CVE-2014-1294
tvOS < 6.0.2 - Remote Code Execution via WebKit Memory Corruption
Title source: llmDescription
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/kb/HT6537
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT6163
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT6162
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
Scores
EPSS
0.0212
EPSS Percentile
79.7%
Details
CWE
CWE-119
Status
published
Products (10)
apple/iphone_os
7.0
apple/iphone_os
7.0.1
apple/iphone_os
7.0.2
apple/iphone_os
7.0.3
apple/iphone_os
7.0.4
apple/iphone_os
7.0.5
apple/iphone_os
< 7.0.6
apple/tvos
6.0
apple/tvos
6.0.1
apple/tvos
< 6.0.2
Published
Mar 14, 2014
Tracked Since
Feb 18, 2026