6.8

CVE-2015-3727

WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari Version <= 6.2.6
AppleSafari Version7.0
AppleSafari Version7.0.1
AppleSafari Version7.0.2
AppleSafari Version7.0.3
AppleSafari Version7.0.4
AppleSafari Version7.0.5
AppleSafari Version7.0.6
AppleSafari Version7.1.0
AppleSafari Version7.1.1
AppleSafari Version7.1.2
AppleSafari Version7.1.3
AppleSafari Version7.1.4
AppleSafari Version7.1.5
AppleSafari Version7.1.6
AppleSafari Version8.0
AppleSafari Version8.0.1
AppleSafari Version8.0.2
AppleSafari Version8.0.3
AppleSafari Version8.0.4
AppleSafari Version8.0.5
AppleSafari Version8.0.6
AppleiPhone OS Version <= 8.3
ApplemacOS X Version <= 10.10.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.94% 0.753
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P