var-201404-0220
Vulnerability from variot
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3
Safari 6.1.3 and Safari 7.0.3 are now available and address the following:
WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2013-2871 : miaubiz CVE-2013-2926 : cloudfuzzer CVE-2013-2928 : Google Chrome Security Team CVE-2013-6625 : cloudfuzzer CVE-2014-1289 : Apple CVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day Initiative, Google Chrome Security Team CVE-2014-1291 : Google Chrome Security Team CVE-2014-1292 : Google Chrome Security Team CVE-2014-1293 : Google Chrome Security Team CVE-2014-1294 : Google Chrome Security Team CVE-2014-1298 : Google Chrome Security Team CVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of University of Szeged / Samsung Electronics CVE-2014-1300 : Ian Beer of Google Project Zero working with HP's Zero Day Initiative CVE-2014-1301 : Google Chrome Security Team CVE-2014-1302 : Google Chrome Security Team, Apple CVE-2014-1303 : KeenTeam working with HP's Zero Day Initiative CVE-2014-1304 : Apple CVE-2014-1305 : Apple CVE-2014-1307 : Google Chrome Security Team CVE-2014-1308 : Google Chrome Security Team CVE-2014-1309 : cloudfuzzer CVE-2014-1310 : Google Chrome Security Team CVE-2014-1311 : Google Chrome Security Team CVE-2014-1312 : Google Chrome Security Team CVE-2014-1313 : Google Chrome Security Team CVE-2014-1713 : VUPEN working with HP's Zero Day Initiative
WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2 Impact: An attacker running arbitary code in the WebProcess may be able to read arbitrary files despite sandbox restrictions Description: A logic issue existed in the handling of IPC messages from the WebProcess. This issue was addressed through additional validation of IPC messages. CVE-ID CVE-2014-1297 : Ian Beer of Google Project Zero
For OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3 and Safari 6.1.3 may be obtained from Mac App Store.
For OS X Lion systems Safari 6.1.3 is available via the Apple Software Update application.
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJTOwlLAAoJEPefwLHPlZEwmPYP/AoGVbrVVEQfbWZ/OMER6jCR bDN4ykWdExJFRKr972tsirke9mLrDX1Flqg3jYpqrna6lWsZxk1wA/IXy4TRG97O mpA75r7853lCJ482h5XImTdv6wWqMfTTNR1YzsK+TCLZA3sDlByQ4yshwGWhOf1Q nY+hPpaC05PEmPeNKMWw6PA9IgA9e84uy0b/3+c2acOUZ9aAYEXmydPySY+5uYLa ecXjvee83LVTu8Pq2/C9yCJ1kI1EMix6Q3CTb2Cv/Dtgu1q7rZMG7qKieFpMKO2J xM7RYm1qPNlZ4hf+ZPX+D4+k6g2sZMqYdocdG1qXubk8m314CinHajdsZH9jXDHO 01gnYeMRp2IUBJlClQ7mPyIveJqJV9XpzvMTciuTVEuhzWhMaazzly8dp+8NCu4Q QShPJKqAq16ACJqqOarwo8xaSumZ3UcKhVrD0Gxo1/dhzO1Hy52yo7WrWLaOVH89 bXPeVMfYIF0V9xysbixNmBIEro0mYDuor/XlXBFicZAjmyGEVE04K4UjenMeDoYO /1A2zaVyM9MD50y+X/rFErtz2cj7uNcZ1XSNqPdGameoti5WvvoRbKs/D/H7E8bX p8JDoVJoy46fOBfwNv6eaQYTGYzgtdoEtmTKL3zDauQC1bxI1Jwtma07S97D2SyJ urMcI/V2h8JnGD4sS/7L =kHuK -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0220",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "6.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "itunes",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(windows)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x mountain lion v10.8.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x mavericks v10.9.2)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.x (os x lion v10.7.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x lion server v10.7.5)"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.x (os x mountain lion v10.8.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.x (os x lion server v10.7.5)"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(os x lion v10.7.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.x (os x mavericks v10.9.2)"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "12.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "12.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.1.2"
},
{
"model": "esignal",
"scope": "eq",
"trust": 0.3,
"vendor": "esignal",
"version": "6.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.7"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.72"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.2.20"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
}
],
"sources": [
{
"db": "BID",
"id": "66584"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-041"
},
{
"db": "NVD",
"id": "CVE-2014-1301"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google Chrome Security Team",
"sources": [
{
"db": "BID",
"id": "66584"
}
],
"trust": 0.3
},
"cve": "CVE-2014-1301",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-1301",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-69240",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-1301",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-1301",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-041",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-69240",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69240"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-041"
},
{
"db": "NVD",
"id": "CVE-2014-1301"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3\n\nSafari 6.1.3 and Safari 7.0.3 are now available and address the\nfollowing:\n\nWebKit\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2013-2871 : miaubiz\nCVE-2013-2926 : cloudfuzzer\nCVE-2013-2928 : Google Chrome Security Team\nCVE-2013-6625 : cloudfuzzer\nCVE-2014-1289 : Apple\nCVE-2014-1290 : ant4g0nist (SegFault) working with HP\u0027s Zero Day\nInitiative, Google Chrome Security Team\nCVE-2014-1291 : Google Chrome Security Team\nCVE-2014-1292 : Google Chrome Security Team\nCVE-2014-1293 : Google Chrome Security Team\nCVE-2014-1294 : Google Chrome Security Team\nCVE-2014-1298 : Google Chrome Security Team\nCVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of\nUniversity of Szeged / Samsung Electronics\nCVE-2014-1300 : Ian Beer of Google Project Zero working with HP\u0027s\nZero Day Initiative\nCVE-2014-1301 : Google Chrome Security Team\nCVE-2014-1302 : Google Chrome Security Team, Apple\nCVE-2014-1303 : KeenTeam working with HP\u0027s Zero Day Initiative\nCVE-2014-1304 : Apple\nCVE-2014-1305 : Apple\nCVE-2014-1307 : Google Chrome Security Team\nCVE-2014-1308 : Google Chrome Security Team\nCVE-2014-1309 : cloudfuzzer\nCVE-2014-1310 : Google Chrome Security Team\nCVE-2014-1311 : Google Chrome Security Team\nCVE-2014-1312 : Google Chrome Security Team\nCVE-2014-1313 : Google Chrome Security Team\nCVE-2014-1713 : VUPEN working with HP\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2\nImpact: An attacker running arbitary code in the WebProcess may