Vulnerability-Lookup

	Vendor	Product	Description
	Apple	Safari	versions antérieures à Safari 6.1.1
	Apple	Safari	Versions antérieures à Safari 7.0.1

CVE-2013-2909 (GCVE-0-2013-2909)

Vulnerability from cvelistv5 – Published: 2013-10-02 10:00 – Updated: 2024-08-06 15:52

Summary

Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings.

Severity

No CVSS data available.

CWE

n/a

Assigner

Chrome

References

12 references

URL	Tags
https://src.chromium.org/viewvc/blink?revision=15…	x_refsource_CONFIRM
http://googlechromereleases.blogspot.com/2013/10/…	x_refsource_CONFIRM
http://support.apple.com/kb/HT6163	x_refsource_CONFIRM
https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2014-0…	vendor-advisoryx_refsource_SUSE
http://www.debian.org/security/2013/dsa-2785	vendor-advisoryx_refsource_DEBIAN
https://code.google.com/p/chromium/issues/detail?…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://code.google.com/p/chromium/issues/detail?…	x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Date Public

2013-10-01 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:52:21.157Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://src.chromium.org/viewvc/blink?revision=156580\u0026view=revision"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "name": "openSUSE-SU-2014:0065",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
          },
          {
            "name": "DSA-2785",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2785"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/chromium/issues/detail?id=265838"
          },
          {
            "name": "openSUSE-SU-2013:1556",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "openSUSE-SU-2013:1861",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/chromium/issues/detail?id=279277"
          },
          {
            "name": "oval:org.mitre.oval:def:19012",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19012"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-10-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://src.chromium.org/viewvc/blink?revision=156580\u0026view=revision"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "name": "openSUSE-SU-2014:0065",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
        },
        {
          "name": "DSA-2785",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2785"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.google.com/p/chromium/issues/detail?id=265838"
        },
        {
          "name": "openSUSE-SU-2013:1556",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "openSUSE-SU-2013:1861",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.google.com/p/chromium/issues/detail?id=279277"
        },
        {
          "name": "oval:org.mitre.oval:def:19012",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19012"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2013-2909",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://src.chromium.org/viewvc/blink?revision=156580\u0026view=revision",
              "refsource": "CONFIRM",
              "url": "https://src.chromium.org/viewvc/blink?revision=156580\u0026view=revision"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "openSUSE-SU-2014:0065",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
            },
            {
              "name": "DSA-2785",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2785"
            },
            {
              "name": "https://code.google.com/p/chromium/issues/detail?id=265838",
              "refsource": "CONFIRM",
              "url": "https://code.google.com/p/chromium/issues/detail?id=265838"
            },
            {
              "name": "openSUSE-SU-2013:1556",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "openSUSE-SU-2013:1861",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
            },
            {
              "name": "https://code.google.com/p/chromium/issues/detail?id=279277",
              "refsource": "CONFIRM",
              "url": "https://code.google.com/p/chromium/issues/detail?id=279277"
            },
            {
              "name": "oval:org.mitre.oval:def:19012",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19012"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2013-2909",
    "datePublished": "2013-10-02T10:00:00.000Z",
    "dateReserved": "2013-04-11T00:00:00.000Z",
    "dateUpdated": "2024-08-06T15:52:21.157Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5195 (GCVE-0-2013-5195)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

Severity

No CVSS data available.

CWE

n/a

Assigner

apple

References

3 references

URL	Tags
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Date Public

2013-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:51.762Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5195",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5195",
    "datePublished": "2013-12-18T11:00:00.000Z",
    "dateReserved": "2013-08-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T17:06:51.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5196 (GCVE-0-2013-5196)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

Severity

No CVSS data available.

CWE

n/a

Assigner

apple

References

5 references

URL	Tags
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
http://support.apple.com/kb/HT6163	x_refsource_CONFIRM
https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Date Public

2013-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:51.819Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5196",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5196",
    "datePublished": "2013-12-18T11:00:00.000Z",
    "dateReserved": "2013-08-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T17:06:51.819Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5197 (GCVE-0-2013-5197)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

Severity

No CVSS data available.

CWE

n/a

Assigner

apple

References

5 references

URL	Tags
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
http://support.apple.com/kb/HT6163	x_refsource_CONFIRM
https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Date Public

2013-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:51.836Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5197",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5197",
    "datePublished": "2013-12-18T11:00:00.000Z",
    "dateReserved": "2013-08-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T17:06:51.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5198 (GCVE-0-2013-5198)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

Severity

No CVSS data available.

CWE

n/a

Assigner

apple

References

5 references

URL	Tags
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
http://support.apple.com/kb/HT6163	x_refsource_CONFIRM
https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Date Public

2013-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:51.970Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5198",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5198",
    "datePublished": "2013-12-18T11:00:00.000Z",
    "dateReserved": "2013-08-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T17:06:51.970Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5199 (GCVE-0-2013-5199)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

Severity

No CVSS data available.

CWE

n/a

Assigner

apple

References

6 references

URL	Tags
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
http://support.apple.com/kb/HT6163	x_refsource_CONFIRM
https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
http://www.securityfocus.com/bid/64361	vdb-entryx_refsource_BID
http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Date Public

2013-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:52.084Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "name": "64361",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64361"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "name": "64361",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64361"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5199",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "64361",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64361"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5199",
    "datePublished": "2013-12-18T11:00:00.000Z",
    "dateReserved": "2013-08-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T17:06:52.084Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5225 (GCVE-0-2013-5225)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

Severity

No CVSS data available.

CWE

n/a

Assigner

apple

References

5 references

URL	Tags
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
http://support.apple.com/kb/HT6163	x_refsource_CONFIRM
https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Date Public

2013-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:52.388Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5225",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5225",
    "datePublished": "2013-12-18T11:00:00.000Z",
    "dateReserved": "2013-08-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T17:06:52.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5227 (GCVE-0-2013-5227)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields.

Severity

No CVSS data available.

CWE

n/a

Assigner

apple

References

6 references

URL	Tags
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
http://www.securityfocus.com/bid/64355	vdb-entryx_refsource_BID
http://support.apple.com/kb/HT6441	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Date Public

2013-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:52.280Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "name": "64355",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64355"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6441"
          },
          {
            "name": "APPLE-SA-2014-09-17-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-04T17:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "name": "64355",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64355"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6441"
        },
        {
          "name": "APPLE-SA-2014-09-17-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5227",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "64355",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64355"
            },
            {
              "name": "http://support.apple.com/kb/HT6441",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6441"
            },
            {
              "name": "APPLE-SA-2014-09-17-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5227",
    "datePublished": "2013-12-18T11:00:00.000Z",
    "dateReserved": "2013-08-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T17:06:52.280Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-5228 (GCVE-0-2013-5228)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

Severity

No CVSS data available.

CWE

n/a

Assigner

apple

References

5 references

URL	Tags
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
http://support.apple.com/kb/HT6163	x_refsource_CONFIRM
https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Date Public

2013-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:52.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01.000Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5228",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5228",
    "datePublished": "2013-12-18T11:00:00.000Z",
    "dateReserved": "2013-08-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T17:06:52.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2013-AVI-677

Solution

Tags

Sightings

Nomenclature

Action not permitted

CERTA-2013-AVI-677

Solution

CVE-2013-2909 (GCVE-0-2013-2909)

CVE-2013-5195 (GCVE-0-2013-5195)

CVE-2013-5196 (GCVE-0-2013-5196)

CVE-2013-5197 (GCVE-0-2013-5197)

CVE-2013-5198 (GCVE-0-2013-5198)

CVE-2013-5199 (GCVE-0-2013-5199)

CVE-2013-5225 (GCVE-0-2013-5225)

CVE-2013-5227 (GCVE-0-2013-5227)

CVE-2013-5228 (GCVE-0-2013-5228)

Tags

Sightings

Nomenclature