Lucene search
Tenable8870.PRMHistorySep 17, 2015 - 12:00 a.m.
Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities
2015-09-1700:00:00
Tenable
www.tenable.com
15
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
The version of Safari installed on the remote host is prior to 6.2.6 / 7.1.6 / 8.0.6 and is affected by the following vulnerabilities :
- Multiple memory corruption issues in WebKit due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to cause a denial of service condition or to execute arbitrary code. (CVE-2015-1152, CVE-2015-1153, and CVE-2015-1154)
- An information disclosure vulnerability in WebKit History exists due to a state management flaw and improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to disclose sensitive information from the file system. (CVE-2015-1155)
- A flaw exists in WebKit Page Loading due to improper handling of rel attributes in anchor elements that allows target objects to get unauthorized access to link objects. A remote attacker can exploit this, via a specially crafted web page, to spoof the user interface. (CVE-2015-1156)
Binary data 8870.prmReferences
Related
nessus
nessus
Mac OS X : Apple Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities
2015-05-08 00:00:00
Apple iTunes < 12.2 Multiple Vulnerabilities (credentialed check)
2015-07-03 00:00:00
Apple iTunes < 12.2 Multiple Vulnerabilities (uncredentialed check)
2015-10-26 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities -01 (May 2015) - Mac OS X
2015-05-11 00:00:00
Fedora Update for webkitgtk FEDORA-2016-9
2016-04-11 00:00:00
Mageia: Security Advisory (MGASA-2016-0120)
2016-03-31 00:00:00
threatpost
threatpost
Apple Fixes WebKit Vulnerabilities in Safari Browser
2015-05-07 10:49:05
securityvulns
securityvulns
Apple Safari / Webkit multiple security vulnerabilities
2015-05-10 00:00:00
APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6
2015-05-10 00:00:00
Apple iOS multiple security vulnerabilities
2015-07-05 00:00:00
kaspersky
kaspersky
KLA10573 Multiple vulnerabilities in Apple Safari
2015-05-07 00:00:00
KLA10620 Multiple vulnerabilities in Apple iTunes
2015-06-30 00:00:00
KLA10669 Multiple vulnerabilities in Apple iTunes
2015-09-16 00:00:00
prion
prion
Memory corruption
2015-05-08 00:59:00
Memory corruption
2015-05-08 00:59:00
Memory corruption
2015-05-08 00:59:00
nvd
nvd
cvelist
cvelist
cve
cve
ubuntucve
ubuntucve
zdi
zdi
Apple Safari file:// Redirection Sandbox Escape Vulnerabliity
2015-05-15 00:00:00
myhack58
myhack58
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2016-03-21 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: webkitgtk-2.4.10-1.fc23
2016-03-22 19:55:11
[SECURITY] Fedora 24 Update: webkitgtk-2.4.10-1.fc24
2016-03-27 00:38:11
[SECURITY] Fedora 23 Update: webkitgtk3-2.4.10-1.fc23
2016-03-21 01:53:49
mageia
mageia
Updated webkit packages fix security vulnerability
2016-03-25 09:38:37
Updated webkit2 packages fix security vulnerability
2016-03-25 09:38:37
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
Related for 8870.PRM