Login

Tenable Community & Support

Tenable University

CVE-2013-1041

MEDIUM

Description

WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.

References

http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html

http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html

http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html

http://secunia.com/advisories/54886

http://support.apple.com/kb/HT5934

http://support.apple.com/kb/HT6001

http://www.securitytracker.com/id/1029054

Details

Source: MITRE

Published: 2013-09-19

Updated: 2016-11-18

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1.6:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:* versions up to 11.1.3 (inclusive)

Configuration 3

OR

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* versions up to 6.0.5 (inclusive)

Tenable Plugins

View all (10 total)

ID	Name	Product	Family	Severity
72105	Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	high
72104	Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	high
8048	Safari < 6.1 Multiple Security Vulnerabilities	Nessus Network Monitor	Web Clients	medium
70589	Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	high
70588	Apple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	high
70563	Mac OS X : Apple Safari < 6.1 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
70257	Apple TV < 6.0 Multiple Vulnerabilities	Nessus	Misc.	high
69984	Apple iOS < 7 Multiple Vulnerabilities	Nessus	Mobile Devices	high
8095	iTunes for Windows < 11.1.4 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
8013	Apple iOS < 7.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	critical