CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2014-1334
https://notcve.org/view.php?id=CVE-2014-1334
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. WebKit, utilizado en Apple Safari anterior a 6.1.4 y 7.x anterior a 7.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit listados en APPLE-SA-2014-05-21-1. • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html http://support.apple.com/kb/HT6254 http://www.securityfocus.com/bid/67553 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2014-1337
https://notcve.org/view.php?id=CVE-2014-1337
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. WebKit, utilizado en Apple Safari anterior a 6.1.4 y 7.x anterior a 7.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit listados en APPLE-SA-2014-05-21-1. • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html http://support.apple.com/kb/HT6254 http://www.securityfocus.com/bid/67553 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2014-1336
https://notcve.org/view.php?id=CVE-2014-1336
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. WebKit, utilizado en Apple Safari anterior a 6.1.4 y 7.x anterior a 7.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit listados en APPLE-SA-2014-05-21-1. • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html http://support.apple.com/kb/HT6254 http://www.securityfocus.com/bid/67553 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2014-1335
https://notcve.org/view.php?id=CVE-2014-1335
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. WebKit, utilizado en Apple Safari anterior a 6.1.4 y 7.x anterior a 7.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit listados en APPLE-SA-2014-05-21-1. • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html http://support.apple.com/kb/HT6254 http://www.securityfocus.com/bid/67553 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 8%CPEs: 8EXPL: 1CVE-2013-6835 – Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass
https://notcve.org/view.php?id=CVE-2013-6835
TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote attackers to obtain telephone number or e-mail address information via a facetime-audio: URL. TelephonyUI Framework en Apple iOS 7 anterior a 7.1, cuando Safari es utilizado, no requiere confirmación de usuario para llamadas de audio FaceTime, lo que permite a atacantes remotos obtener información de número de teléfono o dirección de email a través de una URL facetime-audio:. Facetime allows video calls for iOS. Facetime-Audio, added in iOS 7, allows audio only calls. The audio version uses a vulnerable URL scheme which is not used by Facetime Video. • https://www.exploit-db.com/exploits/39114 http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html http://seclists.org/bugtraq/2014/Mar/63 http://seclists.org/fulldisclosure/2014/Mar/92 http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6441 http://www.securityfocus.com/bid/66108 • CWE-264: Permissions, Privileges, and Access Controls •