CVE-2014-4476

Published Jan 30, 2015

Last updated 6 years ago

CVSS info 6.8

Overview

Description: WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479.
Source: product-security@apple.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81633BA7-0B8F-47FB-BBAE-A75468645972",
            "versionEndIncluding": "6.2.2"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "391B4255-4434-4EB3-929B-3E593D9CD249"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40B87D10-55B3-42E7-8FF6-93EDF003337D"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49457917-495E-4D17-A0AB-D2A163D4721D"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "223B13DA-9328-46C2-8426-3182D55E6669"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD636DF3-E590-4603-9D18-CC2375A97750"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "845A67F0-7BE6-482C-AE49-D8E9B272BA6C"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB1C61F7-BAF4-4061-8B1A-D7F8D597F2D5"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A5C7D83-EA9E-4E26-910D-8471252723EF"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49ED968C-DBBD-451F-8B03-E7314A8EE7A2",
            "versionEndIncluding": "12.1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31944D25-25B6-4EA4-92B0-6B03921E0CCE",
            "versionEndIncluding": "8.1.2"
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C32F3FB-EBDF-4A80-B7D9-42EDEF5DC6F4",
            "versionEndIncluding": "7.0.1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References