CVE-2014-4459
published 2014-11-18CVE-2014-4459: Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an…
PriorityP336medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
3.82%
88.3th percentile
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_tv | — | — |
| apple | ios | — | — |
| apple | iphone_os | < 8.1.3 | 8.1.3 |
| apple | itunes | < 12.2 | 12.2 |
| apple | itunes | — | — |
| apple | mac_os_x | < 10.10.1 | 10.10.1 |
| apple | safari | >= 6.0 < 6.2.1 | 6.2.1 |
| apple | safari | >= 7.0 < 7.1.1 | 7.1.1 |
| apple | safari | >= 8.0 < 8.0.1 | 8.0.1 |
| apple | tvos | < 7.0.3 | 7.0.3 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
Apple
CVE-2014-4472: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4472 [MEDIUM] CVE-2014-4472: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4472
Component: CVE-2014-4459
Apple
CVE-2014-4469: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4469 [MEDIUM] CVE-2014-4469: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4469
Component: CVE-2014-4459
Apple
CVE-2014-4470: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4470 [MEDIUM] CVE-2014-4470: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4470
Component: CVE-2014-4459
Apple
CVE-2015-1069: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1069 [MEDIUM] CVE-2015-1069: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1069
Component: CVE-2014-4459
Apple
CVE-2014-4475: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4475 [MEDIUM] CVE-2014-4475: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4475
Component: CVE-2014-4459
Apple
CVE-2014-4459: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4459 [MEDIUM] CVE-2014-4459: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4459
Component: CVE-2014-4459
Apple
CVE-2015-1068: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1068 [MEDIUM] CVE-2015-1068: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1068
Component: CVE-2014-4459
Apple
CVE-2015-1070: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1070 [MEDIUM] CVE-2015-1070: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1070
Component: CVE-2014-4459
Apple
CVE-2014-4474: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4474 [MEDIUM] CVE-2014-4474: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4474
Component: CVE-2014-4459
Apple
CVE-2014-4471: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4471 [MEDIUM] CVE-2014-4471: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4471
Component: CVE-2014-4459
Apple
CVE-2014-4473: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4473 [MEDIUM] CVE-2014-4473: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4473
Component: CVE-2014-4459
Apple
CVE-2014-4479: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4479 [MEDIUM] CVE-2014-4479: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4479
Component: CVE-2014-4459
Apple
CVE-2014-4470: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4470 [MEDIUM] CVE-2014-4470: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4470
Component: CVE-2014-4459
Apple
CVE-2014-4477: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4477 [MEDIUM] CVE-2014-4477: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4477
Component: CVE-2014-4459
Apple
CVE-2014-4459: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4459 [MEDIUM] CVE-2014-4459: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4459
Component: CVE-2014-4459
Apple
CVE-2014-4472: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4472 [MEDIUM] CVE-2014-4472: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4472
Component: CVE-2014-4459
Apple
CVE-2015-1071: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1071 [MEDIUM] CVE-2015-1071: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1071
Component: CVE-2014-4459
Apple
CVE-2014-4469: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4469 [MEDIUM] CVE-2014-4469: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4469
Component: CVE-2014-4459
Apple
CVE-2014-4466: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4466 [MEDIUM] CVE-2014-4466: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4466
Component: CVE-2014-4459
Apple
CVE-2014-4479: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4479 [MEDIUM] CVE-2014-4479: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4479
Component: CVE-2014-4459
Apple
CVE-2014-4474: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4474 [MEDIUM] CVE-2014-4474: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4474
Component: CVE-2014-4459
Apple
CVE-2014-4477: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4477 [MEDIUM] CVE-2014-4477: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4477
Component: CVE-2014-4459
Apple
CVE-2014-4471: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4471 [MEDIUM] CVE-2014-4471: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4471
Component: CVE-2014-4459
Apple
CVE-2014-4474: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4474 [MEDIUM] CVE-2014-4474: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4474
Component: CVE-2014-4459
