Lucene search

[email protected]CVE-2013-1046

HistorySep 19, 2013 - 10:27 a.m.

CVE-2013-1046

2013-09-1910:27:56

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-1046

webkit

apple ios

remote code execution

denial of service

memory corruption

application crash

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.034 Low

EPSS

Percentile

91.5%

JSON

WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.

Affected configurations

NVD

Node

appleiphone_osRange≤6.1.4

appleiphone_osMatch1.0.0

appleiphone_osMatch1.0.1

appleiphone_osMatch1.0.2

appleiphone_osMatch1.1.0

appleiphone_osMatch1.1.1

appleiphone_osMatch1.1.2

appleiphone_osMatch1.1.3

appleiphone_osMatch1.1.4

appleiphone_osMatch1.1.5

appleiphone_osMatch2.0

appleiphone_osMatch2.0.0

appleiphone_osMatch2.0.1

appleiphone_osMatch2.0.2

appleiphone_osMatch2.1

appleiphone_osMatch2.1.1

appleiphone_osMatch2.2

appleiphone_osMatch2.2.1

appleiphone_osMatch3.0

appleiphone_osMatch3.0.1

appleiphone_osMatch3.1

appleiphone_osMatch3.1.2

appleiphone_osMatch3.1.3

appleiphone_osMatch3.2

appleiphone_osMatch3.2.1

appleiphone_osMatch3.2.2

appleiphone_osMatch4.0

appleiphone_osMatch4.0.1

appleiphone_osMatch4.0.2

appleiphone_osMatch4.1

appleiphone_osMatch4.2.1

appleiphone_osMatch4.2.5

appleiphone_osMatch4.2.8

appleiphone_osMatch4.3.0

appleiphone_osMatch4.3.1

appleiphone_osMatch4.3.2

appleiphone_osMatch4.3.3

appleiphone_osMatch4.3.5

appleiphone_osMatch5.0

appleiphone_osMatch5.0.1

appleiphone_osMatch5.1

appleiphone_osMatch5.1.1

appleiphone_osMatch6.0

appleiphone_osMatch6.0.1

appleiphone_osMatch6.0.2

appleiphone_osMatch6.1

appleiphone_osMatch6.1.2

appleiphone_osMatch6.1.3

CPENameOperatorVersion
apple:iphone_osapple iphone osle6.1.4
apple:iphone_osapple iphone oseq1.0.0
apple:iphone_osapple iphone oseq1.0.1
apple:iphone_osapple iphone oseq1.0.2
apple:iphone_osapple iphone oseq1.1.0
apple:iphone_osapple iphone oseq1.1.1
apple:iphone_osapple iphone oseq1.1.2
apple:iphone_osapple iphone oseq1.1.3
apple:iphone_osapple iphone oseq1.1.4
apple:iphone_osapple iphone oseq1.1.5

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	le	6.1.4
apple:iphone_os	apple iphone os	eq	1.0.0
apple:iphone_os	apple iphone os	eq	1.0.1
apple:iphone_os	apple iphone os	eq	1.0.2
apple:iphone_os	apple iphone os	eq	1.1.0
apple:iphone_os	apple iphone os	eq	1.1.1
apple:iphone_os	apple iphone os	eq	1.1.2
apple:iphone_os	apple iphone os	eq	1.1.3
apple:iphone_os	apple iphone os	eq	1.1.4
apple:iphone_os	apple iphone os	eq	1.1.5

Rows per page:

1-10 of 481

References

lists.apple.com/archives/security-announce/2013/Oct/msg00003.html

lists.apple.com/archives/security-announce/2013/Oct/msg00009.html

lists.apple.com/archives/security-announce/2013/Sep/msg00006.html

secunia.com/advisories/54886

support.apple.com/kb/HT5934

support.apple.com/kb/HT6001

www.securitytracker.com/id/1029054

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.034 Low

EPSS

Percentile

91.5%

JSON

Related for CVE-2013-1046

cvelist1 nvd1 prion1 nessus7 securityvulns6