[SECURITY] Fedora 24 Update: webkitgtk3-2.4.10-1.fc24

2016-03-27T00:38:22

Description

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

Affected Package

OS	OS Version	Package Name	Package Version
Fedora	24	webkitgtk3	2.4.10

{"id": "FEDORA:9981A609AE8A", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 24 Update: webkitgtk3-2.4.10-1.fc24", "description": "WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. ", "published": "2016-03-27T00:38:22", "modified": "2016-03-27T00:38:22", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QLY3S4JQ5ORQS3K7MZFF3JIM7FUCGPX7/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "immutableFields": [], "lastseen": "2020-12-21T08:17:53", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "apple", "idList": ["APPLE:7D9C7B44369268A6612132443552A66B", "APPLE:HT205795"]}, {"type": "chrome", "idList": ["GCSA-1351827519904992397"]}, {"type": "cve", "idList": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1154", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2939-1:3EA17", "DEBIAN:DSA-2939-1:5D129"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-1748"]}, {"type": "fedora", "idList": ["FEDORA:333BF6016168", "FEDORA:3FFBD608DDB3", "FEDORA:568856077DDB", "FEDORA:E319A6098B3F", "FEDORA:EBF24604237F"]}, {"type": "freebsd", "idList": ["1091D2D1-CB2E-11E5-B14B-BCAEC565249C", "64F3872B-E05D-11E3-9DD4-00262D5ED8EE"]}, {"type": "gentoo", "idList": ["GLSA-201408-16"]}, {"type": "kaspersky", "idList": ["KLA10007", "KLA10466", "KLA10573", "KLA10620", "KLA10669", "KLA10685"]}, {"type": "mageia", "idList": ["MGASA-2016-0116", "MGASA-2016-0120"]}, {"type": "myhack58", "idList": ["MYHACK58:62201564175"]}, {"type": "nessus", "idList": ["8263.PASL", "8590.PRM", "8695.PRM", "8696.PRM", "8870.PRM", "8949.PRM", "8950.PRM", "8958.PRM", "8976.PRM", "8977.PRM", "8978.PRM", "8979.PRM", "9028.PRM", "9328.PRM", "9333.PRM", "APPLETV_7_2.NASL", "APPLETV_7_2_1.NASL", "APPLE_IOS_83_CHECK.NBIN", "APPLE_IOS_841_CHECK.NBIN", "APPLE_IOS_84_CHECK.NBIN", "APPLE_IOS_90_CHECK.NBIN", "APPLE_IOS_91_CHECK.NBIN", "DEBIAN_DSA-2939.NASL", "FEDORA_2016-1A7F7FFB58.NASL", "FEDORA_2016-5D6D75DBEA.NASL", "FEDORA_2016-9EC1850FFF.NASL", "FEDORA_2016-A4FCB02D6B.NASL", "FEDORA_2016-D132DBB529.NASL", "FEDORA_2016-FDE7FFCB77.NASL", "FREEBSD_PKG_1091D2D1CB2E11E5B14BBCAEC565249C.NASL", "FREEBSD_PKG_64F3872BE05D11E39DD400262D5ED8EE.NASL", "GENTOO_GLSA-201408-16.NASL", "GOOGLE_CHROME_35_0_1916_114.NASL", "ITUNES_12_2_0.NASL", "ITUNES_12_2_0_BANNER.NASL", "ITUNES_12_3_0.NASL", "ITUNES_12_3_0_BANNER.NASL", "ITUNES_12_3_1.NASL", "ITUNES_12_3_1_BANNER.NASL", "MACOSX_10_10_5.NASL", "MACOSX_10_11.NASL", "MACOSX_GOOGLE_CHROME_35_0_1916_114.NASL", "MACOSX_SAFARI8_0_2.NASL", "MACOSX_SAFARI8_0_4.NASL", "MACOSX_SAFARI8_0_5.NASL", "MACOSX_SAFARI8_0_6.NASL", "MACOSX_SAFARI8_0_7.NASL", "MACOSX_SAFARI8_0_8.NASL", "MACOSX_SAFARI9_0.NASL", "MACOSX_SAFARI9_0_1.NASL", "MACOSX_SECUPD2015-006.NASL", "OPENSUSE-2014-420.NASL", "OPENSUSE-2016-340.NASL", "OPENSUSE-2016-412.NASL", "OPERA_2200.NASL", "UBUNTU_USN-2298-1.NASL", "UBUNTU_USN-2937-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121260", "OPENVAS:1361412562310131278", "OPENVAS:1361412562310131282", "OPENVAS:1361412562310702939", "OPENVAS:1361412562310804616", "OPENVAS:1361412562310804617", "OPENVAS:1361412562310804618", "OPENVAS:1361412562310805467", "OPENVAS:1361412562310805498", "OPENVAS:1361412562310805613", "OPENVAS:1361412562310805675", "OPENVAS:1361412562310805968", "OPENVAS:1361412562310805989", "OPENVAS:1361412562310806063", "OPENVAS:1361412562310806608", "OPENVAS:1361412562310806609", "OPENVAS:1361412562310807720", "OPENVAS:1361412562310807724", "OPENVAS:1361412562310807742", "OPENVAS:1361412562310841913", "OPENVAS:1361412562310842701", "OPENVAS:702939"]}, {"type": "osv", "idList": ["OSV:DSA-2939-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30793", "SECURITYVULNS:DOC:31492", "SECURITYVULNS:DOC:31803", "SECURITYVULNS:DOC:31882", "SECURITYVULNS:DOC:31891", "SECURITYVULNS:DOC:31930", "SECURITYVULNS:DOC:32012", "SECURITYVULNS:DOC:32262", "SECURITYVULNS:DOC:32263", "SECURITYVULNS:DOC:32265", "SECURITYVULNS:DOC:32389", "SECURITYVULNS:DOC:32392", "SECURITYVULNS:DOC:32514", "SECURITYVULNS:DOC:32517", "SECURITYVULNS:DOC:32519", "SECURITYVULNS:DOC:32563", "SECURITYVULNS:DOC:32565", "SECURITYVULNS:DOC:32567", "SECURITYVULNS:VULN:13748", "SECURITYVULNS:VULN:14148", "SECURITYVULNS:VULN:14326", "SECURITYVULNS:VULN:14356", "SECURITYVULNS:VULN:14367", "SECURITYVULNS:VULN:14402", "SECURITYVULNS:VULN:14452", "SECURITYVULNS:VULN:14559", "SECURITYVULNS:VULN:14561", "SECURITYVULNS:VULN:14629", "SECURITYVULNS:VULN:14631", "SECURITYVULNS:VULN:14696", "SECURITYVULNS:VULN:14698", "SECURITYVULNS:VULN:14700"]}, {"type": "threatpost", "idList": ["THREATPOST:91159E4B