Security Advisory

CVE-2014-1297

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-04-02 15:00:00

Last updated 2024-08-06 09:34:41

Assigner apple

State PUBLISHED

Description

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access.

← Browse all CVEs View on cve.org ↗