cvelistv5 - cve-2013-5197

CVE-2013-5197 (GCVE-0-2013-5197)

Vulnerability from cvelistv5 – Published: 2013-12-18 11:00 – Updated: 2024-08-06 17:06

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE
	http://support.apple.com/kb/HT6163	x_refsource_CONFIRM
	https://support.apple.com/kb/HT6537	x_refsource_CONFIRM
	http://support.apple.com/kb/HT6162	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_APPLE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:06:51.836Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "APPLE-SA-2013-12-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6537"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6162"
        },
        {
          "name": "APPLE-SA-2013-12-16-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5197",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6537"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2013-5197",
    "datePublished": "2013-12-18T11:00:00",
    "dateReserved": "2013-08-15T00:00:00",
    "dateUpdated": "2024-08-06T17:06:51.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.1\", \"matchCriteriaId\": \"1CD7CFFE-1DE7-4FE4-ACD3-F9B6C3974373\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BA4B009-6BF2-4174-A05C-77B75C45377C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"136A760D-2873-4216-AB60-E3D93DE82BCF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFF3DFE0-2587-4E91-ACC2-45E9B51EF4C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"076B9C00-EFB0-4284-A617-FAEE341F80FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8851ED07-715F-4F6A-AE29-FA95D069F972\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65EBA204-5E12-429A-9414-400CBAA0BA89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"461EFB63-7933-488C-BB4E-7C913364F5A9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.0\", \"matchCriteriaId\": \"BE6737D1-ED03-4A1D-8973-26FFC15B7FC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.0.6\", \"matchCriteriaId\": \"CF3077AD-297B-4DCA-98B8-5343D24B0C15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.0.2\", \"matchCriteriaId\": \"A095577A-72BD-4F9D-87FC-98976B1583C5\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.\"}, {\"lang\": \"es\", \"value\": \"WebKit, de la manera en que se utiliza en Apple Safari anteriores a 6.1.1 y 7.x anteriores a 7.0.1, permite a atacantes remotos ejecutar c\\u00f3digo arbitrario o causar denegaci\\u00f3n de servicio (corrupci\\u00f3n de memoria y ca\\u00edda de la aplicaci\\u00f3n) a trav\\u00e9s de una p\\u00e1gina web manipulada, una vulnerabilidad distinta a otros CVEs de WebKit listados en APPLE-SA-2013-12-16-1.\"}]",
      "id": "CVE-2013-5197",
      "lastModified": "2024-11-21T01:57:11.770",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2013-12-18T16:04:28.193",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://support.apple.com/kb/HT6162\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT6163\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT6537\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://support.apple.com/kb/HT6162\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT6163\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT6537\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "product-security@apple.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-5197\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2013-12-18T16:04:28.193\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.\"},{\"lang\":\"es\",\"value\":\"WebKit, de la manera en que se utiliza en Apple Safari anteriores a 6.1.1 y 7.x anteriores a 7.0.1, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una p\u00e1gina web manipulada, una vulnerabilidad distinta a otros CVEs de WebKit listados en APPLE-SA-2013-12-16-1.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.1\",\"matchCriteriaId\":\"1CD7CFFE-1DE7-4FE4-ACD3-F9B6C3974373\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BA4B009-6BF2-4174-A05C-77B75C45377C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"136A760D-2873-4216-AB60-E3D93DE82BCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF3DFE0-2587-4E91-ACC2-45E9B51EF4C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"076B9C00-EFB0-4284-A617-FAEE341F80FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8851ED07-715F-4F6A-AE29-FA95D069F972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65EBA204-5E12-429A-9414-400CBAA0BA89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"461EFB63-7933-488C-BB4E-7C913364F5A9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.0\",\"matchCriteriaId\":\"BE6737D1-ED03-4A1D-8973-26FFC15B7FC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.0.6\",\"matchCriteriaId\":\"CF3077AD-297B-4DCA-98B8-5343D24B0C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.0.2\",\"matchCriteriaId\":\"A095577A-72BD-4F9D-87FC-98976B1583C5\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT6162\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6163\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT6537\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT6162\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6163\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT6537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTA-2013-AVI-677

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple Safari. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	Safari	versions antérieures à Safari 6.1.1
	Apple	Safari	Versions antérieures à Safari 7.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT6082 du 16 décembre 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "versions ant\u00e9rieures \u00e0 Safari 6.1.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Versions ant\u00e9rieures \u00e0 Safari 7.0.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-5197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5197"
    },
    {
      "name": "CVE-2013-2909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2909"
    },
    {
      "name": "CVE-2013-5198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5198"
    },
    {
      "name": "CVE-2013-5225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5225"
    },
    {
      "name": "CVE-2013-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5195"
    },
    {
      "name": "CVE-2013-5228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5228"
    },
    {
      "name": "CVE-2013-5199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5199"
    },
    {
      "name": "CVE-2013-5196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5196"
    },
    {
      "name": "CVE-2013-5227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5227"
    }
  ],
  "links": [],
  "reference": "CERTA-2013-AVI-677",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-12-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple Safari\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6082 du 16 d\u00e9cembre 2013",
      "url": "http://support.apple.com/kb/HT6082"
    }
  ]
}

CERTFR-2014-AVI-116

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Apple TV versions antérieures à 6.1
	Apple	N/A	Apple iOS versions antérieures à 7.1

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT6162 du 11 mars 2014	None	vendor-advisory
Bulletin de sécurité Apple HT6163 du 11 mars 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple TV versions ant\u00e9rieures \u00e0 6.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple iOS versions ant\u00e9rieures \u00e0 7.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-1252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1252"
    },
    {
      "name": "CVE-2013-5197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5197"
    },
    {
      "name": "CVE-2013-2909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2909"
    },
    {
      "name": "CVE-2013-5133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5133"
    },
    {
      "name": "CVE-2013-5198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5198"
    },
    {
      "name": "CVE-2014-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1271"
    },
    {
      "name": "CVE-2012-2088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2088"
    },
    {
      "name": "CVE-2013-6625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6625"
    },
    {
      "name": "CVE-2014-1293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1293"
    },
    {
      "name": "CVE-2014-1273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1273"
    },
    {
      "name": "CVE-2013-6835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6835"
    },
    {
      "name": "CVE-2014-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1290"
    },
    {
      "name": "CVE-2014-1277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1277"
    },
    {
      "name": "CVE-2014-1287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1287"
    },
    {
      "name": "CVE-2014-1280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1280"
    },
    {
      "name": "CVE-2013-5225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5225"
    },
    {
      "name": "CVE-2014-1282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1282"
    },
    {
      "name": "CVE-2014-1279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1279"
    },
    {
      "name": "CVE-2013-2928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2928"
    },
    {
      "name": "CVE-2013-5228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5228"
    },
    {
      "name": "CVE-2014-1278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1278"
    },
    {
      "name": "CVE-2013-6629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
    },
    {
      "name": "CVE-2014-1267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1267"
    },
    {
      "name": "CVE-2014-1269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1269"
    },
    {
      "name": "CVE-2013-2926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2926"
    },
    {
      "name": "CVE-2014-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1281"
    },
    {
      "name": "CVE-2014-1276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1276"
    },
    {
      "name": "CVE-2013-5199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5199"
    },
    {
      "name": "CVE-2013-5196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5196"
    },
    {
      "name": "CVE-2014-1275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1275"
    },
    {
      "name": "CVE-2014-1274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1274"
    },
    {
      "name": "CVE-2013-5227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5227"
    },
    {
      "name": "CVE-2014-1294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1294"
    },
    {
      "name": "CVE-2014-1289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1289"
    },
    {
      "name": "CVE-2014-1285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1285"
    },
    {
      "name": "CVE-2014-1291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1291"
    },
    {
      "name": "CVE-2014-1284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1284"
    },
    {
      "name": "CVE-2014-1270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1270"
    },
    {
      "name": "CVE-2014-1272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1272"
    },
    {
      "name": "CVE-2014-1286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1286"
    },
    {
      "name": "CVE-2013-6635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6635"
    },
    {
      "name": "CVE-2014-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1292"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-116",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6162 du 11 mars 2014",
      "url": "http://support.apple.com/kb/HT6162"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6163 du 11 mars 2014",
      "url": "http://support.apple.com/kb/HT6163"
    }
  ]
}

CERTA-2013-AVI-677

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	Safari	versions antérieures à Safari 6.1.1
	Apple	Safari	Versions antérieures à Safari 7.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT6082 du 16 décembre 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "versions ant\u00e9rieures \u00e0 Safari 6.1.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Versions ant\u00e9rieures \u00e0 Safari 7.0.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-5197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5197"
    },
    {
      "name": "CVE-2013-2909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2909"
    },
    {
      "name": "CVE-2013-5198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5198"
    },
    {
      "name": "CVE-2013-5225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5225"
    },
    {
      "name": "CVE-2013-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5195"
    },
    {
      "name": "CVE-2013-5228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5228"
    },
    {
      "name": "CVE-2013-5199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5199"
    },
    {
      "name": "CVE-2013-5196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5196"
    },
    {
      "name": "CVE-2013-5227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5227"
    }
  ],
  "links": [],
  "reference": "CERTA-2013-AVI-677",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-12-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple Safari\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6082 du 16 d\u00e9cembre 2013",
      "url": "http://support.apple.com/kb/HT6082"
    }
  ]
}

CERTFR-2014-AVI-116

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Apple TV versions antérieures à 6.1
	Apple	N/A	Apple iOS versions antérieures à 7.1

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT6162 du 11 mars 2014	None	vendor-advisory
Bulletin de sécurité Apple HT6163 du 11 mars 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple TV versions ant\u00e9rieures \u00e0 6.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple iOS versions ant\u00e9rieures \u00e0 7.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-1252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1252"
    },
    {
      "name": "CVE-2013-5197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5197"
    },
    {
      "name": "CVE-2013-2909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2909"
    },
    {
      "name": "CVE-2013-5133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5133"
    },
    {
      "name": "CVE-2013-5198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5198"
    },
    {
      "name": "CVE-2014-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1271"
    },
    {
      "name": "CVE-2012-2088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2088"
    },
    {
      "name": "CVE-2013-6625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6625"
    },
    {
      "name": "CVE-2014-1293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1293"
    },
    {
      "name": "CVE-2014-1273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1273"
    },
    {
      "name": "CVE-2013-6835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6835"
    },
    {
      "name": "CVE-2014-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1290"
    },
    {
      "name": "CVE-2014-1277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1277"
    },
    {
      "name": "CVE-2014-1287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1287"
    },
    {
      "name": "CVE-2014-1280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1280"
    },
    {
      "name": "CVE-2013-5225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5225"
    },
    {
      "name": "CVE-2014-1282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1282"
    },
    {
      "name": "CVE-2014-1279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1279"
    },
    {
      "name": "CVE-2013-2928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2928"
    },
    {
      "name": "CVE-2013-5228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5228"
    },
    {
      "name": "CVE-2014-1278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1278"
    },
    {
      "name": "CVE-2013-6629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
    },
    {
      "name": "CVE-2014-1267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1267"
    },
    {
      "name": "CVE-2014-1269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1269"
    },
    {
      "name": "CVE-2013-2926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2926"
    },
    {
      "name": "CVE-2014-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1281"
    },
    {
      "name": "CVE-2014-1276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1276"
    },
    {
      "name": "CVE-2013-5199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5199"
    },
    {
      "name": "CVE-2013-5196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5196"
    },
    {
      "name": "CVE-2014-1275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1275"
    },
    {
      "name": "CVE-2014-1274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1274"
    },
    {
      "name": "CVE-2013-5227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5227"
    },
    {
      "name": "CVE-2014-1294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1294"
    },
    {
      "name": "CVE-2014-1289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1289"
    },
    {
      "name": "CVE-2014-1285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1285"
    },
    {
      "name": "CVE-2014-1291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1291"
    },
    {
      "name": "CVE-2014-1284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1284"
    },
    {
      "name": "CVE-2014-1270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1270"
    },
    {
      "name": "CVE-2014-1272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1272"
    },
    {
      "name": "CVE-2014-1286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1286"
    },
    {
      "name": "CVE-2013-6635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6635"
    },
    {
      "name": "CVE-2014-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1292"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-116",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eApple\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6162 du 11 mars 2014",
      "url": "http://support.apple.com/kb/HT6162"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT6163 du 11 mars 2014",
      "url": "http://support.apple.com/kb/HT6163"
    }
  ]
}

GSD-2013-5197

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-5197

Aliases

CVE-2013-5197

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-5197",
    "description": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.",
    "id": "GSD-2013-5197"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-5197"
      ],
      "details": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.",
      "id": "GSD-2013-5197",
      "modified": "2023-12-13T01:22:21.592741Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2013-5197",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "APPLE-SA-2013-12-16-1",
            "refsource": "APPLE",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
          },
          {
            "name": "http://support.apple.com/kb/HT6163",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT6163"
          },
          {
            "name": "https://support.apple.com/kb/HT6537",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT6537"
          },
          {
            "name": "http://support.apple.com/kb/HT6162",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT6162"
          },
          {
            "name": "APPLE-SA-2013-12-16-2",
            "refsource": "APPLE",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.6",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2013-5197"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2013-12-16-2",
              "refsource": "APPLE",
              "tags": [
                "Broken Link"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
            },
            {
              "name": "APPLE-SA-2013-12-16-1",
              "refsource": "APPLE",
              "tags": [
                "Broken Link"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
            },
            {
              "name": "http://support.apple.com/kb/HT6163",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT6163"
            },
            {
              "name": "http://support.apple.com/kb/HT6162",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT6162"
            },
            {
              "name": "https://support.apple.com/kb/HT6537",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/kb/HT6537"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2019-03-08T16:06Z",
      "publishedDate": "2013-12-18T16:04Z"
    }
  }
}

FKIE_CVE-2013-5197

Vulnerability from fkie_nvd - Published: 2013-12-18 16:04 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html	Broken Link
product-security@apple.com	http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html	Broken Link
product-security@apple.com	http://support.apple.com/kb/HT6162	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT6163	Vendor Advisory
product-security@apple.com	https://support.apple.com/kb/HT6537	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6162	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT6163	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT6537	Vendor Advisory

Impacted products

Vendor	Product	Version
apple	safari	*
apple	safari	6.0
apple	safari	6.0.1
apple	safari	6.0.2
apple	safari	6.0.3
apple	safari	6.0.4
apple	safari	6.0.5
apple	safari	7.0
apple	webkit	*
apple	itunes	*
apple	iphone_os	*
apple	tvos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CD7CFFE-1DE7-4FE4-ACD3-F9B6C3974373",
              "versionEndIncluding": "6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BA4B009-6BF2-4174-A05C-77B75C45377C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "136A760D-2873-4216-AB60-E3D93DE82BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFF3DFE0-2587-4E91-ACC2-45E9B51EF4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "076B9C00-EFB0-4284-A617-FAEE341F80FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8851ED07-715F-4F6A-AE29-FA95D069F972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "65EBA204-5E12-429A-9414-400CBAA0BA89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE6737D1-ED03-4A1D-8973-26FFC15B7FC5",
              "versionEndIncluding": "12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF3077AD-297B-4DCA-98B8-5343D24B0C15",
              "versionEndIncluding": "7.0.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A095577A-72BD-4F9D-87FC-98976B1583C5",
              "versionEndIncluding": "6.0.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
    },
    {
      "lang": "es",
      "value": "WebKit, de la manera en que se utiliza en Apple Safari anteriores a 6.1.1 y 7.x anteriores a 7.0.1, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una p\u00e1gina web manipulada, una vulnerabilidad distinta a otros CVEs de WebKit listados en APPLE-SA-2013-12-16-1."
    }
  ],
  "id": "CVE-2013-5197",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-12-18T16:04:28.193",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6162"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6163"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6537"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201312-0383

Vulnerability from variot - Updated: 2023-12-18 11:29

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. An attacker may exploit this issue by enticing victims into viewing a malicious webpage. Successful exploits may allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome.

