Lucene search

[email protected]NVD:CVE-2014-4475

HistoryDec 10, 2014 - 9:59 p.m.

CVE-2014-4475

2014-12-1021:59:12

CWE-399

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.4%

JSON

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

Affected configurations

NVD

Node

applesafariRange≤6.2.0

applesafariMatch7.0

applesafariMatch7.0.1

applesafariMatch7.0.2

applesafariMatch7.0.3

applesafariMatch7.0.4

applesafariMatch7.0.5

applesafariMatch7.0.6

applesafariMatch7.1.0

applesafariMatch8.0.0

Node

appleiphone_osRange≤8.1.2

Node

appleitunesRange≤12.1

Node

appletvosRange≤7.0.1

References

lists.apple.com/archives/security-announce/2014/Dec/msg00000.html

lists.apple.com/archives/security-announce/2015/Jan/msg00000.html

lists.apple.com/archives/security-announce/2015/Jan/msg00001.html

lists.apple.com/archives/security-announce/2015/Jun/msg00006.html

support.apple.com/HT204245

support.apple.com/HT204246

support.apple.com/kb/HT6596

www.securityfocus.com/bid/71451

support.apple.com/kb/HT204949

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.4%

JSON

Related for NVD:CVE-2014-4475

cve1 ubuntucve1 cvelist1 prion1 openvas1 securityvulns7 nessus5 kaspersky1