admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-36xx/CVE-2015-3658.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

248 lines
8.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-3658",
"sourceIdentifier": "product-security@apple.com",
"published": "2015-07-03T01:59:17.370",
"lastModified": "2016-12-28T02:59:14.183",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site."
},
{
"lang": "es",
"value": "La funcionalidad Page Loading en WebKit en Apple Safari anterior a 6.2.7, 7.x anterior a 7.1.7, y 8.x anterior a 8.0.7, utilizado en Apple iOS anterior a 8.4 y otros productos, no considera correctamente las redirecciones durante decisiones sobre el env\u00edo de una cabecera Origin, lo que facilita a atacantes remotos evadir los mecanismos de protecci\u00f3n CSRF a trav\u00e9s de un sitio web manipulado."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-254"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.2.6",
"matchCriteriaId": "F3CBE396-522D-42D2-90D8-EC816E582642"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "391B4255-4434-4EB3-929B-3E593D9CD249"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40B87D10-55B3-42E7-8FF6-93EDF003337D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49457917-495E-4D17-A0AB-D2A163D4721D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "223B13DA-9328-46C2-8426-3182D55E6669"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD636DF3-E590-4603-9D18-CC2375A97750"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F8336F-D0F8-4337-9DF6-51B60F8A2E9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79C2EF49-A9F0-4612-903A-A3A95805277E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0E1934F2-5917-4C15-8869-82C557BF430D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3567D600-C756-4FB5-B4B1-9B014A990A7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3587E5B7-4B66-4DB4-86A3-6E37034747C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1C61F7-BAF4-4061-8B1A-D7F8D597F2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5C7D83-EA9E-4E26-910D-8471252723EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BE29EE2D-9EA8-4486-BC3F-B0CCF9C396F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7FDB5E2A-F3BD-4500-922E-A191C45DE93C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2E55F641-AC7F-41AD-BB6A-F69831DAD49E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C46A6C6-292D-4F67-9DF4-DFA01DCEA387"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.3",
"matchCriteriaId": "EB31BE7C-CB6D-447E-AFF8-618998950FC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.10.3",
"matchCriteriaId": "68566BD8-D5DD-4747-9C9A-59154400EBFA"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00004.html",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html",
"source": "product-security@apple.com"
},
{
"url": "http://support.apple.com/kb/HT204941",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT204950",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/75492",
"source": "product-security@apple.com"
},
{
"url": "http://www.securitytracker.com/id/1032754",
"source": "product-security@apple.com"
},
{
"url": "http://www.ubuntu.com/usn/USN-2937-1",
"source": "product-security@apple.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink