New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 5.9
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Apple Safari installed on the remote Mac OS X host is a version prior to 6.2 or 7.1. It is, therefore, affected by the following vulnerabilities :
- An error exists related to saved passwords and the incorrect automatic filling of HTML forms. A remote attacker can exploit this to obtain sensitive information. (CVE-2014-4363)
- Multiple memory corruption errors exist related to the included version of WebKit that can allow application crashes or arbitrary code execution.
(CVE-2013-6663, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4415)
- An error exists related to HTML5 application cache data handling and the included version of WebKit that allows the disclosure of sensitive information from private browsing sessions. (CVE-2014-4409)
SolutionUpgrade to Apple Safari 6.2 / 7.1 or later.