CVE-2014-1369Improper Input Validation in Apple Safari

CWE-20Improper Input Validation2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
0.5%
top 32.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedJul 1
Latest updateMay 17

Description

WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows user-assisted remote attackers to access file: URLs by leveraging a URL drag operation that originates at a crafted web site.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDapple/safari6.1.4+15

🔴Vulnerability Details

1
GHSA
GHSA-g2j5-42fr-66xq: WebKit in Apple Safari before 62022-05-17
CVE-2014-1369 — Improper Input Validation in Apple | cvebase