var-201403-0267
Vulnerability from variot
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. Apple iOS and Apple TV Used in etc. WebKit is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. CVE-ID CVE-2014-1297 : Ian Beer of Google Project Zero
For OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3 and Safari 6.1.3 may be obtained from Mac App Store.
For OS X Lion systems Safari 6.1.3 is available via the Apple Software Update application. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2014-03-10-2 Apple TV 6.1
Apple TV 6.1 is now available and addresses the following:
Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with access to an Apple TV may access sensitive user information from logs Description: Sensitive user information was logged. This issue was addressed by logging less information. CVE-ID CVE-2014-1279 : David Schuetz working at Intrepidus Group
Apple TV Available for: Apple TV 2nd generation and later Impact: Profile expiration dates were not honored Description: Expiration dates of mobile configuration profiles were not evaluated correctly. The issue was resolved through improved handling of configuration profiles. CVE-ID CVE-2014-1267
Apple TV Available for: Apple TV 2nd generation and later Impact: A malicious application can cause an unexpected system termination Description: A reachable assertion issue existed in CoreCapture's handling of IOKit API calls. The issue was addressed through additional validation of input from IOKit. CVE-ID CVE-2014-1271 : Filippo Bigarella
Apple TV Available for: Apple TV 2nd generation and later Impact: A local user may be able to change permissions on arbitrary files Description: CrashHouseKeeping followed symbolic links while changing permissions on files. This issue was addressed by not following symbolic links when changing permissions on files. CVE-ID CVE-2014-1272 : evad3rs
Apple TV Available for: Apple TV 2nd generation and later Impact: Code signing requirements may be bypassed Description: Text relocation instructions in dynamic libraries may be loaded by dyld without code signature validation. This issue was addressed by ignoring text relocation instructions. CVE-ID CVE-2014-1273 : evad3rs
Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 images in PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1275 : Felix Groebert of the Google Security Team
Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of TIFF images. This issue was addressed through additional validation of TIFF images. CVE-ID CVE-2012-2088
Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted JPEG file may lead to the disclosure of memory contents Description: An uninitialized memory access issue existed in libjpeg's handling of JPEG markers, resulting in the disclosure of memory contents. This issue was addressed through additional validation of JPEG files. CVE-ID CVE-2013-6629 : Michal Zalewski
Apple TV Available for: Apple TV 2nd generation and later Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: An out of bounds memory access issue existed in the ARM ptmx_get_ioctl function. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1278 : evad3rs
Apple TV Available for: Apple TV 2nd generation and later Impact: A configuration profile may be hidden from the user Description: A configuration profile with a long name could be loaded onto the device but was not displayed in the profile UI. The issue was addressed through improved handling of profile names. CVE-ID CVE-2014-1282 : Assaf Hefetz, Yair Amit and Adi Sharabani of Skycure
Apple TV Available for: Apple TV 2nd generation and later Impact: A person with physical access to the device may be able to cause arbitrary code execution in kernel mode Description: A memory corruption issue existed in the handling of USB messages. This issue was addressed through additional validation of USB messages. These issues were addressed through improved memory handling. CVE-ID CVE-2013-2909 : Atte Kettunen of OUSPG CVE-2013-2926 : cloudfuzzer CVE-2013-2928 : Google Chrome Security Team CVE-2013-5196 : Google Chrome Security Team CVE-2013-5197 : Google Chrome Security Team CVE-2013-5198 : Apple CVE-2013-5199 : Apple CVE-2013-5225 : Google Chrome Security Team CVE-2013-5228 : Keen Team (@K33nTeam) working with HP's Zero Day Initiative CVE-2013-6625 : cloudfuzzer CVE-2013-6635 : cloudfuzzer CVE-2014-1269 : Apple CVE-2014-1270 : Apple CVE-2014-1289 : Apple CVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day Initiative, Google Chrome Security Team CVE-2014-1291 : Google Chrome Security Team CVE-2014-1292 : Google Chrome Security Team CVE-2014-1293 : Google Chrome Security Team CVE-2014-1294 : Google Chrome Security Team
Apple TV Available for: Apple TV 2nd generation and later Impact: Playing a maliciously crafted video could lead to the device becoming unresponsive Description: A null dereference issue existed in the handling of MPEG-4 encoded files. This issue was addressed through improved memory handling. CVE-ID CVE-2014-1280 : rg0rd
Installation note:
Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> General -> Update Software".
