CVE-2014-1362
Apple tvOS < 6.1.1 - Remote Code Execution via Memory Corruption
Title source: llmDescription
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/kb/HT6537
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59481
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030495
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-06/0171.html
Scores
EPSS
0.0253
EPSS Percentile
83.1%
Details
CWE
CWE-119
Status
published
Products (30)
apple/iphone_os
7.0
apple/iphone_os
7.0.1
apple/iphone_os
7.0.2
apple/iphone_os
7.0.3
apple/iphone_os
7.0.4
apple/iphone_os
7.0.5
apple/iphone_os
7.0.6
apple/iphone_os
7.1
apple/iphone_os
< 7.1.1
apple/safari
7.0
... and 20 more
Published
Jul 01, 2014
Tracked Since
Feb 18, 2026