be\nable to read arbitrary files despite sandbox restrictions\nDescription: A logic issue existed in the handling of IPC messages\nfrom the WebProcess. This issue was addressed through additional\nvalidation of IPC messages. \nCVE-ID\nCVE-2014-1297 : Ian Beer of Google Project Zero\n\nFor OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3\nand Safari 6.1.3 may be obtained from Mac App Store. \n\nFor OS X Lion systems Safari 6.1.3 is available via the Apple\nSoftware Update application. \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJTOwlLAAoJEPefwLHPlZEwmPYP/AoGVbrVVEQfbWZ/OMER6jCR\nbDN4ykWdExJFRKr972tsirke9mLrDX1Flqg3jYpqrna6lWsZxk1wA/IXy4TRG97O\nmpA75r7853lCJ482h5XImTdv6wWqMfTTNR1YzsK+TCLZA3sDlByQ4yshwGWhOf1Q\nnY+hPpaC05PEmPeNKMWw6PA9IgA9e84uy0b/3+c2acOUZ9aAYEXmydPySY+5uYLa\necXjvee83LVTu8Pq2/C9yCJ1kI1EMix6Q3CTb2Cv/Dtgu1q7rZMG7qKieFpMKO2J\nxM7RYm1qPNlZ4hf+ZPX+D4+k6g2sZMqYdocdG1qXubk8m314CinHajdsZH9jXDHO\n01gnYeMRp2IUBJlClQ7mPyIveJqJV9XpzvMTciuTVEuhzWhMaazzly8dp+8NCu4Q\nQShPJKqAq16ACJqqOarwo8xaSumZ3UcKhVrD0Gxo1/dhzO1Hy52yo7WrWLaOVH89\nbXPeVMfYIF0V9xysbixNmBIEro0mYDuor/XlXBFicZAjmyGEVE04K4UjenMeDoYO\n/1A2zaVyM9MD50y+X/rFErtz2cj7uNcZ1XSNqPdGameoti5WvvoRbKs/D/H7E8bX\np8JDoVJoy46fOBfwNv6eaQYTGYzgtdoEtmTKL3zDauQC1bxI1Jwtma07S97D2SyJ\nurMcI/V2h8JnGD4sS/7L\n=kHuK\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1301"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"db": "BID",
"id": "66584"
},
{
"db": "VULHUB",
"id": "VHN-69240"
},
{
"db": "PACKETSTORM",
"id": "125981"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-1301",
"trust": 2.9
},
{
"db": "JVN",
"id": "JVNVU94409290",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU97537282",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001873",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "57688",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2014-04-01-1",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201404-041",
"trust": 0.6
},
{
"db": "BID",
"id": "66584",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-69240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125981",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69240"
},
{
"db": "BID",
"id": "66584"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"db": "PACKETSTORM",
"id": "125981"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-041"
},
{
"db": "NVD",
"id": "CVE-2014-1301"
}
]
},
"id": "VAR-201404-0220",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-69240"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:31:10.814000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT6537",
"trust": 0.8,
"url": "http://support.apple.com/en-eu/HT6537"
},
{
"title": "HT6181",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6181"
},
{
"title": "HT6181",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6181?viewlocale=ja_JP"
},
{
"title": "HT6537",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT6537"
},
{
"title": "iPhone6,2_7.0.3_11B511_Restore",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49087"
},
{
"title": "Safari6.1.3MountainLion",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49086"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-041"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69240"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"db": "NVD",
"id": "CVE-2014-1301"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6537"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1301"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94409290/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97537282/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1301"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57688"
},
{
"trust": 0.3,
"url": "http://www.webkit.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1304"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1292"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2928"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1312"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1309"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1300"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1311"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1313"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1298"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1713"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1290"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1305"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1294"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1301"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1303"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1299"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1310"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1302"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2871"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1307"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69240"
},
{
"db": "BID",
"id": "66584"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"db": "PACKETSTORM",
"id": "125981"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-041"
},
{
"db": "NVD",
"id": "CVE-2014-1301"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-69240"
},
{
"db": "BID",
"id": "66584"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"db": "PACKETSTORM",
"id": "125981"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-041"
},
{
"db": "NVD",
"id": "CVE-2014-1301"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-69240"
},
{
"date": "2014-04-02T00:00:00",
"db": "BID",
"id": "66584"
},
{
"date": "2014-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"date": "2014-04-02T11:02:22",
"db": "PACKETSTORM",
"id": "125981"
},
{
"date": "2014-04-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-041"
},
{
"date": "2014-04-02T16:17:06.947000",
"db": "NVD",
"id": "CVE-2014-1301"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-22T00:00:00",
"db": "VULHUB",
"id": "VHN-69240"
},
{
"date": "2014-10-17T19:04:00",
"db": "BID",
"id": "66584"
},
{
"date": "2014-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001873"
},
{
"date": "2014-04-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-041"
},
{
"date": "2024-11-21T02:04:01.497000",
"db": "NVD",
"id": "CVE-2014-1301"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Safari Used in etc. WebKit Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001873"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-041"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…