CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1074
https://notcve.org/view.php?id=CVE-2015-1074
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, utilizado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria o caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://www.securitytracker.com/id/1031936 https://support.apple.com/HT204560 https://support.apple.com/HT204661 https://support.apple.com/HT204662 https://support.apple.com/kb/HT204949 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 1%CPEs: 19EXPL: 0CVE-2015-1083
https://notcve.org/view.php?id=CVE-2015-1083
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web modificado, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://www.securitytracker.com/id/1031936 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT204560 https://support • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 17EXPL: 0CVE-2014-4479
https://notcve.org/view.php?id=CVE-2014-4479
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477. WebKit, utilizado en Apple iOS anterior a 8.1.3; Apple Safari anterior a 6.2.3, 7.x anterior a 7.1.3, y 8.x anterior a 8.0.3; y Apple TV anterior a 7.0.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2014-4476 y CVE-2014-4477. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://support.apple.com/HT204243 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://www.securityfocus.com/bid/72330 http://www.securitytracker.com/id/1031647 https://su • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 17EXPL: 0CVE-2014-4476
https://notcve.org/view.php?id=CVE-2014-4476
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479. WebKit, utilizado en Apple iOS anterior a 8.1.3; Apple Safari anterior a 6.2.3, 7.x anterior a 7.1.3, y 8.x anterior a 8.0.3; y Apple TV anterior a 7.0.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2014-4477 y CVE-2014-4479. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://support.apple.com/HT204243 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://www.securityfocus.com/bid/72329 http://www.securitytracker.com/id/1031647 https://su • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 17EXPL: 0CVE-2014-4477 – (Mobile Pwn2Own) Apple Safari Set Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-4477
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479. WebKit, utilizado en Apple iOS anterior a 8.1.3; Apple Safari anterior a 6.2.3, 7.x anterior a 7.1.3, y 8.x anterior a 8.0.3; y Apple TV anterior a 7.0.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2014-4476 y CVE-2014-4479. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Set objects. The issue lies in the usage of an iterator after clearing the object. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://support.apple.com/HT204243 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://www.securityfocus.com/bid/72331 http://www.securitytracker.com/id/1031647 https://su • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •