Details of VAR-201404-0220

ID

VAR-201404-0220

CVE

CVE-2014-1301

TITLE

Apple Safari Used in etc. WebKit Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2014-001873

DESCRIPTION

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3 Safari 6.1.3 and Safari 7.0.3 are now available and address the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2013-2871 : miaubiz CVE-2013-2926 : cloudfuzzer CVE-2013-2928 : Google Chrome Security Team CVE-2013-6625 : cloudfuzzer CVE-2014-1289 : Apple CVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day Initiative, Google Chrome Security Team CVE-2014-1291 : Google Chrome Security Team CVE-2014-1292 : Google Chrome Security Team CVE-2014-1293 : Google Chrome Security Team CVE-2014-1294 : Google Chrome Security Team CVE-2014-1298 : Google Chrome Security Team CVE-2014-1299 : Google Chrome Security Team, Apple, Renata Hodovan of University of Szeged / Samsung Electronics CVE-2014-1300 : Ian Beer of Google Project Zero working with HP's Zero Day Initiative CVE-2014-1301 : Google Chrome Security Team CVE-2014-1302 : Google Chrome Security Team, Apple CVE-2014-1303 : KeenTeam working with HP's Zero Day Initiative CVE-2014-1304 : Apple CVE-2014-1305 : Apple CVE-2014-1307 : Google Chrome Security Team CVE-2014-1308 : Google Chrome Security Team CVE-2014-1309 : cloudfuzzer CVE-2014-1310 : Google Chrome Security Team CVE-2014-1311 : Google Chrome Security Team CVE-2014-1312 : Google Chrome Security Team CVE-2014-1313 : Google Chrome Security Team CVE-2014-1713 : VUPEN working with HP's Zero Day Initiative WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2 Impact: An attacker running arbitary code in the WebProcess may be able to read arbitrary files despite sandbox restrictions Description: A logic issue existed in the handling of IPC messages from the WebProcess. This issue was addressed through additional validation of IPC messages. CVE-ID CVE-2014-1297 : Ian Beer of Google Project Zero For OS X Mavericks and OS X Mountain Lion systems, Safari 7.0.3 and Safari 6.1.3 may be obtained from Mac App Store. For OS X Lion systems Safari 6.1.3 is available via the Apple Software Update application. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJTOwlLAAoJEPefwLHPlZEwmPYP/AoGVbrVVEQfbWZ/OMER6jCR bDN4ykWdExJFRKr972tsirke9mLrDX1Flqg3jYpqrna6lWsZxk1wA/IXy4TRG97O mpA75r7853lCJ482h5XImTdv6wWqMfTTNR1YzsK+TCLZA3sDlByQ4yshwGWhOf1Q nY+hPpaC05PEmPeNKMWw6PA9IgA9e84uy0b/3+c2acOUZ9aAYEXmydPySY+5uYLa ecXjvee83LVTu8Pq2/C9yCJ1kI1EMix6Q3CTb2Cv/Dtgu1q7rZMG7qKieFpMKO2J xM7RYm1qPNlZ4hf+ZPX+D4+k6g2sZMqYdocdG1qXubk8m314CinHajdsZH9jXDHO 01gnYeMRp2IUBJlClQ7mPyIveJqJV9XpzvMTciuTVEuhzWhMaazzly8dp+8NCu4Q QShPJKqAq16ACJqqOarwo8xaSumZ3UcKhVrD0Gxo1/dhzO1Hy52yo7WrWLaOVH89 bXPeVMfYIF0V9xysbixNmBIEro0mYDuor/XlXBFicZAjmyGEVE04K4UjenMeDoYO /1A2zaVyM9MD50y+X/rFErtz2cj7uNcZ1XSNqPdGameoti5WvvoRbKs/D/H7E8bX p8JDoVJoy46fOBfwNv6eaQYTGYzgtdoEtmTKL3zDauQC1bxI1Jwtma07S97D2SyJ urMcI/V2h8JnGD4sS/7L =kHuK -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2014-1301 // JVNDB: JVNDB-2014-001873 // BID: 66584 // VULHUB: VHN-69240 // PACKETSTORM: 125981

AFFECTED PRODUCTS

vendor:	apple	model:	safari	scope:	eq	version:	6.1	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	6.0.1	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	6.0.2	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	6.0.5	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	6.0	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	6.1.1	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	6.0.4	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	6.0.3	Trust: 1.6
vendor:	apple	model:	itunes	scope:	lte	version:	12.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	lte	version:	6.1.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	apple	model:	itunes	scope:	lt	version:	(windows)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	(os x mountain lion v10.8.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	(os x mavericks v10.9.2)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.x (os x lion v10.7.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	(os x lion server v10.7.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	eq	version:	7.0.3	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.x (os x mountain lion v10.8.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.x (os x lion server v10.7.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	eq	version:	6.1.3	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	(os x lion v10.7.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.x (os x mavericks v10.9.2)	Trust: 0.8
vendor:	apple	model:	itunes	scope:	eq	version:	12.0.1	Trust: 0.8
vendor:	apple	model:	itunes	scope:	eq	version:	12.0	Trust: 0.6
vendor:	apple	model:	safari	scope:	eq	version:	6.1.2	Trust: 0.6
vendor:	esignal	model:	esignal	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.1.8	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.3.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.3.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.7	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.2.72	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	8.0.2.20	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	7.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10	Trust: 0.3

