2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2015-1155" ,
"sourceIdentifier" : "product-security@apple.com" ,
"published" : "2015-05-08T00:59:03.953" ,
2024-11-22 23:14:22 +00:00
"lastModified" : "2024-11-21T02:24:47.570" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site."
} ,
{
"lang" : "es" ,
"value" : "La implementaci\u00f3n de historial en WebKit, utilizado en Apple Safari anterior a 6.2.6, 7.x anterior a 7.1.6, y 8.x anterior a 8.0.6, permite a atacantes remotos evadir Same Origin Policy y leer ficheros arbitrarios a trav\u00e9s de un sitio web manipulado."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N" ,
2024-11-22 23:14:22 +00:00
"baseScore" : 4.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "NONE" ,
2024-11-22 23:14:22 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-264"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "8.3" ,
"matchCriteriaId" : "EB31BE7C-CB6D-447E-AFF8-618998950FC5"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "6.2.5" ,
"matchCriteriaId" : "C2354C83-9358-405A-9336-38D43BA143AC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "391B4255-4434-4EB3-929B-3E593D9CD249"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "40B87D10-55B3-42E7-8FF6-93EDF003337D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "49457917-495E-4D17-A0AB-D2A163D4721D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "223B13DA-9328-46C2-8426-3182D55E6669"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AD636DF3-E590-4603-9D18-CC2375A97750"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A0F8336F-D0F8-4337-9DF6-51B60F8A2E9B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "79C2EF49-A9F0-4612-903A-A3A95805277E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0E1934F2-5917-4C15-8869-82C557BF430D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "845A67F0-7BE6-482C-AE49-D8E9B272BA6C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FB1C61F7-BAF4-4061-8B1A-D7F8D597F2D5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6A5C7D83-EA9E-4E26-910D-8471252723EF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BE29EE2D-9EA8-4486-BC3F-B0CCF9C396F6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7FDB5E2A-F3BD-4500-922E-A191C45DE93C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E55F641-AC7F-41AD-BB6A-F69831DAD49E"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" ,
"source" : "product-security@apple.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html" ,
"source" : "product-security@apple.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html" ,
"source" : "product-security@apple.com"
} ,
{
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html" ,
"source" : "product-security@apple.com"
} ,
{
"url" : "http://support.apple.com/kb/HT204941" ,
"source" : "product-security@apple.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://www.securityfocus.com/bid/74527" ,
"source" : "product-security@apple.com"
} ,
{
"url" : "http://www.securitytracker.com/id/1032270" ,
"source" : "product-security@apple.com"
} ,
{
"url" : "http://www.ubuntu.com/usn/USN-2937-1" ,
"source" : "product-security@apple.com"
} ,
{
"url" : "https://support.apple.com/HT204826" ,
"source" : "product-security@apple.com" ,
"tags" : [
"Vendor Advisory"
]
2024-11-22 23:14:22 +00:00
} ,
{
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://support.apple.com/kb/HT204941" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://www.securityfocus.com/bid/74527" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securitytracker.com/id/1032270" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.ubuntu.com/usn/USN-2937-1" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://support.apple.com/HT204826" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