For OS X Mountain Lion systems Safari 6.1 may be obtained from Mac App Store.

For OS X Lion systems Safari 6.1 is available via the Apple Software Update application. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2014-03-10-1 iOS 7.1

iOS 7.1 is now available and addresses the following:

Backup Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted backup can alter the filesystem Description: A symbolic link in a backup would be restored, allowing subsequent operations during the restore to write to the rest of the filesystem. This issue was addressed by checking for symbolic links during the restore process. CVE-ID CVE-2013-5133 : evad3rs

Certificate Trust Policy Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Root certificates have been updated Description: Several certificates were added to or removed from the list of system roots.

Configuration Profiles Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Profile expiration dates were not honored Description: Expiration dates of mobile configuration profiles were not evaluated correctly. The issue was resolved through improved handling of configuration profiles. CVE-ID CVE-2014-1267

CoreCapture Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application can cause an unexpected system termination Description: A reachable assertion issue existed in CoreCapture's handling of IOKit API calls. The issue was addressed through additional validation of input from IOKit. CVE-ID CVE-2014-1271 : Filippo Bigarella

Crash Reporting Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to change permissions on arbitrary files Description: CrashHouseKeeping followed symbolic links while changing permissions on files. This issue was addressed by not following symbolic links when changing permissions on files. CVE-ID CVE-2014-1272 : evad3rs

dyld Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Code signing requirements may be bypassed Description: Text relocation instructions in dynamic libraries may be loaded by dyld without code signature validation. This issue was addressed by ignoring text relocation instructions. CVE-ID CVE-2014-1273 : evad3rs

FaceTime Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to access FaceTime contacts from the lock screen Description: FaceTime contacts on a locked device could be exposed by making a failed FaceTime call from the lock screen. This issue was addressed through improved handling of FaceTime calls. CVE-ID CVE-2014-1274

ImageIO Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 images in PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1275 : Felix Groebert of the Google Security Team

ImageIO Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of TIFF images. This issue was addressed through additional validation of TIFF images. CVE-ID CVE-2012-2088

ImageIO Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted JPEG file may lead to the disclosure of memory contents Description: An uninitialized memory access issue existed in libjpeg's handling of JPEG markers, resulting in the disclosure of memory contents. This issue was addressed through additional validation of JPEG files. CVE-ID CVE-2013-6629 : Michal Zalewski

IOKit HID Event Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may monitor on user actions in other apps Description: An interface in IOKit framework allowed malicious apps to monitor on user actions in other apps. This issue was addressed through improved access control policies in the framework. CVE-ID CVE-2014-1276 : Min Zheng, Hui Xue, and Dr. Tao (Lenx) Wei of FireEye

iTunes Store Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A man-in-the-middle attacker may entice a user into downloading a malicious app via Enterprise App Download Description: An attacker with a privileged network position could spoof network communications to entice a user into downloading a malicious app. This issue was mitigated by using SSL and prompting the user during URL redirects. CVE-ID CVE-2014-1277 : Stefan Esser

Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: An out of bounds memory access issue existed in the ARM ptmx_get_ioctl function. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1278 : evad3rs

Office Viewer Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted Microsoft Word document may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in the handling of Microsoft Word documents. This issue was addressed through improved memory management. CVE-ID CVE-2014-1252 : Felix Groebert of the Google Security Team

Photos Backend Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Deleted images may still appear in the Photos app underneath transparent images Description: Deleting an image from the asset library did not delete cached versions of the image. This issue was addressed through improved cache management. CVE-ID CVE-2014-1281 : Walter Hoelblinger of Hoelblinger.com, Morgan Adams, Tom Pennington

Profiles Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A configuration profile may be hidden from the user Description: A configuration profile with a long name could be loaded onto the device but was not displayed in the profile UI. The issue was addressed through improved handling of profile names. CVE-ID CVE-2014-1282 : Assaf Hefetz, Yair Amit and Adi Sharabani of Skycure

Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: User credentials may be disclosed to an unexpected site via autofill Description: Safari may have autofilled user names and passwords into a subframe from a different domain than the main frame. This issue was addressed through improved origin tracking. CVE-ID CVE-2013-5227 : Niklas Malmgren of Klarna AB

Settings - Accounts Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed in the handling of the Find My iPhone state. This issue was addressed through improved handling of Find My iPhone state. CVE-ID CVE-2014-1284

Springboard Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to see the home screen of the device even if the device has not been activated Description: An unexpected application termination during activation could cause the phone to show the home screen. The issue was addressed through improved error handling during activation. CVE-ID CVE-2014-1285 : Roboboi99

