CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-1303

Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.448

EPSS Ranking 97.5%

CVSS Severity

CVSS v2 Score 10.0

References

http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
http://twitter.com/thezdi/statuses/444157530139136000
http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/
https://support.apple.com/kb/HT6537
http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
http://twitter.com/thezdi/statuses/444157530139136000
http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/
https://support.apple.com/kb/HT6537

Products affected by CVE-2014-1303

Apple » Safari » Version: 7.0.2

cpe:2.3:a:apple:safari:7.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-1303

Products

Pricing

Contact Us