Tenable8324.PRMSafari < 6.1.5 / 7.0.5 Multiple Vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
84.2%
The remote host has Safari installed that is older than 6.1.4 or 7.0.4, and is thus unpatched for the following WebKit vulnerabilities :
- Multiple memory corruption issues within WebKit, which were addressed through improved memory handling (CVE-2014-1325, CVE-2014-1340, CVE-2014-1362, CVE-2014-1363, CVE-2014-1364, CVE-2014-1365, CVE-2014-1366, CVE-2014-1367, CVE-2014-1368, CVE-2014-1382)
- URL spoofing vulnerability due to improper encoding of domain names (CVE-2014-1345)
- Information disclosure vulnerability wherein URLs dragged between windows could allow disclosure of local file content (CVE-2014-1369)
Binary data 8324.prmReferences
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1325
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1340
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1345
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1362
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1363
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1364
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1365
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1366
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1367
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1368
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1369
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1382
packetstormsecurity.com/files/126780/Apple-Security-Advisory-2014-05-12-1.html
support.apple.com/kb/HT6293
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
84.2%