96B0C8149A93B2FF3CF47C01", "THREATPOST:BE295CCB6FC1FBBC4D99DAD78F09067A"]}, {"type": "ubuntu", "idList": ["USN-2298-1", "USN-2937-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-1748", "UB:CVE-2015-1071", "UB:CVE-2015-1076", "UB:CVE-2015-1081", "UB:CVE-2015-1083", "UB:CVE-2015-1120", "UB:CVE-2015-1122", "UB:CVE-2015-1127", "UB:CVE-2015-1152", "UB:CVE-2015-1153", "UB:CVE-2015-1154", "UB:CVE-2015-1155", "UB:CVE-2015-3658", "UB:CVE-2015-3659", "UB:CVE-2015-3727", "UB:CVE-2015-3731", "UB:CVE-2015-3741", "UB:CVE-2015-3743", "UB:CVE-2015-3745", "UB:CVE-2015-3747", "UB:CVE-2015-3748", "UB:CVE-2015-3749", "UB:CVE-2015-3752", "UB:CVE-2015-5788", "UB:CVE-2015-5794", "UB:CVE-2015-5801", "UB:CVE-2015-5809", "UB:CVE-2015-5822", "UB:CVE-2015-5928"]}, {"type": "zdi", "idList": ["ZDI-15-228", "ZDI-15-281", "ZDI-15-291"]}]}, "score": {"value": 1.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "apple", "idList": ["APPLE:HT205795"]}, {"type": "cve", "idList": ["CVE-2014-1748"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2939-1:5D129"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-1748"]}, {"type": "fedora", "idList": ["FEDORA:E319A6098B3F"]}, {"type": "freebsd", "idList": ["64F3872B-E05D-11E3-9DD4-00262D5ED8EE"]}, {"type": "kaspersky", "idList": ["KLA10669"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/GATHER/SAFARI_FILE_URL_NAVIGATION"]}, {"type": "myhack58", "idList": ["MYHACK58:62201564175"]}, {"type": "nessus", "idList": ["8695.PRM", "FREEBSD_PKG_1091D2D1CB2E11E5B14BBCAEC565249C.NASL", "MACOSX_SAFARI8_0_6.NASL", "UBUNTU_USN-2298-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310131278", "OPENVAS:1361412562310805675", "OPENVAS:1361412562310841913"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32012", "SECURITYVULNS:VULN:14326", "SECURITYVULNS:VULN:14629"]}, {"type": "threatpost", "idList": ["THREATPOST:BE295CCB6FC1FBBC4D99DAD78F09067A"]}, {"type": "ubuntu", "idList": ["USN-2298-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-3743"]}, {"type": "zdi", "idList": ["ZDI-15-228"]}]}, "exploitation": null, "vulnersScore": 1.8}, "_state": {"dependencies": 1659998956, "score": 1659892597}, "_internal": {"score_hash": "b08d47d86de3d2e3771ff17958c64280"}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "24", "arch": "any", "packageName": "webkitgtk3", "packageVersion": "2.4.10", "packageFilename": "UNKNOWN", "operator": "lt"}]}

{"ubuntu": [{"lastseen": "2022-01-04T12:29:18", "description": "A large number of security issues were discovered in the WebKitGTK+ Web and \nJavaScript engines. If a user were tricked into viewing a malicious \nwebsite, a remote attacker could exploit a variety of issues related to web \nbrowser security, including cross-site scripting attacks, denial of service \nattacks, and arbitrary code execution.\n", "cvss3": {}, "published": "2016-03-21T00:00:00", "type": "ubuntu", "title": "WebKitGTK+ vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3659", "CVE-2014-1748", "CVE-2015-3658", "CVE-2015-3743", "CVE-2015-5794", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-5788", "CVE-2015-1127", "CVE-2015-3741", "CVE-2015-5801", "CVE-2015-5822", "CVE-2015-5928", "CVE-2015-1071", "CVE-2015-1122", "CVE-2015-3731", "CVE-2015-3727", "CVE-2015-5809", "CVE-2015-1153", "CVE-2015-3752", "CVE-2015-1155", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3745", "CVE-2015-3749", "CVE-2015-1120"], "modified": "2016-03-21T00:00:00", "id": "USN-2937-1", "href": "https://ubuntu.com/security/notices/USN-2937-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-04T12:49:44", "description": "A type confusion bug was discovered in V8. If a user were tricked in to \nopening a specially crafted website, an attacker could potentially exploit \nthis to cause a denial of service via renderer crash, or execute arbitrary \ncode with the privileges of the sandboxed render process. (CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked in to \nopening a specially crafted website, an attacker could potentially exploit \nthis to cause a denial of service via renderer crash, or execute arbitrary \ncode with the privileges of the sandboxed render process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered in \nChromium. If a user were tricked in to opening a specially crafted website, \nan attacker could potentially exploit these to cause a denial of service via \napplication crash or execute arbitrary code with the privileges of the \nuser invoking the program. (CVE-2014-1735, CVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets \nimplementation. If a user were tricked in to opening a specially crafted \nwebsite, an attacker could potentially exploit these to cause a denial of \nservice via application crash or execute arbitrary code with the \nprivileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData \nimplementation. If a user were tricked in to opening a specially crafted \nwebsite, an attacker could potentially exploit these to cause a denial of \nservice via renderer crash or execute arbitrary code with the privileges \nof the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit these to cause a denial of service via renderer crash \nor execute arbitrary code with the privileges of the sandboxed render \nprocess. