Vulnerability Description
Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Safari | 7.0.2 |
| Apple | Mac Os X | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
- http://twitter.com/thezdi/statuses/443796547872903168
- http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/
- https://support.apple.com/kb/HT6537
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
- http://twitter.com/thezdi/statuses/443796547872903168
- http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/
- https://support.apple.com/kb/HT6537
FAQ
What is CVE-2014-1300?
CVE-2014-1300 is a vulnerability with a CVSS score of 10.0 (HIGH). Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competiti...
How severe is CVE-2014-1300?
CVE-2014-1300 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-1300?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari, Apple Mac Os X.