4.3
CVE-2015-1155
- EPSS 10.95%
- Veröffentlicht 08.05.2015 00:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.95% | 0.953 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
http://support.apple.com/kb/HT204941
http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html
http://www.ubuntu.com/usn/USN-2937-1
http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html
http://lists.apple.com/archives/security-announce/2015/May/msg00000.html
http://www.securitytracker.com/id/1032270
https://support.apple.com/HT204826
http://www.securityfocus.com/bid/74527