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit this to cause a denial of service via application \ncrash or execute arbitrary code with the privileges of the user invoking \nthe program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were tricked \nin to opening a specially crafter website, an attacker could potentially \nexploit this to cause a denial of service via application crash. \n(CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in to \nthe parent frame in some circumstances. An attacker could potentially \nexploit this to conduct clickjacking attacks via UI redress. \n(CVE-2014-1748)\n\nAn integer underflow was discovered in Blink. If a user were tricked in to \nopening a specially crafter website, an attacker could potentially exploit \nthis to cause a denial of service via renderer crash or execute arbitrary \ncode with the privileges of the sandboxed render process. (CVE-2014-3152)\n\nA use-after-free was discovered in Chromium. If a use were tricked in to \nopening a specially crafted website, an attacker could potentially exploit \nthis to cause a denial of service via renderer crash or execute arbitrary \ncode with the privileges of the sandboxed render process. \n(CVE-2014-3154)\n\nA security issue was discovered in the SPDY implementation. An attacker \ncould potentially exploit this to cause a denial of service via \napplication crash or execute arbitrary code with the privileges of the \nuser invoking the program. (CVE-2014-3155)\n\nA heap overflow was discovered in Chromium. If a use were tricked in to \nopening a specially crafted website, an attacker could potentially exploit \nthis to cause a denial of service via renderer crash or execute arbitrary \ncode with the privileges of the sandboxed render process. (CVE-2014-3157)\n\nIt was discovered that Blink did not enforce security rules for \nsubresource loading in SVG images. If a user opened a site that embedded a \nspecially crafted image, an attacker could exploit this to log page views. \n(CVE-2014-3160)\n\nIt was discovered that the SpeechInput feature in Blink could be activated \nwithout consent or any visible indication. If a user were tricked in to \nopening a specially crafted website, an attacker could exploit this to \neavesdrop on the user. (CVE-2014-3803)\n", "cvss3": {}, "published": "2014-07-23T00:00:00", "type": "ubuntu", "title": "Oxide vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3803", "CVE-2014-1741", "CVE-2014-3154", "CVE-2014-1748", "CVE-2014-3162", "CVE-2014-1735", "CVE-2014-1740", "CVE-2014-1730", "CVE-2014-1742", "CVE-2014-1744", "CVE-2014-3152", "CVE-2014-3155", "CVE-2014-3157", "CVE-2014-1731", "CVE-2014-3160", "CVE-2014-1746", "CVE-2014-1743"], "modified": "2014-07-23T00:00:00", "id": "USN-2298-1", "href": "https://ubuntu.com/security/notices/USN-2298-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}], "nessus": [{"lastseen": "2021-08-19T12:42:26", "description": "This update for webkitgtk fixes the following issues :\n\n - webkitgtk was updated to version 2.4.10 (boo#971460) :\n\n + Fix rendering of form controls and scrollbars with GTK+ >= 3.19.\n\n + Fix crashes on PPC64.\n\n + Fix the build on powerpc 32 bits.\n\n + Add ARM64 build support.\n\n + Security fixes: CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081, CVE-2015-1122, CVE-2015-1155, CVE-2014-1748, CVE-2015-3752, CVE-2015-5809, CVE-2015-5928, CVE-2015-3749, CVE-2015-3659, CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745, CVE-2015-5822, CVE-2015-3658, CVE-2015-3741, CVE-2015-3727, CVE-2015-5801, CVE-2015-5788, CVE-2015-3747, CVE-2015-5794, CVE-2015-1127, CVE-2015-1153, CVE-2015-1083.\n\n + Updated translations.", "cvss3": {"score": null, "vector": null}, "published": "2016-04-01T00:00:00", "type": "nessus", "title": "openSUSE Security Update : webkitgtk (openSUSE-2016-412)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0", "p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-32bit", "p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-debuginfo", "p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0", "p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-32bit", "p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-debuginfo", "p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libwebkitgtk-devel", "p-cpe:/a:novell:opensuse:libwebkitgtk2-lang", "p-cpe:/a:novell:opensuse:libwebkitgtk3-devel", "p-cpe:/a:novell:opensuse:libwebkitgtk3-lang", "p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-1_0", "p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-3_0", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit-1_0", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit-3_0", "p-cpe:/a:novell:opensuse:webkit-jsc-1", "p-cpe:/a:novell:opensuse:webkit-jsc-1-debuginfo", "p-cpe:/a:novell:opensuse:webkit-jsc-3", "p-cpe:/a:novell:opensuse:webkit-jsc-3-debuginfo", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-412.NASL", "href": "https://www.tenable.com/plugins/nessus/90259", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-412.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90259);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\", \"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\", \"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\", \"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n\n script_name(english:\"openSUSE Security Update : webkitgtk (openSUSE-2016-412)\");\n script_summary(english:\"Check for the openSUSE-2016-412 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for webkitgtk fixes the following issues :\n\n - webkitgtk was updated to version 2.4.10 (boo#971460) :\n\n + Fix rendering of form controls and scrollbars with GTK+\n >= 3.19.\n\n + Fix crashes on PPC64.\n\n + Fix the build on powerpc 32 bits.\n\n + Add ARM64 build support.\n\n + Security fixes: CVE-2015-1120, CVE-2015-1076,\n CVE-2015-1071, CVE-2015-1081, CVE-2015-1122,\n CVE-2015-1155, CVE-2014-1748, CVE-2015-3752,\n CVE-2015-5809, CVE-2015-5928, CVE-2015-3749,\n CVE-2015-3659, CVE-2015-3748, CVE-2015-3743,\n CVE-2015-3731, CVE-2015-3745, CVE-2015-5822,\n CVE-2015-3658, CVE-2015-3741, CVE-2015-3727,\n CVE-2015-5801, CVE-2015-5788, CVE-2015-3747,\n CVE-2015-5794, CVE-2015-1127, CVE-2015-1153,\n CVE-2015-1083.\n\n + Updated translations.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=971460\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkitgtk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-1_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-3_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-1_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-3_0-0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk2-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkitgtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit-3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libjavascriptcoregtk-1_0-0-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libjavascriptcoregtk-1_0-0-debuginfo-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libjavascriptcoregtk-3_0-0-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libjavascriptcoregtk-3_0-0-debuginfo-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwebkitgtk-1_0-0-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwebkitgtk-1_0-0-debuginfo-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwebkitgtk-3_0-0-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwebkitgtk-3_0-0-debuginfo-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwebkitgtk-devel-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwebkitgtk2-lang-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwebkitgtk3-devel-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libwebkitgtk3-lang-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"typelib-1_0-JavaScriptCore-1_0-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"typelib-1_0-JavaScriptCore-3_0-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"typelib-1_0-WebKit-1_0-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"typelib-1_0-WebKit-3_0-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"webkit-jsc-1-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"webkit-jsc-1-debuginfo-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"webkit-jsc-3-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"webkit-jsc-3-debuginfo-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-1_0-0-32bit-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-1_0-0-debuginfo-32bit-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-3_0-0-32bit-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-3_0-0-debuginfo-32bit-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwebkitgtk-1_0-0-32bit-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwebkitgtk-1_0-0-debuginfo-32bit-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwebkitgtk-3_0-0-32bit-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libwebkitgtk-3_0-0-debuginfo-32bit-2.4.10-13.