Fluid Attacks Database

Description

Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package
rpm rhel6	webkitgtk
rpm rhel7	webkitgtk3

Aliases

1. CVE-2014-13032. NVD-2014-13033. OSV-2014-1303

References

1. https://github.com/RKX1209/CVE-2014-1303

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.