CVE-2012-3650

medium

Description

WebKit in Apple Safari before 6.0 accesses uninitialized memory locations during the rendering of SVG images, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

References

http://www.securityfocus.com/bid/54703

http://support.apple.com/kb/HT5503

http://support.apple.com/kb/HT5400

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html

Details

Source: Mitre, NVD

Published: 2012-07-25

Updated: 2013-03-22

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N