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libjavascriptcoregtk-1_0-0-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libjavascriptcoregtk-1_0-0-debuginfo-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libjavascriptcoregtk-3_0-0-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libjavascriptcoregtk-3_0-0-debuginfo-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkitgtk-1_0-0-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkitgtk-1_0-0-debuginfo-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkitgtk-3_0-0-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkitgtk-3_0-0-debuginfo-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkitgtk-devel-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkitgtk2-lang-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkitgtk3-devel-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkitgtk3-lang-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"typelib-1_0-JavaScriptCore-1_0-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"typelib-1_0-JavaScriptCore-3_0-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"typelib-1_0-WebKit-1_0-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"typelib-1_0-WebKit-3_0-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit-jsc-1-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit-jsc-1-debuginfo-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit-jsc-3-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit-jsc-3-debuginfo-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-1_0-0-32bit-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-1_0-0-debuginfo-32bit-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-3_0-0-32bit-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-3_0-0-debuginfo-32bit-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libwebkitgtk-1_0-0-32bit-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libwebkitgtk-1_0-0-debuginfo-32bit-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libwebkitgtk-3_0-0-32bit-2.4.10-7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libwebkitgtk-3_0-0-debuginfo-32bit-2.4.10-7.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-1_0-0 / libjavascriptcoregtk-1_0-0-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:42:30", "description": "This update addresses the following vulnerabilities: * [CVE-2015-1120](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1120) * [CVE-2015-1076](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1076) * [CVE-2015-1071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1071) * [CVE-2015-1081](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1081) * [CVE-2015-1122](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1122) * [CVE-2015-1155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1155) * [CVE-2014-1748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 4-1748) * [CVE-2015-3752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3752) * [CVE-2015-5809](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5809) * [CVE-2015-5928](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5928) * [CVE-2015-3749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3749) * [CVE-2015-3659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3659) * [CVE-2015-3748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3748) * [CVE-2015-3743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3743) * [CVE-2015-3731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3731) * [CVE-2015-3745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3745) * [CVE-2015-5822](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5822) * [CVE-2015-3658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3658) * [CVE-2015-3741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3741) * [CVE-2015-3727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3727) * [CVE-2015-5801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5801) * [CVE-2015-5788](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5788) * [CVE-2015-3747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-3747) * [CVE-2015-5794](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-5794) * [CVE-2015-1127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1127) * [CVE-2015-1153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1153) * [CVE-2015-1083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 5-1083) Additional fixes: * Fix crashes on PowerPC 64. * Fix the build on PowerPC 32.\n\n - Add ARM64 build support. Translation updates * German * Spanish * French\n\n - Italian * Korean * Brazilian Portuguese * Russian * Chinese.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-04-01T00:00:00", "type": "nessus", "title": "Fedora 22 : webkitgtk-2.4.10-1.fc22 (2016-9ec1850fff)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkitgtk", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-9EC1850FFF.NASL", "href": "https://www.tenable.com/plugins/nessus/90283", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-9ec1850fff.