CVE-2014-4468
published 2014-12-10CVE-2014-4468: WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of…
PriorityP428medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
0.84%
75.1th percentile
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_tv | — | — |
| apple | ios | — | — |
| apple | iphone_os | <= 8.1.2 | — |
| apple | itunes | <= 12.1 | — |
| apple | itunes | — | — |
| apple | safari | <= 6.2.0 | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | tvos | <= 7.0.1 | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
Apple
CVE-2014-4468: iOS 8.1.3
vendor_apple·CVSS 6.8
CVE-2014-4468 [MEDIUM] CVE-2014-4468: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4468
Component: CVE-2014-4459
Apple
CVE-2014-4468: Apple TV 7.0.3
vendor_apple·CVSS 6.8
CVE-2014-4468 [MEDIUM] CVE-2014-4468: Apple TV 7.0.3
Apple Security Update: About the security content of Apple TV 7.0.3
Product: Apple TV
Version: 7.0.3
CVE: CVE-2014-4468
Component: CVE-2014-4459
Apple
CVE-2014-4468: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2014-4468 [MEDIUM] CVE-2014-4468: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2014-4468
Component: CVE-2014-4459
GHSA
GHSA-fh4w-w6mr-m97f: WebKit, as used in Apple Safari before 6
ghsa_unreviewed·2022-05-14
CVE-2014-4468 [MEDIUM] GHSA-fh4w-w6mr-m97f: WebKit, as used in Apple Safari before 6
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
OSV
CVE-2014-4468: WebKit, as used in Apple Safari before 6
osv·2014-12-10·CVSS 6.8
CVE-2014-4468 [MEDIUM] CVE-2014-4468: WebKit, as used in Apple Safari before 6
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00006.htmlhttp://support.apple.com/HT204245http://support.apple.com/HT204246http://support.apple.com/kb/HT6596http://www.securityfocus.com/bid/71459https://support.apple.com/kb/HT204949http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00006.htmlhttp://support.apple.com/HT204245http://support.apple.com/HT204246http://support.apple.com/kb/HT6596http://www.securityfocus.com/bid/71459https://support.apple.com/kb/HT204949
2014-12-10
Published