To check the current version of software, select "Settings -> General -> About".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJTGlvfAAoJEPefwLHPlZEw8GEP/ikatTiohUPRvpjubarcXePV z6ixKxmqUUvSy+AlyFTsCpvB1IEipSx5hKbYsxk5+4qAVsYG3VEpLNJKBarUHQN8 K1+I77xF5osLxrypWV6vEDqqFDcZyflumtvfdj7EmWf/FcWnOooRQt7wVVrzrCCh 40nfspy1YjNi1EO2p6dDlzi+yvEGF5CHg8R1zSFf7ozLPoCABlnbdzXxh+nYoI+E y65R4Eo7OBhVH5mJvBczjsHu/GljR3y/yi3NSnoV5ga5SfaaOlwa8emgNooeEs3u ghkfm2UxkjtdNkpVMfwFp35oLESIl6pMd2dtH2sU4MwRK3h8rvFeS/zJRZmwEIXO 5+9tNop1hmF52aVKRZAJ4/A9kbTC3pKd0PxvKsveB6Pgxbq9eDfueMC/r6FtOZDa is95LuLtf26h8xQt8FovY7Cm80ckOT4mJnvzfmpGmUSK4PHsNfJwfJOBa1yMHTJg CDfg+jGhHy7DJuawekzQjcvkz34YWg7Lp25ZJilvZf8dGB2R4g+hikdOrWKI4vFj x7LGZg6IPaHFt0MPgjnoV1FhABnXksD41uIAQP2LhDrHWnRgTeJoGwQ2SuZjSA6w T/DzhicTLq6MDSBjlbt6EJ4gtxWlYDfeAfJcFb/Aret+2L7570q18EkLRbiI8e6k 3NksAqBIKSpadFt+M8wt =xjrI -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0267",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "tvos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0"
},
{
"model": "tvos",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(windows)"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "6.1"
},
{
"model": "tv",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(apple tv first 2 after generation )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "7.1"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(ipad 2 or later )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x mountain lion v10.8.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x mavericks v10.9.2)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.x (os x lion v10.7.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.x (os x mountain lion v10.8.5)"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(ipod touch first 5 after generation )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.x (os x lion server v10.7.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x lion server v10.7.5)"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(iphone 4 or later )"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x lion v10.7.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.x (os x mavericks v10.9.2)"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "12.0.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.5"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.3"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2"
},
{
"model": "open source project webkit r82222",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r77705",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52833",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52401",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r51295",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r38566",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r105591",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "2"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2-1"
},
{
"model": "esignal",
"scope": "eq",
"trust": 0.3,
"vendor": "esignal",
"version": "6.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.7"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.72"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.2.20"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
}
],
"sources": [
{
"db": "BID",
"id": "66088"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-269"
},
{
"db": "NVD",
"id": "CVE-2014-1289"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple, ant4g0nist (SegFault) working with HP\u0027s Zero Day Initiative, and Google Chrome Security Team.",
"sources": [
{
"db": "BID",
"id": "66088"
}
],
"trust": 0.3
},
"cve": "CVE-2014-1289",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-1289",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-1289",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-69228",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-1289",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-1289",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-269",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-69228",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69228"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-269"
},
{
"db": "NVD",
"id": "CVE-2014-1289"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. Apple iOS and Apple TV Used in etc. WebKit is prone to multiple memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. \nCVE-ID\nCVE-2014-1297 : Ian Beer of Google Project Zero\n\nFor OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3\nand Safari 6.1.3 may be obtained from Mac App Store. \n\nFor OS X Lion systems Safari 6.1.3 is available via the Apple\nSoftware Update application. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-03-10-2 Apple TV 6.1\n\nApple TV 6.1 is now available and addresses the following:\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: An attacker with access to an Apple TV may access sensitive\nuser information from logs\nDescription: Sensitive user information was logged. This issue was\naddressed by logging less information. \nCVE-ID\nCVE-2014-1279 : David Schuetz working at Intrepidus Group\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: Profile expiration dates were not honored\nDescription: Expiration dates of mobile configuration profiles were\nnot evaluated correctly. The issue was resolved through improved\nhandling of configuration profiles. \nCVE-ID\nCVE-2014-1267\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: A malicious application can cause an unexpected system\ntermination\nDescription: A reachable assertion issue existed in CoreCapture\u0027s\nhandling of IOKit API calls. The issue was addressed through\nadditional validation of input from IOKit. \nCVE-ID\nCVE-2014-1271 : Filippo Bigarella\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: A local user may be able to change permissions on arbitrary\nfiles\nDescription: CrashHouseKeeping followed symbolic links while\nchanging permissions on files. This issue was addressed by not\nfollowing symbolic links when changing permissions