CVE-2014-4459 - OpenCVE

Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Apple	Iphone Os Tvos Safari Itunes Mac Os X

Configuration 1 [-]

OR	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:a:apple:safari::::::::

Configuration 2 [-]

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html	Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html	Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html	Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html	Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html	Mailing List Vendor Advisory
http://secunia.com/advisories/62503	Third Party Advisory
http://support.apple.com/HT204245	Vendor Advisory
http://support.apple.com/HT204246	Vendor Advisory
http://support.apple.com/kb/HT6596	Vendor Advisory
http://www.securityfocus.com/bid/71144	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031230	Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/98784	Third Party Advisory VDB Entry
https://support.apple.com/en-us/HT204419	Vendor Advisory
https://support.apple.com/en-us/HT6591	Vendor Advisory
https://support.apple.com/kb/HT204949	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apple

Published: 2014-11-18T11:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2014-06-20T00:00:00

Link: CVE-2014-4459

JSON object: View

NVD Information

Status : Analyzed

Published: 2014-11-18T11:59:06.747

Modified: 2019-07-16T12:22:39.063

Link: CVE-2014-4459

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-11-17T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/HT204245"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/HT204246"}, {"name": "APPLE-SA-2015-06-30-6", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"}, {"name": "1031230", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1031230"}, {"name": "62503", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62503"}, {"name": "APPLE-SA-2014-11-17-2", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/en-us/HT204419"}, {"name": "APPLE-SA-2015-01-27-2", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"}, {"name": "71144", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/71144"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/kb/HT204949"}, {"name": "APPLE-SA-2015-01-27-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT6596"}, {"name": "APPLE-SA-2014-12-2-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/en-us/HT6591"}, {"name": "macosx-cve20144459-code-exec(98784)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98784"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-4459", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://support.apple.com/HT204245", "refsource": "CONFIRM", "url": "http://support.apple.com/HT204245"}, {"name": "http://support.apple.com/HT204246", "refsource": "CONFIRM", "url": "http://support.apple.com/HT204246"}, {"name": "APPLE-SA-2015-06-30-6", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"}, {"name": "1031230", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031230"}, {"name": "62503", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62503"}, {"name": "APPLE-SA-2014-11-17-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html"}, {"name": "https://support.apple.com/en-us/HT204419", "refsource": "CONFIRM", "url": "https://support.apple.com/en-us/HT204419"}, {"name": "APPLE-SA-2015-01-27-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"}, {"name": "71144", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71144"}, {"name": "https://support.apple.com/kb/HT204949", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT204949"}, {"name": "APPLE-SA-2015-01-27-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"}, {"name": "http://support.apple.com/kb/HT6596", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6596"}, {"name": "APPLE-SA-2014-12-2-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"}, {"name": "https://support.apple.com/en-us/HT6591", "refsource": "CONFIRM", "url": "https://support.apple.com/en-us/HT6591"}, {"name": "macosx-cve20144459-code-exec(98784)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98784"}]}}}}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-4459", "datePublished": "2014-11-18T11:00:00", "dateReserved": "2014-06-20T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "848C5E8F-340F-463F-91A6-AB75CA4E6E68", "versionEndExcluding": "6.2.1", "versionStartIncluding": "6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "DDDE5EF4-7915-4943-AA99-72DF69286739", "versionEndExcluding": "7.1.1", "versionStartIncluding": "7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FA0AB84-C050-42CD-BFA1-EA2B70C774A9", "versionEndExcluding": "8.0.1", "versionStartIncluding": "8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "915153E7-23A1-4214-B59A-7CF71D3ED765", "versionEndExcluding": "10.10.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "6422B418-EC35-4757-9D8F-66920733970D", "versionEndExcluding": "8.1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "matchCriteriaId": "76E53E3D-DDAE-4716-B851-92884CBAF0E2", "versionEndExcluding": "12.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "882872DC-9FE2-4FE8-AD5D-C14BBB2CAC3A", "versionEndExcluding": "7.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document."}, {"lang": "es", "value": "Una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en WebKit, usado en Apple OS X anterior a 10.10.1, permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de objetos de p\u00e1gina en un documento HTML."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/416.html\" rel=\"nofollow\">CWE-416: Use After Free</a>\n\nPer an <a href=\"http://support.apple.com/en-us/HT204246\" rel=\"nofollow\">Apple Security Advisory</a> Apple TV before 7.0.3 was also vulnerable.\nPer an <a href=\"http://support.apple.com/en-us/HT204245\" rel=\"nofollow\">Apple Security Advisory</a> Apple iOS before 8.1.3 was also vulnerable.\nPer an <a href=\"http://support.apple.com/en-us/HT6596\" rel=\"nofollow\">Apple Security Advisory</a> Apple Safari before versions 8.0.1, 7.1.1 and 6.2.1 were also vulnerable.\n\nThese product additions are reflected in the vulnerable configuration.", "id": "CVE-2014-4459", "lastModified": "2019-07-16T12:22:39.063", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-11-18T11:59:06.747", "references": [{"source": "product-security@apple.com", "tags": ["Mailing List", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"}, {"source": "product-security@apple.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/62503"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/HT204245"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/HT204246"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/kb/HT6596"}, {"source": "product-security@apple.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/71144"}, {"source": "product-security@apple.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1031230"}, {"source": "product-security@apple.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98784"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT204419"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT6591"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/kb/HT204949"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}