6.8

CVE-2014-1270

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269.

Data is provided by the National Vulnerability Database (NVD)
AppleSafari Version <= 6.1.1
AppleSafari Version6.0
AppleSafari Version6.0.1
AppleSafari Version6.0.2
AppleSafari Version6.0.3
AppleSafari Version6.0.4
AppleSafari Version6.0.5
AppleSafari Version6.1
AppleSafari Version7.0
AppleSafari Version7.0.1
ApplemacOS X Version10.7.0
ApplemacOS X Version10.7.1
ApplemacOS X Version10.7.2
ApplemacOS X Version10.7.3
ApplemacOS X Version10.7.4
ApplemacOS X Version10.7.5
ApplemacOS X Version10.8.0
ApplemacOS X Version10.8.1
ApplemacOS X Version10.8.2
ApplemacOS X Version10.8.3
ApplemacOS X Version10.8.4
ApplemacOS X Version10.8.5
ApplemacOS X Version10.8.5 Updatesupplemental_update
ApplemacOS X Version10.9
ApplemacOS X Version10.9.1
ApplemacOS X Server Version10.7.0
ApplemacOS X Server Version10.7.1
ApplemacOS X Server Version10.7.2
ApplemacOS X Server Version10.7.3
ApplemacOS X Server Version10.7.4
ApplemacOS X Server Version10.7.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 1.05% 0.766
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.