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90283);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\", \"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\", \"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\", \"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n script_xref(name:\"FEDORA\", value:\"2016-9ec1850fff\");\n\n script_name(english:\"Fedora 22 : webkitgtk-2.4.10-1.fc22 (2016-9ec1850fff)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following vulnerabilities: *\n[CVE-2015-1120](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1120) *\n[CVE-2015-1076](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1076) *\n[CVE-2015-1071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1071) *\n[CVE-2015-1081](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1081) *\n[CVE-2015-1122](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1122) *\n[CVE-2015-1155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1155) *\n[CVE-2014-1748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n4-1748) *\n[CVE-2015-3752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3752) *\n[CVE-2015-5809](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-5809) *\n[CVE-2015-5928](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-5928) *\n[CVE-2015-3749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3749) *\n[CVE-2015-3659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3659) *\n[CVE-2015-3748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3748) *\n[CVE-2015-3743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3743) *\n[CVE-2015-3731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3731) *\n[CVE-2015-3745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3745) *\n[CVE-2015-5822](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-5822) *\n[CVE-2015-3658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3658) *\n[CVE-2015-3741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3741) *\n[CVE-2015-3727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3727) *\n[CVE-2015-5801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-5801) *\n[CVE-2015-5788](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-5788) *\n[CVE-2015-3747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-3747) *\n[CVE-2015-5794](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-5794) *\n[CVE-2015-1127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1127) *\n[CVE-2015-1153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1153) *\n[CVE-2015-1083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201\n5-1083) Additional fixes: * Fix crashes on PowerPC 64. * Fix the build\non PowerPC 32.\n\n - Add ARM64 build support. Translation updates * German *\n Spanish * French\n\n - Italian * Korean * Brazilian Portuguese * Russian *\n Chinese.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/180485.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?18d1a2f0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkitgtk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkitgtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"webkitgtk-2.4.10-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:42:29", "description": "This update addresses the following vulnerabilities :\n\n - CVE-2015-1120\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120)\n\n - CVE-2015-1076\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076)\n\n - CVE-2015-1071\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071)\n\n - CVE-2015-1081\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081)\n\n - CVE-2015-1122\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122)\n\n - CVE-2015-1155\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155)\n\n - CVE-2014-1748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748)\n\n - CVE-2015-3752\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752)\n\n - CVE-2015-5809\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809)\n\n - CVE-2015-5928\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928)\n\n - CVE-2015-3749\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749)\n\n - CVE-2015-3659\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659)\n\n - CVE-2015-3748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748)\n\n - CVE-2015-3743\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743)\n\n - CVE-2015-3731\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731)\n\n - CVE-2015-3745\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745)\n\n - CVE-2015-5822\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822)\n\n - CVE-2015-3658\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658)\n\n - CVE-2015-3741\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741)\n\n - CVE-2015-3727\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727)\n\n - CVE-2015-5801\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801)\n\n - CVE-2015-5788\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788)\n\n - CVE-2015-3747\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747)\n\n - CVE-2015-5794\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794)\n\n - CVE-2015-1127\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127)\n\n - CVE-2015-1153\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153)\n\n - CVE-2015-1083\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-21T00:00:00", "type": "nessus", "title": "Fedora 23 : webkitgtk3-2.4.10-1.fc23 (2016-1a7f7ffb58)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkitgtk3", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-1A7F7FFB58.NASL", "href": "https://www.tenable.com/plugins/nessus/90035", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-1a7f7ffb58.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90035);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\", \"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\", \"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\", \"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n script_xref(name:\"FEDORA\", value:\"2016-1a7f7ffb58\");\n\n script_name(english:\"Fedora 23 : webkitgtk3-2.4.10-1.fc23 (2016-1a7f7ffb58)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following vulnerabilities :\n\n - CVE-2015-1120\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120)\n\n - CVE-2015-1076\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076)\n\n - CVE-2015-1071\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071)\n\n - CVE-2015-1081\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081)\n\n - CVE-2015-1122\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122)\n\n - CVE-2015-1155\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155)\n\n - CVE-2014-1748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748)\n\n - CVE-2015-3752\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752)\n\n - CVE-2015-5809\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809)\n\n - CVE-2015-5928\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928)\n\n - CVE-2015-3749\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749)\n\n - CVE-2015-3659\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659)\n\n - CVE-2015-3748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748)\n\n - CVE-2015-3743\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743)\n\n - CVE-2015-3731\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731)\n\n - CVE-2015-3745\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745)\n\n - CVE-2015-5822\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822)\n\n - CVE-2015-3658\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658)\n\n - CVE-2015-3741\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741)\n\n - CVE-2015-3727\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727)\n\n - CVE-2015-5801\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801)\n\n - CVE-2015-5788\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788)\n\n - CVE-2015-3747\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747)\n\n - CVE-2015-5794\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794)\n\n - CVE-2015-1127\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127)\n\n - CVE-2015-1153\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153)\n\n - CVE-2015-1083\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/179133.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?abc24d78\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkitgtk3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkitgtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"webkitgtk3-2.4.10-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk3\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:42:32", "description": "A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-22T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 15.10 : webkitgtk vulnerabilities (USN-2937-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-1.0-0", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-3.0-0", "p-cpe:/a:canonical:ubuntu_linux:libwebkitgtk-1.0-0", "p-cpe:/a:canonical:ubuntu_linux:libwebkitgtk-3.0-0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2937-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90094", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2937-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90094);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2019/09/18 