The SQLite authorizer in the Storage functionality in WebKit in Apple Safari prior to 6.2.7, 7.x prior to 7.1.7, and 8.x prior to 8.0.7, as used in Apple iOS prior to 8.4 and other products, does not properly restrict access to SQL functions, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |
||
apple iphone os |
||
apple safari 7.0 |
||
apple safari 7.0.1 |
||
apple safari 7.1.1 |
||
apple safari 7.1.2 |
||
apple safari 8.0.2 |
||
apple safari 8.0.3 |
||
apple safari 7.0.4 |
||
apple safari 7.0.5 |
||
apple safari 7.1.5 |
||
apple safari 7.1.6 |
||
apple safari 8.0.6 |
||
apple safari 7.0.2 |
||
apple safari 7.0.3 |
||
apple safari 7.1.3 |
||
apple safari 7.1.4 |
||
apple safari 8.0.4 |
||
apple safari 8.0.5 |
||
apple safari |
||
apple safari 7.0.6 |
||
apple safari 7.1.0 |
||
apple safari 8.0 |
||
apple safari 8.0.1 |