SpringBoard Lock Screen Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to cause the lock screen to become unresponsive Description: A state management issue existed in the lock screen. This issue was addressed through improved state management. CVE-ID CVE-2014-1286 : Bogdan Alecu of M-sec.net

TelephonyUI Framework Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A webpage could trigger a FaceTime audio call without user interaction Description: Safari did not consult the user before launching facetime-audio:// URLs. This issue was addressed with the addition of a confirmation prompt. CVE-ID CVE-2013-6835 : Guillaume Ross

USB Host Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to cause arbitrary code execution in kernel mode Description: A memory corruption issue existed in the handling of USB messages. This issue was addressed through additional validation of USB messages. CVE-ID CVE-2014-1287 : Andy Davis of NCC Group

Video Driver Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Playing a maliciously crafted video could lead to the device becoming unresponsive Description: A null dereference issue existed in the handling of MPEG-4 encoded files. This issue was addressed through improved memory handling. These issues were addressed through improved memory handling. CVE-ID CVE-2013-2909 : Atte Kettunen of OUSPG CVE-2013-2926 : cloudfuzzer CVE-2013-2928 : Google Chrome Security Team CVE-2013-5196 : Google Chrome Security Team CVE-2013-5197 : Google Chrome Security Team CVE-2013-5198 : Apple CVE-2013-5199 : Apple CVE-2013-5225 : Google Chrome Security Team CVE-2013-5228 : Keen Team (@K33nTeam) working with HP's Zero Day Initiative CVE-2013-6625 : cloudfuzzer CVE-2013-6635 : cloudfuzzer CVE-2014-1269 : Apple CVE-2014-1270 : Apple CVE-2014-1289 : Apple CVE-2014-1290 : ant4g0nist (SegFault) working with HP's Zero Day Initiative, Google Chrome Security Team CVE-2014-1291 : Google Chrome Security Team CVE-2014-1292 : Google Chrome Security Team CVE-2014-1293 : Google Chrome Security Team CVE-2014-1294 : Google Chrome Security Team

Installation note:

This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

Navigate to Settings
Select General
Select About. The version after applying this update will be "7.1".

