Details of VAR-201403-0270

ID

VAR-201403-0270

CVE

CVE-2014-1292

TITLE

Apple iOS and Apple TV Used in etc. Webkit Vulnerabilities in arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2014-001677

DESCRIPTION

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1293, and CVE-2014-1294. Apple iOS and Apple TV Used in etc. WebKit is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3 Safari 6.1.3 and Safari 7.0.3 are now available and address the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. This issue was addressed through additional validation of IPC messages. CVE-ID CVE-2014-1297 : Ian Beer of Google Project Zero For OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3 and Safari 6.1.3 may be obtained from Mac App Store. For OS X Lion systems Safari 6.1.3 is available via the Apple Software Update application. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJTOwlLAAoJEPefwLHPlZEwmPYP/AoGVbrVVEQfbWZ/OMER6jCR bDN4ykWdExJFRKr972tsirke9mLrDX1Flqg3jYpqrna6lWsZxk1wA/IXy4TRG97O mpA75r7853lCJ482h5XImTdv6wWqMfTTNR1YzsK+TCLZA3sDlByQ4yshwGWhOf1Q nY+hPpaC05PEmPeNKMWw6PA9IgA9e84uy0b/3+c2acOUZ9aAYEXmydPySY+5uYLa ecXjvee83LVTu8Pq2/C9yCJ1kI1EMix6Q3CTb2Cv/Dtgu1q7rZMG7qKieFpMKO2J xM7RYm1qPNlZ4hf+ZPX+D4+k6g2sZMqYdocdG1qXubk8m314CinHajdsZH9jXDHO 01gnYeMRp2IUBJlClQ7mPyIveJqJV9XpzvMTciuTVEuhzWhMaazzly8dp+8NCu4Q QShPJKqAq16ACJqqOarwo8xaSumZ3UcKhVrD0Gxo1/dhzO1Hy52yo7WrWLaOVH89 bXPeVMfYIF0V9xysbixNmBIEro0mYDuor/XlXBFicZAjmyGEVE04K4UjenMeDoYO /1A2zaVyM9MD50y+X/rFErtz2cj7uNcZ1XSNqPdGameoti5WvvoRbKs/D/H7E8bX p8JDoVJoy46fOBfwNv6eaQYTGYzgtdoEtmTKL3zDauQC1bxI1Jwtma07S97D2SyJ urMcI/V2h8JnGD4sS/7L =kHuK -----END PGP SIGNATURE----- . ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2015-0001 ------------------------------------------------------------------------ Date reported : January 26, 2015 Advisory ID : WSA-2015-0001 Advisory URL : http://webkitgtk.org/security/WSA-2015-0001.html Affected versions : 2.4 series before 2.4.1, 2.4.2 and 2.4.8. CVE identifiers : CVE-2013-2871, CVE-2014-1292, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1311, CVE-2014-1313, CVE-2014-1713, CVE-2014-1297, CVE-2013-2875, CVE-2013-2927, CVE-2014-1323, CVE-2014-1326, CVE-2014-1329, CVE-2014-1330, CVE-2014-1331, CVE-2014-1333, CVE-2014-1334, CVE-2014-1335, CVE-2014-1336, CVE-2014-1337, CVE-2014-1338, CVE-2014-1339, CVE-2014-1341, CVE-2014-1342, CVE-2014-1343, CVE-2014-1731, CVE-2014-1346, CVE-2014-1344, CVE-2014-1384, CVE-2014-1385, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390. Several vulnerabilities were discovered on the 2.4 stable series of WebKitGTK+. CVE-2013-2871 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to miaubiz. CVE-2014-1292 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Google Chrome Security Team. CVE-2014-1298 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Google Chrome Security Team. CVE-2014-1299 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Google Chrome Security Team, Apple, Renata Hodovan of University of Szeged / Samsung Electronics. CVE-2014-1300 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Ian Beer of Google Project Zero working with HP's Zero Day Initiative. CVE-2014-1303 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to KeenTeam working with HP's Zero Day Initiative. CVE-2014-1304 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. CVE-2014-1305 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. CVE-2014-1307 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Google Chrome Security Team. CVE-2014-1308 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Google Chrome Security Team. CVE-2014-1309 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to cloudfuzzer. CVE-2014-1311 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Google Chrome Security Team. CVE-2014-1313 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Google Chrome Security Team. CVE-2014-1713 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to VUPEN working with HP's Zero Day Initiative. CVE-2014-1297 Versions affected: WebKitGTK+ 2.4.X before 2.4.1. Credit to Ian Beer of Google Project Zero. WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access. CVE-2013-2875 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to miaubiz. core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2013-2927 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to cloudfuzzer. CVE-2014-1323 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to banty. CVE-2014-1326 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. CVE-2014-1329 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Google Chrome Security Team. CVE-2014-1330 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Google Chrome Security Team. CVE-2014-1331 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to cloudfuzzer. CVE-2014-1333 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Google Chrome Security Team. CVE-2014-1334 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. CVE-2014-1335 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Google Chrome Security Team. CVE-2014-1336 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. CVE-2014-1337 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. CVE-2014-1338 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Google Chrome Security Team. CVE-2014-1339 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Atte Kettunen of OUSPG. CVE-2014-1341 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Google Chrome Security Team. CVE-2014-1342 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. CVE-2014-1343 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Google Chrome Security Team. CVE-2014-1731 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to an anonymous member of the Blink development community. core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. CVE-2014-1346 Versions affected: WebKitGTK+ 2.4.X before 2.4.2. Credit to Erling Ellingsen of Facebook. WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL. CVE-2014-1344 Versions affected: WebKitGTK+ 2.4.X before 2.4.8. Credit to Ian Beer of Google Project Zero. CVE-2014-1384 Versions affected: WebKitGTK+ 2.4.X before 2.4.8. CVE-2014-1385 Versions affected: WebKitGTK+ 2.4.X before 2.4.8. CVE-2014-1387 Versions affected: WebKitGTK+ 2.4.X before 2.4.8. Credit to Google Chrome Security Team. CVE-2014-1388 Versions affected: WebKitGTK+ 2.4.X before 2.4.8. CVE-2014-1389 Versions affected: WebKitGTK+ 2.4.X before 2.4.8. CVE-2014-1390 Versions affected: WebKitGTK+ 2.4.X before 2.4.8. For the 2.4 series, these problems have been fixed in release 2.4.8. Further information about WebKitGTK+ Security Advisories can be found at: http://webkitgtk.org/security.html The WebKitGTK+ team, January 26, 2015

Trust: 2.16

sources: NVD: CVE-2014-1292 // JVNDB: JVNDB-2014-001677 // BID: 66088 // VULHUB: VHN-69231 // PACKETSTORM: 125981 // PACKETSTORM: 130110

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	eq	version:	7.0	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.4	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.5	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.1	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.2	Trust: 1.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.3	Trust: 1.6
vendor:	apple	model:	tvos	scope:	lte	version:	6.0.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	7.0.6	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	6.0.1	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	6.0	Trust: 1.0
vendor:	apple	model:	itunes	scope:	lt	version:	(windows)	Trust: 0.8
vendor:	apple	model:	tv	scope:	eq	version:	6.1	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	(ipod touch no. 5 after generation )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	(ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	(os x mountain lion v10.8.5)	Trust: 0.8
vendor:	apple	model:	tv	scope:	lt	version:	(apple tv no. 2 after generation )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	(os x mavericks v10.9.2)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.x (os x lion v10.7.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	eq	version:	7.0.3	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.x (os x mountain lion v10.8.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.x (os x lion server v10.7.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	(os x lion server v10.7.5)	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	(iphone 4 or later )	Trust: 0.8
vendor:	apple	model:	safari	scope:	eq	version:	6.1.3	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	(os x lion v10.7.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.x (os x mavericks v10.9.2)	Trust: 0.8
vendor:	apple	model:	itunes	scope:	eq	version:	12.0.1	Trust: 0.8
vendor:	apple	model:	tv	scope:	eq	version:	6.0.1	Trust: 0.6
vendor:	apple	model:	tv	scope:	eq	version:	6.0.2	Trust: 0.6
vendor:	apple	model:	tv	scope:	eq	version:	6.0	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	7.0.6	Trust: 0.6
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.5	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	webkit	model:	open source project webkit r82222	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r77705	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r52833	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r52401	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r51295	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r38566	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r105591	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	2	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.2-1	Trust: 0.3
vendor:	esignal	model:	esignal	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.1.8	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.3.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.3.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.7	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.2.72	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.0.2.20	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.4	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	2.1	Trust: 0.3

sources: BID: 66088 // JVNDB: JVNDB-2014-001677 // CNNVD: CNNVD-201403-272 // NVD: CVE-2014-1292

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-1292
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-1292
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201403-272
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-69231
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-1292
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-69231
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-69231 // JVNDB: JVNDB-2014-001677 // CNNVD: CNNVD-201403-272 // NVD: CVE-2014-1292

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-69231 // JVNDB: JVNDB-2014-001677 // NVD: CVE-2014-1292

