WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2014-04-02T15:00:00
Updated: 2024-08-06T09:34:41.125Z
Reserved: 2014-01-08T00:00:00
Link: CVE-2014-1297
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-04-02T16:17:06.870
Modified: 2014-04-02T17:07:49.410
Link: CVE-2014-1297
Redhat