Remote Code Execution Vulnerability in Apple Safari WebKit
CVE-2014-1268

Currently unrated

Key Information:

Vendor: Apple
Status: Safari; Mac Os X; Mac Os X Server; Webkit
Vendor: CVE Published:; 27 February 2014

Summary

Apple Safari, leveraging the WebKit engine, contains a vulnerability that allows remote attackers to execute arbitrary code or induce a denial of service. This issue arises from memory corruption, enabling attackers to manipulate the Safari browser through specially crafted websites. Users of Safari versions prior to 6.1.2 and 7.x before 7.0.2 are particularly at risk, as their browsers can crash, leading to a disrupted user experience and potential data compromise.

References

http://support.apple.com/kb/HT6145

x_refsource_CONFIRM

https://support.apple.com/kb/HT6537

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 27, 2014
Vulnerability Reserved
Jan 8, 2014