Lucene search

[email protected]CVE-2015-7011

HistoryOct 23, 2015 - 9:59 p.m.

CVE-2015-7011

2015-10-2321:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-7011

webkit

apple safari

itunes

remote code execution

denial of service

memory corruption

application crash

nvd

vulnerability

7.7 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.1%

JSON

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.

CPENameOperatorVersion
apple:safariapple safarile9.0
apple:itunesapple itunesle12.3.0

CPE	Name	Operator	Version
apple:safari	apple safari	le	9.0
apple:itunes	apple itunes	le	12.3.0

References

lists.apple.com/archives/security-announce/2015/Oct/msg00004.html

lists.apple.com/archives/security-announce/2015/Oct/msg00006.html

www.securityfocus.com/bid/77264

www.securitytracker.com/id/1033939

support.apple.com/HT205372

support.apple.com/HT205377

7.7 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.1%

JSON

Related for CVE-2015-7011

ubuntucve1 prion1 nessus3 openvas2 securityvulns4 kaspersky1