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-272

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201403-272

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001677

PATCH

title:	HT6181	url:	http://support.apple.com/kb/HT6181	Trust: 0.8
title:	HT6537	url:	http://support.apple.com/en-eu/HT6537	Trust: 0.8
title:	HT6162	url:	http://support.apple.com/kb/HT6162	Trust: 0.8
title:	HT6163	url:	http://support.apple.com/kb/HT6163	Trust: 0.8
title:	HT6163	url:	http://support.apple.com/kb/HT6163?viewlocale=ja_JP	Trust: 0.8
title:	HT6181	url:	http://support.apple.com/kb/HT6181?viewlocale=ja_JP	Trust: 0.8
title:	HT6537	url:	http://support.apple.com/ja-jp/HT6537	Trust: 0.8
title:	HT6162	url:	http://support.apple.com/kb/HT6162?viewlocale=ja_JP	Trust: 0.8
title:	iPhone6,2_7.1_11D167_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48635	Trust: 0.6
title:	AppleTV3,1_6.1_11D169b_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48637	Trust: 0.6
title:	AppleTV2,1_6.1_11D169b_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48636	Trust: 0.6

sources: JVNDB: JVNDB-2014-001677 // CNNVD: CNNVD-201403-272

EXTERNAL IDS

db:	NVD	id:	CVE-2014-1292	Trust: 3.1
db:	JVN	id:	JVNVU94409290	Trust: 0.8
db:	JVN	id:	JVNVU94229445	Trust: 0.8
db:	JVN	id:	JVNVU90170014	Trust: 0.8
db:	JVN	id:	JVNVU97537282	Trust: 0.8
db:	JVNDB	id:	JVNDB-2014-001677	Trust: 0.8
db:	CNNVD	id:	CNNVD-201403-272	Trust: 0.7
db:	BID	id:	66088	Trust: 0.3
db:	VULHUB	id:	VHN-69231	Trust: 0.1
db:	PACKETSTORM	id:	128734	Trust: 0.1
db:	PACKETSTORM	id:	125981	Trust: 0.1
db:	PACKETSTORM	id:	130110	Trust: 0.1

sources: VULHUB: VHN-69231 // BID: 66088 // JVNDB: JVNDB-2014-001677 // PACKETSTORM: 128734 // PACKETSTORM: 125981 // PACKETSTORM: 130110 // CNNVD: CNNVD-201403-272 // NVD: CVE-2014-1292

REFERENCES

url:	http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html	Trust: 2.5
url:	http://support.apple.com/kb/ht6162	Trust: 1.7
url:	http://support.apple.com/kb/ht6163	Trust: 1.7
url:	https://support.apple.com/kb/ht6537	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1292	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu90170014/	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu94409290/index.html	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu97537282/index.html	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu94229445/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1292	Trust: 0.8
url:	http://www.apple.com/ios/	Trust: 0.3
url:	http://www.apple.com/appletv/features.html	Trust: 0.3
url:	http://www.webkit.org/	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1292	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1300	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1298	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1299	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2871	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1291	Trust: 0.2
url:	http://support.apple.com/kb/ht1222	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2928	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2927	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2926	Trust: 0.2
url:	https://www.apple.com/support/security/pgp/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1293	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1290	Trust: 0.2
url:	http://gpgtools.org	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1294	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1289	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2875	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2013-6625	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1304	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1297	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1309	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1308	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1311	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1313	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1305	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1303	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1307	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1269	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1270	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-6663	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-5228	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-5196	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1268	Trust: 0.1
url:	http://www.apple.com/itunes/download/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-5198	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-6635	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-5195	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2909	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-5225	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-5197	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-5199	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1312	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1713	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1301	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1310	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1302	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1334	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1337	Trust: 0.1
url:	http://webkitgtk.org/security/wsa-2015-0001.html	Trust: 0.1
url:	http://webkitgtk.org/security.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1336	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1326	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1331	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1338	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1323	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1335	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1333	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1339	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1329	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1330	Trust: 0.1

CREDITS

Apple, ant4g0nist (SegFault) working with HP's Zero Day Initiative, and Google Chrome Security Team.

Trust: 0.3

sources: BID: 66088

SOURCES

db:	VULHUB	id:	VHN-69231
db:	BID	id:	66088
db:	JVNDB	id:	JVNDB-2014-001677
db:	PACKETSTORM	id:	128734
db:	PACKETSTORM	id:	125981
db:	PACKETSTORM	id:	130110
db:	CNNVD	id:	CNNVD-201403-272
db:	NVD	id:	CVE-2014-1292

LAST UPDATE DATE

2025-04-13T20:13:16.693000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-69231	date:	2019-03-08T00:00:00
db:	BID	id:	66088	date:	2015-02-04T00:05:00
db:	JVNDB	id:	JVNDB-2014-001677	date:	2014-11-20T00:00:00
db:	CNNVD	id:	CNNVD-201403-272	date:	2019-03-13T00:00:00
db:	NVD	id:	CVE-2014-1292	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-69231	date:	2014-03-14T00:00:00
db:	BID	id:	66088	date:	2014-03-10T00:00:00
db:	JVNDB	id:	JVNDB-2014-001677	date:	2014-03-17T00:00:00
db:	PACKETSTORM	id:	128734	date:	2014-10-17T15:14:05
db:	PACKETSTORM	id:	125981	date:	2014-04-02T11:02:22
db:	PACKETSTORM	id:	130110	date:	2015-01-27T19:15:58
db:	CNNVD	id:	CNNVD-201403-272	date:	2014-03-14T00:00:00
db:	NVD	id:	CVE-2014-1292	date:	2014-03-14T10:55:06.317