CyberSec.Space Logo
Back to CVE Browser

CVE-2014-1300

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1260%
EPSS Percentile13.54th
PublishedMar 26, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014.

Affected Platforms (CPE)

πŸ“¦
Apple

Safari

= 7.0.2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
πŸ”— http://twitter.com/thezdi/statuses/443796547872903168
πŸ”— http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/
πŸ”— https://support.apple.com/kb/HT6537
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html

Related Vulnerabilities

CVE-2004-053910.0

The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which cou...

CVE-2007-284310.0

Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via J...

CVE-2004-009210.0

Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.

CVE-2008-230310.0

Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitra...