Lucene search

[email protected]CVE-2014-5318

HistorySep 26, 2014 - 10:55 a.m.

CVE-2014-5318

2014-09-2610:55:04

CWE-264

[email protected]

web.nvd.nist.gov

information security

ios

same origin policy

javascript

cve-2014-5318

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.7%

JSON

The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.

Affected configurations

NVD

Node

jigjigbrowser\+Range≤1.8.1

jigjigbrowser\+Match1.8.0

CPENameOperatorVersion
jig:jigbrowser\+jig jigbrowser+le1.8.1
jig:jigbrowser\+jig jigbrowser+eq1.8.0

CPE	Name	Operator	Version
jig:jigbrowser\+	jig jigbrowser+	le	1.8.1
jig:jigbrowser\+	jig jigbrowser+	eq	1.8.0

References

jvn.jp/en/jp/JVN80531230/index.html

jvndb.jvn.jp/jvndb/JVNDB-2014-000108

www.securityfocus.com/bid/70146

www.facebook.com/jigbrowserplus

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.7%

JSON

Related for CVE-2014-5318

nvd1 jvn1 prion1 cvelist1