CVE-2014-1363: Buffer Overflow
First published: Tue Jul 01 2014(Updated: )
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| tvOS | <=6.1.1 | |
| tvOS | =6.0 | |
| tvOS | =6.0.1 | |
| tvOS | =6.0.2 | |
| tvOS | =6.1 | |
| Apple Mobile Safari | <=6.1.4 | |
| Apple Mobile Safari | =6.0 | |
| Apple Mobile Safari | =6.0.1 | |
| Apple Mobile Safari | =6.0.2 | |
| Apple Mobile Safari | =6.0.3 | |
| Apple Mobile Safari | =6.0.4 | |
| Apple Mobile Safari | =6.0.5 | |
| Apple Mobile Safari | =6.1 | |
| Apple Mobile Safari | =6.1.1 | |
| Apple Mobile Safari | =6.1.2 | |
| Apple Mobile Safari | =6.1.3 | |
| Apple Mobile Safari | =7.0 | |
| Apple Mobile Safari | =7.0.1 | |
| Apple Mobile Safari | =7.0.2 | |
| Apple Mobile Safari | =7.0.3 | |
| Apple Mobile Safari | =7.0.4 | |
| iStyle @cosme iPhone OS | <=7.1.1 | |
| iStyle @cosme iPhone OS | =7.0 | |
| iStyle @cosme iPhone OS | =7.0.1 | |
| iStyle @cosme iPhone OS | =7.0.2 | |
| iStyle @cosme iPhone OS | =7.0.3 | |
| iStyle @cosme iPhone OS | =7.0.4 | |
| iStyle @cosme iPhone OS | =7.0.5 | |
| iStyle @cosme iPhone OS | =7.0.6 | |
| iStyle @cosme iPhone OS | =7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0171.html
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html
- http://secunia.com/advisories/59481
- http://www.securitytracker.com/id/1030495
- https://support.apple.com/kb/HT6537
Frequently Asked Questions
What is the severity of CVE-2014-1363?
CVE-2014-1363 is classified as a critical vulnerability that allows remote attackers to execute arbitrary code.
How do I fix CVE-2014-1363?
To fix CVE-2014-1363, update affected Apple products to the latest version that addresses this vulnerability.
Which versions are affected by CVE-2014-1363?
CVE-2014-1363 affects Apple iOS versions prior to 7.1.2, Apple Safari versions before 6.1.5 and 7.x versions before 7.0.5, and Apple TV versions prior to 6.1.2.
What types of attacks can exploit CVE-2014-1363?
CVE-2014-1363 can be exploited through crafted websites leading to memory corruption and potential application crashes.
Is CVE-2014-1363 being actively exploited in the wild?
There have been reports indicating that CVE-2014-1363 may be actively exploited, making prompt remediation essential.
- agent/references
- agent/type
- agent/severity
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/tvos
- version/tvos/6.1.1
- version/tvos/6.0
- version/tvos/6.0.1
- version/tvos/6.0.2
- version/tvos/6.1
- canonical/apple mobile safari
- version/apple mobile safari/6.1.4
- version/apple mobile safari/6.0
- version/apple mobile safari/6.0.1
- version/apple mobile safari/6.0.2
- version/apple mobile safari/6.0.3
- version/apple mobile safari/6.0.4
- version/apple mobile safari/6.0.5
- version/apple mobile safari/6.1
- version/apple mobile safari/6.1.1
- version/apple mobile safari/6.1.2
- version/apple mobile safari/6.1.3
- version/apple mobile safari/7.0
- version/apple mobile safari/7.0.1
- version/apple mobile safari/7.0.2
- version/apple mobile safari/7.0.3
- version/apple mobile safari/7.0.4
- canonical/istyle @cosme iphone os
- version/istyle @cosme iphone os/7.1.1
- version/istyle @cosme iphone os/7.0
- version/istyle @cosme iphone os/7.0.1
- version/istyle @cosme iphone os/7.0.2
- version/istyle @cosme iphone os/7.0.3
- version/istyle @cosme iphone os/7.0.4
- version/istyle @cosme iphone os/7.0.5
- version/istyle @cosme iphone os/7.0.6
- version/istyle @cosme iphone os/7.1