FKIE_CVE-2014-4465

Vulnerability from fkie_nvd - Published: 2014-12-10 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element.
References
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2014/Dec/msg00000.htmlVendor Advisory
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00000.htmlVendor Advisory
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2015/Jan/msg00001.htmlVendor Advisory
product-security@apple.comhttp://support.apple.com/HT204245Vendor Advisory
product-security@apple.comhttp://support.apple.com/HT204246Vendor Advisory
product-security@apple.comhttp://support.apple.com/kb/HT6596Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/HT204245Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/HT204246Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6596Vendor Advisory
Impacted products
Vendor Product Version
apple tvos *
apple iphone_os *
apple safari *
apple safari 7.1.0
apple safari 8.0.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C32F3FB-EBDF-4A80-B7D9-42EDEF5DC6F4",
              "versionEndIncluding": "7.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31944D25-25B6-4EA4-92B0-6B03921E0CCE",
              "versionEndIncluding": "8.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38C89287-A21B-4DB4-BC79-8B63CF7E9670",
              "versionEndIncluding": "6.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "845A67F0-7BE6-482C-AE49-D8E9B272BA6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element."
    },
    {
      "lang": "es",
      "value": "WebKit en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1 permite a atacantes remotos evadir Same Origin Policy a trav\u00e9s de secuencias del token CSS (Cascading Style Sheets) dentro de un fichero SVG en el atributo SRC de un elemento IMG."
    }
  ],
  "evaluatorComment": "Per an \u003ca href=\"http://support.apple.com/en-us/HT204246\"\u003eApple Security Advisory\u003c/a\u003e Apple TV  before 7.0.3 was also vulnerable.\nPer an \u003ca href=\"http://support.apple.com/en-us/HT204245\"\u003eApple Security Advisory\u003c/a\u003e Apple iOS before 8.1.3 was also vulnerable.\n\nThese product additions are reflected in the vulnerable configuration.",
  "id": "CVE-2014-4465",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-12-10T21:59:03.257",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/HT204245"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/HT204246"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/HT204245"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/HT204246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6596"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.