4 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-1346
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a...
May 2014 Apple Safari Browser Security Patches
Apple released an update to Safari yesterday patching 22 vulnerabilities in the WebKit browser engine that allow code execution or a browser crash. Safari 7.0.4 is available for OS X Mavericks 10.9 and Safari 6.1.4 for OS X Mountain Lion 10.8. The vulnerabilities could be exploited if the user wa...
Safari < 6.1.4 / 7.0.4 Multiple Vulnerabilities
Binary data 8264.prm...
CVE-2014-1346
CVE-2014-1346 affects WebKit as used in Apple Safari before 6.1.4 and 7.x before 7.0.4. The issue is an encoding/unicode handling flaw in URLs that allows remote attackers to spoof a postMessage origin and bypass restrictions when sending a message to a connected frame/window. Impact is spoofing ...