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTGlvJAAoJEPefwLHPlZEwh2cP/iOvfDbgv78TKX2hsxttcy8l NTK4EbpYO0rEpqbQukIHwBrb+PtEWK4tdxWPNQV+8GnCPaLqmMXWxHZPkI02qXjI UxYNgPq+9MPcoFFdbbptz4azcwFa0rdsQtxL0MYRrUqW5ml86zjGsVWUDGMDFu9R fuujvU/JOGoIYVxFQziEScnMfryw61b/JObcT/mDzXv/IcKhuMzMfp4cbnXq7Mmx NOpIQ0syx5oH7jadJA72iX7UyUuoydAcD3gaJDbLLfjEM8giDTL/TmH1HpuJjDHq Zmj0NMlMqAztoFzpHZxlJ6kYjFYs7heyWgm3HQ+dwT0cDajFEZUEJGuBBO+P6dwp cVlhDJ87crsP2ctUn46EUGFw5fFZRPEUqm4r0M/3o8z2ZPDqFxIBwMHEEV2LJtuN lKjHYYWTO9BZOg87pm/HLpNqqTEz7J1eDWVJiRh5kZarp8w5KgZhBhYkltlPKwOo Uh1SvUH+CjgNQTObSLv+e2EJ0So8gi3xBGHOrOdcof33fTsyL4WDvHEIvs4l1jUY f29uha46K3dVZpJtFV3xTiwm6fodWgTR4xhWSAAVI2V8V4KLQMEHu7+eV+cURmme JLdVgzxXw0uZHP874Uy60qR+6KBdEkIvgAoDHmd9jLnZMJTQAcn7PjcZz2z/V25u 3bQ2RrEc85Xqs7adpinL =W1ik -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0383",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0.5"
      },
      {
        "model": "webkit",
        "scope": null,
        "trust": 1.4,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "tvos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "itunes",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "12.0"
      },
      {
        "model": "iphone os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "safari",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "webkit",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "*"
      },
      {
        "model": "itunes",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(windows)"
      },
      {
        "model": "tv",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(apple tv first  2 after generation )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(ipad 2 or later )"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x lion server v10.7.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x mountain lion v10.8.5)"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.1"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x mavericks v10.9)"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x lion v10.7.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x mountain lion v10.8.5)"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(ipod touch first  5 after generation )"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "12.0.1"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x lion v10.7.5)"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.1.1"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x lion server v10.7.5)"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(iphone 4 or later )"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x mavericks v10.9)"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "12.0"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.5"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.3"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.2"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "2"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.2-1"
      },
      {
        "model": "esignal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "esignal",
        "version": "6.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.3.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.3.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.2.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.2.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.2.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.7"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.1.8"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.72"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.0.2.20"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.4"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "64358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5197"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.6",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.0.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5197"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "128734"
      },
      {
        "db": "PACKETSTORM",
        "id": "124511"
      },
      {
        "db": "PACKETSTORM",
        "id": "125644"
      },
      {
        "db": "PACKETSTORM",
        "id": "125646"
      }
    ],
    "trust": 0.4
  },
  "cve": "CVE-2013-5197",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2013-5197",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-65199",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-5197",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201312-377",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-65199",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65199"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5197"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. \nAn attacker may exploit this issue by enticing victims into viewing a malicious webpage. \nSuccessful  exploits may allow attackers to execute arbitrary code in the context of  the affected browser or cause denial-of-service conditions; other attacks may also be possible. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. \n\nFor OS X Mountain Lion systems Safari 6.1 may be obtained from\nMac App Store. \n\nFor OS X Lion systems Safari 6.1 is available via the Apple Software\nUpdate application. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-03-10-1 iOS 7.1\n\niOS 7.1 is now available and addresses the following:\n\nBackup\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A maliciously crafted backup can alter the filesystem\nDescription:  A symbolic link in a backup would be restored, allowing\nsubsequent operations during the restore to write to the rest of the\nfilesystem. This issue was addressed by checking for symbolic links\nduring the restore process. \nCVE-ID\nCVE-2013-5133 : evad3rs\n\nCertificate Trust Policy\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Root certificates have been updated\nDescription:  Several certificates were added to or removed from the\nlist of system roots. \n\nConfiguration Profiles\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Profile expiration dates were not honored\nDescription:  Expiration dates of mobile configuration profiles were\nnot evaluated correctly. The issue was resolved through improved\nhandling of configuration profiles. \nCVE-ID\nCVE-2014-1267\n\nCoreCapture\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application can cause an unexpected system\ntermination\nDescription:  A reachable assertion issue existed in CoreCapture\u0027s\nhandling of IOKit API calls. The issue was addressed through\nadditional validation of input from IOKit. \nCVE-ID\nCVE-2014-1271 : Filippo Bigarella\n\nCrash Reporting\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to change permissions on arbitrary\nfiles\nDescription:  CrashHouseKeeping followed symbolic links while\nchanging permissions on files. This issue was addressed by not\nfollowing symbolic links when changing permissions on files. \nCVE-ID\nCVE-2014-1272 : evad3rs\n\ndyld\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Code signing requirements may be bypassed\nDescription:  Text relocation instructions in dynamic libraries may\nbe loaded by dyld without code signature validation. This issue was\naddressed by ignoring text relocation instructions. \nCVE-ID\nCVE-2014-1273 : evad3rs\n\nFaceTime\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A person with physical access to the device may be able to\naccess FaceTime contacts from the lock screen\nDescription:  FaceTime contacts on a locked device could be exposed\nby making a failed FaceTime call from the lock screen. This issue was\naddressed through improved handling of FaceTime calls. \nCVE-ID\nCVE-2014-1274\n\nImageIO\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in the handling of JPEG2000\nimages in PDF files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-1275 : Felix Groebert of the Google Security Team\n\nImageIO\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted TIFF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in libtiff\u0027s handling of TIFF\nimages. This issue was addressed through additional validation of\nTIFF images. \nCVE-ID\nCVE-2012-2088\n\nImageIO\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted JPEG file may lead to the\ndisclosure of memory contents\nDescription:  An uninitialized memory access issue existed in\nlibjpeg\u0027s handling of JPEG markers, resulting in the disclosure of\nmemory contents. This issue was addressed through additional\nvalidation of JPEG files. \nCVE-ID\nCVE-2013-6629 : Michal Zalewski\n\nIOKit HID Event\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may monitor on user actions in other\napps\nDescription:  An interface in IOKit framework allowed malicious apps\nto monitor on user actions in other apps. This issue was addressed\nthrough improved access control policies in the framework. \nCVE-ID\nCVE-2014-1276 : Min Zheng, Hui Xue, and Dr. Tao (Lenx) Wei of FireEye\n\niTunes Store\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A man-in-the-middle attacker may entice a user into\ndownloading a malicious app via Enterprise App Download\nDescription:  An attacker with a privileged network position could\nspoof network communications to entice a user into downloading a\nmalicious app. This issue was mitigated by using SSL and prompting\nthe user during URL redirects. \nCVE-ID\nCVE-2014-1277 : Stefan Esser\n\nKernel\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to cause an unexpected system\ntermination or arbitrary code execution in the kernel\nDescription:  An out of bounds memory access issue existed in the ARM\nptmx_get_ioctl function. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2014-1278 : evad3rs\n\nOffice Viewer\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Opening a maliciously crafted Microsoft Word document may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription:  A double free issue existed in the handling of\nMicrosoft Word documents. This issue was addressed through improved\nmemory management. \nCVE-ID\nCVE-2014-1252 : Felix Groebert of the Google Security Team\n\nPhotos Backend\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Deleted images may still appear in the Photos app underneath\ntransparent images\nDescription:  Deleting an image from the asset library did not delete\ncached versions of the image. This issue was addressed through\nimproved cache management. \nCVE-ID\nCVE-2014-1281 : Walter Hoelblinger of Hoelblinger.com, Morgan Adams,\nTom Pennington\n\nProfiles\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A configuration profile may be hidden from the user\nDescription:  A configuration profile with a long name could be\nloaded onto the device but was not displayed in the profile UI. The\nissue was addressed through improved handling of profile names. \nCVE-ID\nCVE-2014-1282 : Assaf Hefetz, Yair Amit and Adi Sharabani of Skycure\n\nSafari\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  User credentials may be disclosed to an unexpected site via\nautofill\nDescription:  Safari may have autofilled user names and passwords\ninto a subframe from a different domain than the main frame. This\nissue was addressed through improved origin tracking. \nCVE-ID\nCVE-2013-5227 : Niklas Malmgren of Klarna AB\n\nSettings - Accounts\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A person with physical access to the device may be able to\ndisable Find My iPhone without entering an iCloud password\nDescription:  A state management issue existed in the handling of the\nFind My iPhone state. This issue was addressed through improved\nhandling of Find My iPhone state. \nCVE-ID\nCVE-2014-1284\n\nSpringboard\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A person with physical access to the device may be able to\nsee the home screen of the device even if the device has not been\nactivated\nDescription:  An unexpected application termination during activation\ncould cause the phone to show the home screen. The issue was\naddressed through improved error handling during activation. \nCVE-ID\nCVE-2014-1285 : Roboboi99\n\nSpringBoard Lock Screen\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A remote attacker may be able to cause the lock screen to\nbecome unresponsive\nDescription:  A state management issue existed in the lock screen. \nThis issue was addressed through improved state management. \nCVE-ID\nCVE-2014-1286 : Bogdan Alecu of M-sec.net\n\nTelephonyUI Framework\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A webpage could trigger a FaceTime audio call without user\ninteraction\nDescription:  Safari did not consult the user before launching\nfacetime-audio:// URLs. This issue was addressed with the addition of\na confirmation prompt. \nCVE-ID\nCVE-2013-6835 : Guillaume Ross\n\nUSB Host\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A person with physical access to the device may be able to\ncause arbitrary code execution in kernel mode\nDescription:  A memory corruption issue existed in the handling of\nUSB messages. This issue was addressed through additional validation\nof USB messages. \nCVE-ID\nCVE-2014-1287 : Andy Davis of NCC Group\n\nVideo Driver\nAvailable for:  iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Playing a maliciously crafted video could lead to the device\nbecoming unresponsive\nDescription:  A null dereference issue existed in the handling of\nMPEG-4 encoded files. This issue was addressed through improved\nmemory handling. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2013-2909 : Atte Kettunen of OUSPG\nCVE-2013-2926 : cloudfuzzer\nCVE-2013-2928 : Google Chrome Security Team\nCVE-2013-5196 : Google Chrome Security Team\nCVE-2013-5197 : Google Chrome Security Team\nCVE-2013-5198 : Apple\nCVE-2013-5199 : Apple\nCVE-2013-5225 : Google Chrome Security Team\nCVE-2013-5228 : Keen Team (@K33nTeam) working with HP\u0027s Zero Day\nInitiative\nCVE-2013-6625 : cloudfuzzer\nCVE-2013-6635 : cloudfuzzer\nCVE-2014-1269 : Apple\nCVE-2014-1270 : Apple\nCVE-2014-1289 : Apple\nCVE-2014-1290 : ant4g0nist (SegFault) working with HP\u0027s Zero Day\nInitiative, Google Chrome Security Team\nCVE-2014-1291 : Google Chrome Security Team\nCVE-2014-1292 : Google Chrome Security Team\nCVE-2014-1293 : Google Chrome Security Team\nCVE-2014-1294 : Google Chrome Security Team\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"7.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJTGlvJAAoJEPefwLHPlZEwh2cP/iOvfDbgv78TKX2hsxttcy8l\nNTK4EbpYO0rEpqbQukIHwBrb+PtEWK4tdxWPNQV+8GnCPaLqmMXWxHZPkI02qXjI\nUxYNgPq+9MPcoFFdbbptz4azcwFa0rdsQtxL0MYRrUqW5ml86zjGsVWUDGMDFu9R\nfuujvU/JOGoIYVxFQziEScnMfryw61b/JObcT/mDzXv/IcKhuMzMfp4cbnXq7Mmx\nNOpIQ0syx5oH7jadJA72iX7UyUuoydAcD3gaJDbLLfjEM8giDTL/TmH1HpuJjDHq\nZmj0NMlMqAztoFzpHZxlJ6kYjFYs7heyWgm3HQ+dwT0cDajFEZUEJGuBBO+P6dwp\ncVlhDJ87crsP2ctUn46EUGFw5fFZRPEUqm4r0M/3o8z2ZPDqFxIBwMHEEV2LJtuN\nlKjHYYWTO9BZOg87pm/HLpNqqTEz7J1eDWVJiRh5kZarp8w5KgZhBhYkltlPKwOo\nUh1SvUH+CjgNQTObSLv+e2EJ0So8gi3xBGHOrOdcof33fTsyL4WDvHEIvs4l1jUY\nf29uha46K3dVZpJtFV3xTiwm6fodWgTR4xhWSAAVI2V8V4KLQMEHu7+eV+cURmme\nJLdVgzxXw0uZHP874Uy60qR+6KBdEkIvgAoDHmd9jLnZMJTQAcn7PjcZz2z/V25u\n3bQ2RrEc85Xqs7adpinL\n=W1ik\n-----END PGP SIGNATURE-----\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5197"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "db": "BID",
        "id": "64358"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65199"
      },
      {
        "db": "PACKETSTORM",
        "id": "124511"
      },
      {
        "db": "PACKETSTORM",
        "id": "125644"
      },
      {
        "db": "PACKETSTORM",
        "id": "125646"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-5197",
        "trust": 3.2
      },
      {
        "db": "JVN",
        "id": "JVNVU94229445",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU90170014",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU98366726",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU97537282",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "64358",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-65199",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "128734",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "124511",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "125644",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "125646",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65199"
      },
      {
        "db": "BID",
        "id": "64358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "db": "PACKETSTORM",
        "id": "128734"
      },
      {
        "db": "PACKETSTORM",
        "id": "124511"
      },
      {
        "db": "PACKETSTORM",
        "id": "125644"
      },
      {
        "db": "PACKETSTORM",
        "id": "125646"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5197"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ]
  },
  "id": "VAR-201312-0383",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65199"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:29:38.673000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT6162",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht6162"
      },
      {
        "title": "HT6163",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht6163"
      },
      {
        "title": "HT6082",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht6082"
      },
      {
        "title": "HT6537",
        "trust": 0.8,
        "url": "http://support.apple.com/en-eu/ht6537"
      },
      {
        "title": "HT6084",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht6084"
      },
      {
        "title": "HT6084",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht6084?viewlocale=ja_jp"
      },
      {
        "title": "HT6162",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht6162?viewlocale=ja_jp"
      },
      {
        "title": "HT6163",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht6163?viewlocale=ja_jp"
      },
      {
        "title": "HT6537",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/ht6537"
      },
      {
        "title": "HT6082",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht6082?viewlocale=ja_jp"
      },
      {
        "title": "OSXUpd10.9.1",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=47151"
      },
      {
        "title": "OSXUpd10.8.5",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=47150"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65199"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5197"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
      },
      {
        "trust": 2.5,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht6162"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht6163"
      },
      {
        "trust": 1.7,
        "url": "https://support.apple.com/kb/ht6537"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5197"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu98366726/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu94229445/"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu90170014/"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu97537282/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5197"
      },
      {
        "trust": 0.4,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5228"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5196"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5198"
      },
      {
        "trust": 0.4,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.4,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2909"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5225"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5197"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5199"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/safari/download/"
      },
      {
        "trust": 0.3,
        "url": "http://www.webkit.org/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1269"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1270"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2928"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2926"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6635"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6625"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1291"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1290"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1289"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5195"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5227"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6629"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1267"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1271"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1275"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2088"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1278"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1273"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1272"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1292"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6663"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1268"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1300"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2927"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/itunes/download/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1298"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1293"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1294"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1299"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2875"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2871"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/itunes/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5133"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1252"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1274"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1276"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6835"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1277"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1287"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1279"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1282"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1280"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65199"
      },
      {
        "db": "BID",
        "id": "64358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "db": "PACKETSTORM",
        "id": "128734"
      },
      {
        "db": "PACKETSTORM",
        "id": "124511"
      },
      {
        "db": "PACKETSTORM",
        "id": "125644"
      },
      {
        "db": "PACKETSTORM",
        "id": "125646"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5197"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-65199"
      },
      {
        "db": "BID",
        "id": "64358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "db": "PACKETSTORM",
        "id": "128734"
      },
      {
        "db": "PACKETSTORM",
        "id": "124511"
      },
      {
        "db": "PACKETSTORM",
        "id": "125644"
      },
      {
        "db": "PACKETSTORM",
        "id": "125646"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5197"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-12-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65199"
      },
      {
        "date": "2013-12-16T00:00:00",
        "db": "BID",
        "id": "64358"
      },
      {
        "date": "2013-12-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "date": "2014-10-17T15:14:05",
        "db": "PACKETSTORM",
        "id": "128734"
      },
      {
        "date": "2013-12-19T00:22:22",
        "db": "PACKETSTORM",
        "id": "124511"
      },
      {
        "date": "2014-03-11T02:13:44",
        "db": "PACKETSTORM",
        "id": "125644"
      },
      {
        "date": "2014-03-11T02:19:09",
        "db": "PACKETSTORM",
        "id": "125646"
      },
      {
        "date": "2013-12-18T16:04:28.193000",
        "db": "NVD",
        "id": "CVE-2013-5197"
      },
      {
        "date": "2013-12-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65199"
      },
      {
        "date": "2014-10-21T00:58:00",
        "db": "BID",
        "id": "64358"
      },
      {
        "date": "2014-11-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      },
      {
        "date": "2019-03-08T16:06:29.887000",
        "db": "NVD",
        "id": "CVE-2013-5197"
      },
      {
        "date": "2019-03-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Safari Used in etc.  WebKit Vulnerable to arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005594"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201312-377"
      }
    ],
    "trust": 0.6
  }
}

GHSA-55RC-H8CH-JC7M

Vulnerability from github – Published: 2022-05-14 01:26 – Updated: 2022-05-14 01:26

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-5197"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-12-18T16:04:00Z",
    "severity": "MODERATE"
  },
  "details": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.",
  "id": "GHSA-55rc-h8ch-jc7m",
  "modified": "2022-05-14T01:26:43Z",
  "published": "2022-05-14T01:26:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5197"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT6537"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT6162"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT6163"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-5197 (GCVE-0-2013-5197)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature