{
"id": "CVE-2014-4468",
"sourceIdentifier": "product-security@apple.com",
"published": "2014-12-10T21:59:05.210",
"lastModified": "2019-03-08T16:06:31.747",
"vulnStatus": "Modified",
"evaluatorComment": "Per an Apple Security Advisory Apple TV before 7.0.3 was also vulnerable.\nPer an Apple Security Advisory Apple iOS before 8.1.3 was also vulnerable.\n\nThese product additions are reflected in the vulnerable configuration.",
"descriptions": [
{
"lang": "en",
"value": "WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1."
},
{
"lang": "es",
"value": "WebKit, utilizado en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit listados en APPLE-SA-2014-12-2-1."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-399"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.2",
"matchCriteriaId": "31944D25-25B6-4EA4-92B0-6B03921E0CCE"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.0.1",
"matchCriteriaId": "1C32F3FB-EBDF-4A80-B7D9-42EDEF5DC6F4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.1",
"matchCriteriaId": "49ED968C-DBBD-451F-8B03-E7314A8EE7A2"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.2.0",
"matchCriteriaId": "38C89287-A21B-4DB4-BC79-8B63CF7E9670"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "391B4255-4434-4EB3-929B-3E593D9CD249"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40B87D10-55B3-42E7-8FF6-93EDF003337D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49457917-495E-4D17-A0AB-D2A163D4721D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "845A67F0-7BE6-482C-AE49-D8E9B272BA6C"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html",
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/HT204245",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/HT204246",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT6596",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/71459",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT204949",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}