CVE-2014-4459

Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
References
Link Resource
http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html Mailing List Vendor Advisory
http://secunia.com/advisories/62503 Third Party Advisory
http://support.apple.com/HT204245 Vendor Advisory
http://support.apple.com/HT204246 Vendor Advisory
http://support.apple.com/kb/HT6596 Vendor Advisory
http://www.securityfocus.com/bid/71144 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031230 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/98784 Third Party Advisory VDB Entry
https://support.apple.com/en-us/HT204419 Vendor Advisory
https://support.apple.com/en-us/HT6591 Vendor Advisory
https://support.apple.com/kb/HT204949 Vendor Advisory
http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html Mailing List Vendor Advisory
http://secunia.com/advisories/62503 Third Party Advisory
http://support.apple.com/HT204245 Vendor Advisory
http://support.apple.com/HT204246 Vendor Advisory
http://support.apple.com/kb/HT6596 Vendor Advisory
http://www.securityfocus.com/bid/71144 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031230 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/98784 Third Party Advisory VDB Entry
https://support.apple.com/en-us/HT204419 Vendor Advisory
https://support.apple.com/en-us/HT6591 Vendor Advisory
https://support.apple.com/kb/HT204949 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:10

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html - Mailing List, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html - Mailing List, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html - Mailing List, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html - Mailing List, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html - Mailing List, Vendor Advisory
References () http://secunia.com/advisories/62503 - Third Party Advisory () http://secunia.com/advisories/62503 - Third Party Advisory
References () http://support.apple.com/HT204245 - Vendor Advisory () http://support.apple.com/HT204245 - Vendor Advisory
References () http://support.apple.com/HT204246 - Vendor Advisory () http://support.apple.com/HT204246 - Vendor Advisory
References () http://support.apple.com/kb/HT6596 - Vendor Advisory () http://support.apple.com/kb/HT6596 - Vendor Advisory
References () http://www.securityfocus.com/bid/71144 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/71144 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1031230 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1031230 - Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/98784 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/98784 - Third Party Advisory, VDB Entry
References () https://support.apple.com/en-us/HT204419 - Vendor Advisory () https://support.apple.com/en-us/HT204419 - Vendor Advisory
References () https://support.apple.com/en-us/HT6591 - Vendor Advisory () https://support.apple.com/en-us/HT6591 - Vendor Advisory
References () https://support.apple.com/kb/HT204949 - Vendor Advisory () https://support.apple.com/kb/HT204949 - Vendor Advisory

Information

Published : 2014-11-18 11:59

Updated : 2024-11-21 02:10


NVD link : CVE-2014-4459

Mitre link : CVE-2014-4459

CVE.ORG link : CVE-2014-4459


JSON object : View

Products Affected

apple

  • mac_os_x
  • itunes
  • iphone_os
  • safari
  • tvos