admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 09:41:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2014/CVE-2014-44xx/CVE-2014-4465.json

161 lines
4.8 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2014-4465",
"sourceIdentifier": "product-security@apple.com",
"published": "2014-12-10T21:59:03.257",
"lastModified": "2019-03-08T16:06:31.747",
"vulnStatus": "Analyzed",
"evaluatorComment": "Per an <a href=\"http://support.apple.com/en-us/HT204246\">Apple Security Advisory</a> Apple TV before 7.0.3 was also vulnerable.\nPer an <a href=\"http://support.apple.com/en-us/HT204245\">Apple Security Advisory</a> Apple iOS before 8.1.3 was also vulnerable.\n\nThese product additions are reflected in the vulnerable configuration.",
"descriptions": [
{
"lang": "en",
"value": "WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element."
},
{
"lang": "es",
"value": "WebKit en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1 permite a atacantes remotos evadir Same Origin Policy a trav\u00e9s de secuencias del token CSS (Cascading Style Sheets) dentro de un fichero SVG en el atributo SRC de un elemento IMG."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.0.1",
"matchCriteriaId": "1C32F3FB-EBDF-4A80-B7D9-42EDEF5DC6F4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.2",
"matchCriteriaId": "31944D25-25B6-4EA4-92B0-6B03921E0CCE"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.2.0",
"matchCriteriaId": "38C89287-A21B-4DB4-BC79-8B63CF7E9670"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "845A67F0-7BE6-482C-AE49-D8E9B272BA6C"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/HT204245",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/HT204246",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT6596",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink