6.8

CVE-2015-3727

WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.

Data is provided by the National Vulnerability Database (NVD)
AppleSafari Version <= 6.2.6
AppleSafari Version7.0
AppleSafari Version7.0.1
AppleSafari Version7.0.2
AppleSafari Version7.0.3
AppleSafari Version7.0.4
AppleSafari Version7.0.5
AppleSafari Version7.0.6
AppleSafari Version7.1.0
AppleSafari Version7.1.1
AppleSafari Version7.1.2
AppleSafari Version7.1.3
AppleSafari Version7.1.4
AppleSafari Version7.1.5
AppleSafari Version7.1.6
AppleSafari Version8.0
AppleSafari Version8.0.1
AppleSafari Version8.0.2
AppleSafari Version8.0.3
AppleSafari Version8.0.4
AppleSafari Version8.0.5
AppleSafari Version8.0.6
AppleiPhone OS Version <= 8.3
ApplemacOS X Version <= 10.10.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.94% 0.753
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P