on files. \nCVE-ID\nCVE-2014-1272 : evad3rs\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: Code signing requirements may be bypassed\nDescription: Text relocation instructions in dynamic libraries may\nbe loaded by dyld without code signature validation. This issue was\naddressed by ignoring text relocation instructions. \nCVE-ID\nCVE-2014-1273 : evad3rs\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JPEG2000\nimages in PDF files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-1275 : Felix Groebert of the Google Security Team\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: Viewing a maliciously crafted TIFF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in libtiff\u0027s handling of TIFF\nimages. This issue was addressed through additional validation of\nTIFF images. \nCVE-ID\nCVE-2012-2088\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: Viewing a maliciously crafted JPEG file may lead to the\ndisclosure of memory contents\nDescription: An uninitialized memory access issue existed in\nlibjpeg\u0027s handling of JPEG markers, resulting in the disclosure of\nmemory contents. This issue was addressed through additional\nvalidation of JPEG files. \nCVE-ID\nCVE-2013-6629 : Michal Zalewski\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: A local user may be able to cause an unexpected system\ntermination or arbitrary code execution in the kernel\nDescription: An out of bounds memory access issue existed in the ARM\nptmx_get_ioctl function. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2014-1278 : evad3rs\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: A configuration profile may be hidden from the user\nDescription: A configuration profile with a long name could be\nloaded onto the device but was not displayed in the profile UI. The\nissue was addressed through improved handling of profile names. \nCVE-ID\nCVE-2014-1282 : Assaf Hefetz, Yair Amit and Adi Sharabani of Skycure\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: A person with physical access to the device may be able to\ncause arbitrary code execution in kernel mode\nDescription: A memory corruption issue existed in the handling of\nUSB messages. This issue was addressed through additional validation\nof USB messages. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2013-2909 : Atte Kettunen of OUSPG\nCVE-2013-2926 : cloudfuzzer\nCVE-2013-2928 : Google Chrome Security Team\nCVE-2013-5196 : Google Chrome Security Team\nCVE-2013-5197 : Google Chrome Security Team\nCVE-2013-5198 : Apple\nCVE-2013-5199 : Apple\nCVE-2013-5225 : Google Chrome Security Team\nCVE-2013-5228 : Keen Team (@K33nTeam) working with HP\u0027s Zero Day\nInitiative\nCVE-2013-6625 : cloudfuzzer\nCVE-2013-6635 : cloudfuzzer\nCVE-2014-1269 : Apple\nCVE-2014-1270 : Apple\nCVE-2014-1289 : Apple\nCVE-2014-1290 : ant4g0nist (SegFault) working with HP\u0027s Zero Day\nInitiative, Google Chrome Security Team\nCVE-2014-1291 : Google Chrome Security Team\nCVE-2014-1292 : Google Chrome Security Team\nCVE-2014-1293 : Google Chrome Security Team\nCVE-2014-1294 : Google Chrome Security Team\n\nApple TV\nAvailable for: Apple TV 2nd generation and later\nImpact: Playing a maliciously crafted video could lead to the device\nbecoming unresponsive\nDescription: A null dereference issue existed in the handling of\nMPEG-4 encoded files. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2014-1280 : rg0rd\n\n\nInstallation note:\n\nApple TV will periodically check for software updates. Alternatively,\nyou may manually check for software updates by selecting\n\"Settings -\u003e General -\u003e Update Software\". \n\nTo check the current version of software, select\n\"Settings -\u003e General -\u003e About\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJTGlvfAAoJEPefwLHPlZEw8GEP/ikatTiohUPRvpjubarcXePV\nz6ixKxmqUUvSy+AlyFTsCpvB1IEipSx5hKbYsxk5+4qAVsYG3VEpLNJKBarUHQN8\nK1+I77xF5osLxrypWV6vEDqqFDcZyflumtvfdj7EmWf/FcWnOooRQt7wVVrzrCCh\n40nfspy1YjNi1EO2p6dDlzi+yvEGF5CHg8R1zSFf7ozLPoCABlnbdzXxh+nYoI+E\ny65R4Eo7OBhVH5mJvBczjsHu/GljR3y/yi3NSnoV5ga5SfaaOlwa8emgNooeEs3u\nghkfm2UxkjtdNkpVMfwFp35oLESIl6pMd2dtH2sU4MwRK3h8rvFeS/zJRZmwEIXO\n5+9tNop1hmF52aVKRZAJ4/A9kbTC3pKd0PxvKsveB6Pgxbq9eDfueMC/r6FtOZDa\nis95LuLtf26h8xQt8FovY7Cm80ckOT4mJnvzfmpGmUSK4PHsNfJwfJOBa1yMHTJg\nCDfg+jGhHy7DJuawekzQjcvkz34YWg7Lp25ZJilvZf8dGB2R4g+hikdOrWKI4vFj\nx7LGZg6IPaHFt0MPgjnoV1FhABnXksD41uIAQP2LhDrHWnRgTeJoGwQ2SuZjSA6w\nT/DzhicTLq6MDSBjlbt6EJ4gtxWlYDfeAfJcFb/Aret+2L7570q18EkLRbiI8e6k\n3NksAqBIKSpadFt+M8wt\n=xjrI\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1289"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"db": "BID",
"id": "66088"
},
{
"db": "VULHUB",
"id": "VHN-69228"
},
{
"db": "PACKETSTORM",
"id": "125981"
},
{
"db": "PACKETSTORM",
"id": "125646"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-1289",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU94409290",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94229445",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90170014",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU97537282",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001674",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201403-269",
"trust": 0.7
},
{
"db": "BID",
"id": "66088",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-69228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125981",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125646",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69228"
},
{
"db": "BID",
"id": "66088"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"db": "PACKETSTORM",
"id": "128734"
},
{
"db": "PACKETSTORM",
"id": "125981"
},
{
"db": "PACKETSTORM",
"id": "125646"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-269"
},
{
"db": "NVD",
"id": "CVE-2014-1289"
}
]
},
"id": "VAR-201403-0267",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-69228"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:29:55.284000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT6163",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6163"
},
{
"title": "HT6181",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6181"
},
{
"title": "HT6537",
"trust": 0.8,
"url": "http://support.apple.com/en-eu/HT6537"
},
{
"title": "HT6162",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6162"
},
{
"title": "HT6162",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6162?viewlocale=ja_JP"
},
{
"title": "HT6163",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6163?viewlocale=ja_JP"
},
{
"title": "HT6181",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6181?viewlocale=ja_JP"
},
{
"title": "HT6537",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT6537"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69228"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"db": "NVD",
"id": "CVE-2014-1289"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht6162"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht6163"
},
{
"trust": 1.7,
"url": "https://support.apple.com/kb/ht6537"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1289"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94229445/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90170014/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94409290/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97537282/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1289"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/appletv/features.html"
},
{
"trust": 0.3,
"url": "http://www.webkit.org/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1291"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2928"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2926"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1290"
},
{
"trust": 0.3,
"url": "http://gpgtools.org"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1289"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6625"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1292"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1269"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1270"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5228"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5196"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1300"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1298"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5198"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1293"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6635"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1294"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1299"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2909"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5225"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5197"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2871"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6663"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1268"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2927"
},
{
"trust": 0.1,
"url": "http://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2875"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1304"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1312"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1309"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1311"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1313"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1713"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1301"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1303"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1310"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1302"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1307"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1267"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2088"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1278"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1279"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1282"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1272"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69228"
},
{
"db": "BID",
"id": "66088"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"db": "PACKETSTORM",
"id": "128734"
},
{
"db": "PACKETSTORM",
"id": "125981"
},
{
"db": "PACKETSTORM",
"id": "125646"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-269"
},
{
"db": "NVD",
"id": "CVE-2014-1289"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-69228"
},
{
"db": "BID",
"id": "66088"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"db": "PACKETSTORM",
"id": "128734"
},
{
"db": "PACKETSTORM",
"id": "125981"
},
{
"db": "PACKETSTORM",
"id": "125646"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-269"
},
{
"db": "NVD",
"id": "CVE-2014-1289"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-14T00:00:00",
"db": "VULHUB",
"id": "VHN-69228"
},
{
"date": "2014-03-10T00:00:00",
"db": "BID",
"id": "66088"
},
{
"date": "2014-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"date": "2014-10-17T15:14:05",
"db": "PACKETSTORM",
"id": "128734"
},
{
"date": "2014-04-02T11:02:22",
"db": "PACKETSTORM",
"id": "125981"
},
{
"date": "2014-03-11T02:19:09",
"db": "PACKETSTORM",
"id": "125646"
},
{
"date": "2014-03-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-269"
},
{
"date": "2014-03-14T10:55:06.240000",
"db": "NVD",
"id": "CVE-2014-1289"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-69228"
},
{
"date": "2015-02-04T00:05:00",
"db": "BID",
"id": "66088"
},
{
"date": "2014-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001674"
},
{
"date": "2019-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-269"
},
{
"date": "2024-11-21T02:03:59.940000",
"db": "NVD",
"id": "CVE-2014-1289"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-269"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple iOS and Apple TV Used in etc. WebKit Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001674"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-269"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…