sources: BID: 66584 // JVNDB: JVNDB-2014-001873 // CNNVD: CNNVD-201404-041 // NVD: CVE-2014-1301

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-1301
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-1301
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201404-041
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-69240
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-1301
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-69240
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-69240 // JVNDB: JVNDB-2014-001873 // CNNVD: CNNVD-201404-041 // NVD: CVE-2014-1301

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-69240 // JVNDB: JVNDB-2014-001873 // NVD: CVE-2014-1301

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-041

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201404-041

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001873

PATCH

title:	HT6537	url:	http://support.apple.com/en-eu/HT6537	Trust: 0.8
title:	HT6181	url:	http://support.apple.com/kb/HT6181	Trust: 0.8
title:	HT6181	url:	http://support.apple.com/kb/HT6181?viewlocale=ja_JP	Trust: 0.8
title:	HT6537	url:	http://support.apple.com/ja-jp/HT6537	Trust: 0.8
title:	iPhone6,2_7.0.3_11B511_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49087	Trust: 0.6
title:	Safari6.1.3MountainLion	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49086	Trust: 0.6

sources: JVNDB: JVNDB-2014-001873 // CNNVD: CNNVD-201404-041

EXTERNAL IDS

db:	NVD	id:	CVE-2014-1301	Trust: 2.9
db:	JVN	id:	JVNVU94409290	Trust: 0.8
db:	JVN	id:	JVNVU97537282	Trust: 0.8
db:	JVNDB	id:	JVNDB-2014-001873	Trust: 0.8
db:	SECUNIA	id:	57688	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2014-04-01-1	Trust: 0.6
db:	CNNVD	id:	CNNVD-201404-041	Trust: 0.6
db:	BID	id:	66584	Trust: 0.4
db:	VULHUB	id:	VHN-69240	Trust: 0.1
db:	PACKETSTORM	id:	125981	Trust: 0.1

sources: VULHUB: VHN-69240 // BID: 66584 // JVNDB: JVNDB-2014-001873 // PACKETSTORM: 125981 // CNNVD: CNNVD-201404-041 // NVD: CVE-2014-1301

REFERENCES

url:	http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html	Trust: 2.5
url:	https://support.apple.com/kb/ht6537	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1301	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu94409290/	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu97537282/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1301	Trust: 0.8
url:	http://secunia.com/advisories/57688	Trust: 0.6
url:	http://www.webkit.org/	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1304	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1291	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1292	Trust: 0.1
url:	http://support.apple.com/kb/ht1222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1297	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2928	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1312	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1309	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1308	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1300	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1311	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1313	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1298	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2926	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1713	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1293	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1290	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1305	Trust: 0.1
url:	http://gpgtools.org	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1294	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1289	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1301	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1303	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1299	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1310	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-6625	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1302	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-2871	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1307	Trust: 0.1

sources: VULHUB: VHN-69240 // BID: 66584 // JVNDB: JVNDB-2014-001873 // PACKETSTORM: 125981 // CNNVD: CNNVD-201404-041 // NVD: CVE-2014-1301

CREDITS

Google Chrome Security Team

Trust: 0.3

sources: BID: 66584

SOURCES

db:	VULHUB	id:	VHN-69240
db:	BID	id:	66584
db:	JVNDB	id:	JVNDB-2014-001873
db:	PACKETSTORM	id:	125981
db:	CNNVD	id:	CNNVD-201404-041
db:	NVD	id:	CVE-2014-1301

LAST UPDATE DATE

2025-04-13T21:52:46.516000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-69240	date:	2016-12-22T00:00:00
db:	BID	id:	66584	date:	2014-10-17T19:04:00
db:	JVNDB	id:	JVNDB-2014-001873	date:	2014-11-20T00:00:00
db:	CNNVD	id:	CNNVD-201404-041	date:	2014-04-04T00:00:00
db:	NVD	id:	CVE-2014-1301	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-69240	date:	2014-04-02T00:00:00
db:	BID	id:	66584	date:	2014-04-02T00:00:00
db:	JVNDB	id:	JVNDB-2014-001873	date:	2014-04-03T00:00:00
db:	PACKETSTORM	id:	125981	date:	2014-04-02T11:02:22
db:	CNNVD	id:	CNNVD-201404-041	date:	2014-04-04T00:00:00
db:	NVD	id:	CVE-2014-1301	date:	2014-04-02T16:17:06.947