQuBsrbPz2cxXPf9V jlvnxwiRzc/VqgAIyhCtgj0S3sEAMxnVXYSrbZpTpi1ZifiTriyyX291mS8xZBcF LZaNUzusQnEkyE+iGODKi+OPvgUnACIK8gWjMIDbwX99Fmd3LXU1fTpvdlkeuDBS LKBvZQs0JyYqOxkhU7PsRI6WN1F2nQHuMnb0mlFruejTrRbgyHxvMK6lpVP0nMoK Av6eIuVxA8q9Lm6TCh+h =ilSw -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0205",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "6.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "6.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "6.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "6.1.1"
      },
      {
        "model": "safari",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.1.2"
      },
      {
        "model": "itunes",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(windows)"
      },
      {
        "model": "tv",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(apple tv first  2 after generation )"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1.1"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(ipad 2 or later )"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x mountain lion v10.8.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x mavericks v10.9.2)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x lion v10.7.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x mountain lion v10.8.5)"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.0.3"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(ipod touch first  5 after generation )"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x lion server v10.7.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x lion server v10.7.5)"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(iphone 4 or later )"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1.3"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x lion v10.7.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x mavericks v10.9.2)"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "12.0.1"
      },
      {
        "model": "esignal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "esignal",
        "version": "6.0.2"
      },
      {
        "model": "webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "os mavericks",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.2.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.1.8"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.72"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.0.2.20"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.0.163"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6.1.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5.1.42"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.4.1.10"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.4.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.4.0.80"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.3.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2.2.12"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1.1.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5-"
      },
      {
        "model": "iphone 4s",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "ipad2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "40"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "30"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.1"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.3"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.3"
      },
      {
        "model": "itunes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "12.0.1"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "tv",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "66578"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1312"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:apple:apple_tv",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:iphone_os",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:itunes",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:safari",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Google Chrome Security Team",
    "sources": [
      {
        "db": "BID",
        "id": "66578"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-1312",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2014-1312",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-69251",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-1312",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-1312",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201404-050",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-69251",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1312"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code in the  context of the affected application. Failed exploit attempts will likely  result in denial-of-service conditions. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. \nCVE-ID\nCVE-2014-1297 : Ian Beer of Google Project Zero\n\nFor OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3\nand Safari 6.1.3 may be obtained from Mac App Store. \n\nFor OS X Lion systems Safari 6.1.3 is available via the Apple\nSoftware Update application. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-04-22-2 iOS 7.1.1\n\niOS 7.1.1 is now available and addresses the following:\n\nCFNetwork HTTPProtocol\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker in a privileged network position can obtain web\nsite credentials\nDescription:  Set-Cookie HTTP headers would be processed even if the\nconnection closed before the header line was complete. An attacker\ncould strip security settings from the cookie by forcing the\nconnection to close before the security settings were sent, and then\nobtain the value of the unprotected cookie. This issue was addressed\nby ignoring incomplete HTTP header lines. \nCVE-ID\nCVE-2014-1296 : Antoine Delignat-Lavaud of Prosecco at Inria Paris\n\nIOKit Kernel\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user can read kernel pointers, which can be used to\nbypass kernel address space layout randomization\nDescription:  A set of kernel pointers stored in an IOKit object\ncould be retrieved from userland. This issue was addressed through\nremoving the pointers from the object. \nCVE-ID\nCVE-2014-1320 : Ian Beer of Google Project Zero working with HP\u0027s\nZero Day Initiative\n\nSecurity - Secure Transport\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker with a privileged network position may capture\ndata or change the operations performed in sessions protected by SSL\nDescription:  In a \u0027triple handshake\u0027 attack, it was possible for an\nattacker to establish two connections which had the same encryption\nkeys and handshake, insert the attacker\u0027s data in one connection, and\nrenegotiate so that the connections may be forwarded to each other. \nTo prevent attacks based on this scenario, Secure Transport was\nchanged so that, by default, a renegotiation must present the same\nserver certificate as was presented in the original connection. \nCVE-ID\nCVE-2014-1295 : Antoine Delignat-Lavaud, Karthikeyan Bhargavan and\nAlfredo Pironti of Prosecco at Inria Paris\n\nWebKit\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2013-2871 : miaubiz\nCVE-2014-1298 : Google Chrome Security Team\nCVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of\nUniversity of Szeged / Samsung Electronics\nCVE-2014-1300 : Ian Beer of Google Project Zero working with HP\u0027s\nZero Day Initiative\nCVE-2014-1302 : Google Chrome Security Team, Apple\nCVE-2014-1303 : KeenTeam working with HP\u0027s Zero Day Initiative\nCVE-2014-1304 : Apple\nCVE-2014-1305 : Apple\nCVE-2014-1307 : Google Chrome Security Team\nCVE-2014-1308 : Google Chrome Security Team\nCVE-2014-1309 : cloudfuzzer\nCVE-2014-1310 : Google Chrome Security Team\nCVE-2014-1311 : Google Chrome Security Team\nCVE-2014-1312 : Google Chrome Security Team\nCVE-2014-1313 : Google Chrome Security Team\nCVE-2014-1713 : VUPEN working with HP\u0027s Zero Day Initiative\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"7.1.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJTVet5AAoJEPefwLHPlZEwx3YP/iL/NwYn7T1q1ezvAVHQ6T3F\n9X+ylJYZ+Ago+ij0wdzlDNJfVLPPbWde3biss6p10zDtLHHJK1jOQJLcZOBHtABG\n7+OjIxFw5ZZCmWfOkF/GkfL/kBZllN0GuDCb7v4DVUf6GQPtWBsszQ9pre9Peotx\nTZOHxpPd2TBdz1GkLoFSd4I2yXIT5uIkRfvv9vgDXeNihDMlrJdq8ZBSlfKt+eXT\nkQ3+hGW2knT7np3BdWPQgqo9+YIfcAXN4Rnj0rPXVzzeKwpUrVjLwJgivecwhB7w\nmF+AWfH5oajw+ANzMeFm/DirlAADcM5LgdxtHnXH2Xh1NV5tOCSnaYWyFK4Nadex\nrVEWTOW4VxSb881dOikwY182kBlpaMjVgpvb04GA5zMAW+MtS7o4hj/H6ywGe7zm\nt7ZdyAo7i3QRFwBGEcJw1KjyTWnP1ILuBC9dekek+3DmxRAeQuBsrbPz2cxXPf9V\njlvnxwiRzc/VqgAIyhCtgj0S3sEAMxnVXYSrbZpTpi1ZifiTriyyX291mS8xZBcF\nLZaNUzusQnEkyE+iGODKi+OPvgUnACIK8gWjMIDbwX99Fmd3LXU1fTpvdlkeuDBS\nLKBvZQs0JyYqOxkhU7PsRI6WN1F2nQHuMnb0mlFruejTrRbgyHxvMK6lpVP0nMoK\nAv6eIuVxA8q9Lm6TCh+h\n=ilSw\n-----END PGP SIGNATURE-----\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-1312"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "db": "BID",
        "id": "66578"
      },
      {
        "db": "VULHUB",
        "id": "VHN-69251"
      },
      {
        "db": "PACKETSTORM",
        "id": "126271"
      },
      {
        "db": "PACKETSTORM",
        "id": "125981"
      },
      {
        "db": "PACKETSTORM",
        "id": "126270"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-1312",
        "trust": 3.1
      },
      {
        "db": "JVN",
        "id": "JVNVU94409290",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU95860341",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU97537282",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-050",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "57688",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2014-04-01-1",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "66578",
        "trust": 0.4
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-62069",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-69251",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "126271",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "125981",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "126270",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69251"
      },
      {
        "db": "BID",
        "id": "66578"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "db": "PACKETSTORM",
        "id": "126271"
      },
      {
        "db": "PACKETSTORM",
        "id": "125981"
      },
      {
        "db": "PACKETSTORM",
        "id": "126270"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1312"
      }
    ]
  },
  "id": "VAR-201404-0205",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69251"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T19:42:36.824000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT6208",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT6208"
      },
      {
        "title": "HT6209",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT6209"
      },
      {
        "title": "HT6537",
        "trust": 0.8,
        "url": "http://support.apple.com/en-eu/HT6537"
      },
      {
        "title": "HT6181",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT6181"
      },
      {
        "title": "HT6181",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT6181?viewlocale=ja_JP"
      },
      {
        "title": "HT6208",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT6208?viewlocale=ja_JP"
      },
      {
        "title": "HT6209",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT6209?viewlocale=ja_JP"
      },
      {
        "title": "HT6537",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/HT6537"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1312"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
      },
      {
        "trust": 1.9,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
      },
      {
        "trust": 1.9,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
      },
      {
        "trust": 1.1,
        "url": "https://support.apple.com/kb/ht6537"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1312"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu94409290/"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu95860341/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu97537282/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1312"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57688"
      },
      {
        "trust": 0.3,
        "url": "http://support.apple.com/kb/ht6181"
      },
      {
        "trust": 0.3,
        "url": "http://seclists.org/bugtraq/2014/apr/135"
      },
      {
        "trust": 0.3,
        "url": "http://seclists.org/bugtraq/2014/apr/134"
      },
      {
        "trust": 0.3,
        "url": "http://www.webkit.org/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1304"
      },
      {
        "trust": 0.3,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1312"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1309"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1308"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1300"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1311"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1313"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1298"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1713"
      },
      {
        "trust": 0.3,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1305"
      },
      {
        "trust": 0.3,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1303"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1299"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1310"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1302"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2871"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1307"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1296"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1320"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1295"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1291"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1292"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1297"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2928"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2926"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1293"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1290"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1294"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1289"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1301"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6625"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/itunes/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-69251"
      },
      {
        "db": "BID",
        "id": "66578"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "db": "PACKETSTORM",
        "id": "126271"
      },
      {
        "db": "PACKETSTORM",
        "id": "125981"
      },
      {
        "db": "PACKETSTORM",
        "id": "126270"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1312"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-69251"
      },
      {
        "db": "BID",
        "id": "66578"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "db": "PACKETSTORM",
        "id": "126271"
      },
      {
        "db": "PACKETSTORM",
        "id": "125981"
      },
      {
        "db": "PACKETSTORM",
        "id": "126270"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-1312"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-04-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-69251"
      },
      {
        "date": "2014-04-02T00:00:00",
        "db": "BID",
        "id": "66578"
      },
      {
        "date": "2014-04-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "date": "2014-04-23T00:10:03",
        "db": "PACKETSTORM",
        "id": "126271"
      },
      {
        "date": "2014-04-02T11:02:22",
        "db": "PACKETSTORM",
        "id": "125981"
      },
      {
        "date": "2014-04-23T00:06:50",
        "db": "PACKETSTORM",
        "id": "126270"
      },
      {
        "date": "2014-04-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      },
      {
        "date": "2014-04-02T16:17:07.167000",
        "db": "NVD",
        "id": "CVE-2014-1312"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-12-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-69251"
      },
      {
        "date": "2015-03-19T08:33:00",
        "db": "BID",
        "id": "66578"
      },
      {
        "date": "2014-11-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      },
      {
        "date": "2014-04-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      },
      {
        "date": "2024-11-21T02:04:02.850000",
        "db": "NVD",
        "id": "CVE-2014-1312"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Safari Used in etc.  WebKit Vulnerable to arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001882"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201404-050"
      }
    ],
    "trust": 0.6
  }
}

gsd-2014-1312

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2014-1312

Aliases

CVE-2014-1312

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-1312",
    "description": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.",
    "id": "GSD-2014-1312",
    "references": [
      "https://www.suse.com/security/cve/CVE-2014-1312.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-1312"
      ],
      "details": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.",
      "id": "GSD-2014-1312",
      "modified": "2023-12-13T01:22:51.267135Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2014-1312",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "APPLE-SA-2014-04-22-2",
            "refsource": "APPLE",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
          },
          {
            "name": "https://support.apple.com/kb/HT6537",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "name": "APPLE-SA-2014-04-22-3",
            "refsource": "APPLE",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
          },
          {
            "name": "APPLE-SA-2014-04-01-1",
            "refsource": "APPLE",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.1.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2014-1312"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2014-04-01-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
            },
            {
              "name": "APPLE-SA-2014-04-22-2",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
            },
            {
              "name": "APPLE-SA-2014-04-22-3",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.apple.com/kb/HT6537"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2016-12-08T03:04Z",
      "publishedDate": "2014-04-02T16:17Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2014-1312 (GCVE-0-2014-1312)

Vulnerability from cvelistv5

ghsa-w68c-rhw3-7qjv

Vulnerability from github

CERTFR-2014-AVI-201

Vulnerability from certfr_avis

Solution

CERTFR-2014-AVI-155

Vulnerability from certfr_avis

Solution

fkie_cve-2014-1312

Vulnerability from fkie_nvd

var-201404-0205

Vulnerability from variot

gsd-2014-1312

Vulnerability from gsd

Tags

Sightings

Nomenclature