Apple
CVE-2014-4473: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4473 [MEDIUM] CVE-2014-4473: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4473
Component: CVE-2014-4459
Apple
CVE-2014-4476: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4476 [MEDIUM] CVE-2014-4476: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4476
Component: CVE-2014-4459
Apple
CVE-2014-4472: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4472 [MEDIUM] CVE-2014-4472: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4472
Component: CVE-2014-4459
Apple
CVE-2014-4475: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4475 [MEDIUM] CVE-2014-4475: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4475
Component: CVE-2014-4459
Apple
CVE-2014-4471: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4471 [MEDIUM] CVE-2014-4471: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4471
Component: CVE-2014-4459
Apple
CVE-2014-4476: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4476 [MEDIUM] CVE-2014-4476: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4476
Component: CVE-2014-4459
Apple
CVE-2014-4468: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4468 [MEDIUM] CVE-2014-4468: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4468
Component: CVE-2014-4459
Apple
CVE-2014-4466: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4466 [MEDIUM] CVE-2014-4466: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4466
Component: CVE-2014-4459
Apple
CVE-2014-4469: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4469 [MEDIUM] CVE-2014-4469: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4469
Component: CVE-2014-4459
Apple
CVE-2014-4475: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4475 [MEDIUM] CVE-2014-4475: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4475
Component: CVE-2014-4459
Apple
CVE-2014-4473: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4473 [MEDIUM] CVE-2014-4473: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4473
Component: CVE-2014-4459
Apple
CVE-2014-4459: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4459 [MEDIUM] CVE-2014-4459: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4459
Component: CVE-2014-4459
Apple
CVE-2014-4468: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4468 [MEDIUM] CVE-2014-4468: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4468
Component: CVE-2014-4459
Apple
CVE-2014-4470: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4470 [MEDIUM] CVE-2014-4470: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4470
Component: CVE-2014-4459
Apple
CVE-2014-4476: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4476 [MEDIUM] CVE-2014-4476: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4476
Component: CVE-2014-4459
Apple
CVE-2014-4466: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4466 [MEDIUM] CVE-2014-4466: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4466
Component: CVE-2014-4459
Apple
CVE-2014-4479: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4479 [MEDIUM] CVE-2014-4479: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4479
Component: CVE-2014-4459
Apple
CVE-2014-4477: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4477 [MEDIUM] CVE-2014-4477: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4477
Component: CVE-2014-4459
Apple
CVE-2014-4468: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4468 [MEDIUM] CVE-2014-4468: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4468
Component: CVE-2014-4459
GHSA
GHSA-h395-cmgw-5cf8: Use-after-free vulnerability in WebKit, as used in Apple OS X before 10
ghsa_unreviewed·2022-05-14
CVE-2014-4459 [MEDIUM] GHSA-h395-cmgw-5cf8: Use-after-free vulnerability in WebKit, as used in Apple OS X before 10
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
OSV
CVE-2014-4459: Use-after-free vulnerability in WebKit, as used in Apple OS X before 10
osv·2014-11-18·CVSS 6.8
CVE-2014-4459 [MEDIUM] CVE-2014-4459: Use-after-free vulnerability in WebKit, as used in Apple OS X before 10
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2014/Nov/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00006.htmlhttp://secunia.com/advisories/62503http://support.apple.com/HT204245http://support.apple.com/HT204246http://support.apple.com/kb/HT6596http://www.securityfocus.com/bid/71144http://www.securitytracker.com/id/1031230https://exchange.xforce.ibmcloud.com/vulnerabilities/98784https://support.apple.com/en-us/HT204419https://support.apple.com/en-us/HT6591https://support.apple.com/kb/HT204949http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2014/Nov/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00006.htmlhttp://secunia.com/advisories/62503http://support.apple.com/HT204245http://support.apple.com/HT204246http://support.apple.com/kb/HT6596http://www.securityfocus.com/bid/71144http://www.securitytracker.com/id/1031230https://exchange.xforce.ibmcloud.com/vulnerabilities/98784https://support.apple.com/en-us/HT204419https://support.apple.com/en-us/HT6591https://support.apple.com/kb/HT204949
2014-11-18
Published