Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. <a href"http://cwe.mitre.org/data/definitions/416.html" rel"nofollow">CWE-416: Use After Free</a>
Per an <a href"http://support.apple.com/en-us/HT204246" rel"nofollow">Apple Security Advisory</a> Apple TV before 7.0.3 was also vulnerable.
Per an <a href"http://support.apple.com/en-us/HT204245" rel"nofollow">Apple Security Advisory</a> Apple iOS before 8.1.3 was also vulnerable.
Per an <a href"http://support.apple.com/en-us/HT6596" rel"nofollow">Apple Security Advisory</a> Apple Safari before versions 8.0.1, 7.1.1 and 6.2.1 were also vulnerable.
These product additions are reflected in the vulnerable configuration.
Publication date: Tue, 18 Nov 2014 17:59:00 +0000