6.8

CVE-2015-1153

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiTunes Version <= 12.2
AppleSafari Version <= 6.2.5
AppleSafari Version7.0
AppleSafari Version7.0.1
AppleSafari Version7.0.2
AppleSafari Version7.0.3
AppleSafari Version7.0.4
AppleSafari Version7.0.5
AppleSafari Version7.0.6
AppleSafari Version7.1.0
AppleSafari Version7.1.1
AppleSafari Version7.1.2
AppleSafari Version7.1.3
AppleSafari Version7.1.4
AppleSafari Version7.1.5
AppleSafari Version8.0.0
AppleSafari Version8.0.1
AppleSafari Version8.0.2
AppleSafari Version8.0.3
AppleSafari Version8.0.4
AppleSafari Version8.0.5
AppleiPhone OS Version <= 8.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.13% 0.862
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html
Patch
Vendor Advisory
https://support.apple.com/HT205221
Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
Vendor Advisory
http://support.apple.com/kb/HT204941
Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html
http://www.ubuntu.com/usn/USN-2937-1
http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html
Patch
Vendor Advisory
https://support.apple.com/kb/HT204949
Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/May/msg00000.html
Vendor Advisory
http://www.securitytracker.com/id/1032270
https://support.apple.com/HT204826
Vendor Advisory
http://www.securityfocus.com/bid/74523