PT-2014-4149 · Apple · Safari
Published
2014-07-01
·
Updated
2015-12-08
·
CVE-2014-1369
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apple Safari versions prior to 6.1.5
Apple Safari versions 7.x prior to 7.0.5
Description
The issue allows user-assisted remote attackers to access file: URLs by leveraging a URL drag operation that originates at a crafted web site.
Recommendations
For Apple Safari versions prior to 6.1.5, update to version 6.1.5 or later.
For Apple Safari versions 7.x prior to 7.0.5, update to version 7.0.5 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Safari