12:31:45\");\n\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\", \"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\", \"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\", \"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n script_xref(name:\"USN\", value:\"2937-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 15.10 : webkitgtk vulnerabilities (USN-2937-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A large number of security issues were discovered in the WebKitGTK+\nWeb and JavaScript engines. If a user were tricked into viewing a\nmalicious website, a remote attacker could exploit a variety of issues\nrelated to web browser security, including cross-site scripting\nattacks, denial of service attacks, and arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2937-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-1.0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-3.0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkitgtk-1.0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkitgtk-3.0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libjavascriptcoregtk-1.0-0\", pkgver:\"2.4.10-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libjavascriptcoregtk-3.0-0\", pkgver:\"2.4.10-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libwebkitgtk-1.0-0\", pkgver:\"2.4.10-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libwebkitgtk-3.0-0\", pkgver:\"2.4.10-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libjavascriptcoregtk-1.0-0\", pkgver:\"2.4.10-0ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libjavascriptcoregtk-3.0-0\", pkgver:\"2.4.10-0ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libwebkitgtk-1.0-0\", pkgver:\"2.4.10-0ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libwebkitgtk-3.0-0\", pkgver:\"2.4.10-0ubuntu0.15.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-1.0-0 / libjavascriptcoregtk-3.0-0 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:42:25", "description": "This update addresses the following vulnerabilities :\n\n - CVE-2015-1120\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120)\n\n - CVE-2015-1076\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076)\n\n - CVE-2015-1071\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071)\n\n - CVE-2015-1081\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081)\n\n - CVE-2015-1122\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122)\n\n - CVE-2015-1155\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155)\n\n - CVE-2014-1748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748)\n\n - CVE-2015-3752\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752)\n\n - CVE-2015-5809\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809)\n\n - CVE-2015-5928\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928)\n\n - CVE-2015-3749\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749)\n\n - CVE-2015-3659\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659)\n\n - CVE-2015-3748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748)\n\n - CVE-2015-3743\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743)\n\n - CVE-2015-3731\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731)\n\n - CVE-2015-3745\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745)\n\n - CVE-2015-5822\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822)\n\n - CVE-2015-3658\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658)\n\n - CVE-2015-3741\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741)\n\n - CVE-2015-3727\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727)\n\n - CVE-2015-5801\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801)\n\n - CVE-2015-5788\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788)\n\n - CVE-2015-3747\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747)\n\n - CVE-2015-5794\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794)\n\n - CVE-2015-1127\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127)\n\n - CVE-2015-1153\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153)\n\n - CVE-2015-1083\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-23T00:00:00", "type": "nessus", "title": "Fedora 23 : webkitgtk-2.4.10-1.fc23 (2016-5d6d75dbea)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkitgtk", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-5D6D75DBEA.NASL", "href": "https://www.tenable.com/plugins/nessus/90104", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-5d6d75dbea.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90104);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\", \"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\", \"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\", \"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n script_xref(name:\"FEDORA\", value:\"2016-5d6d75dbea\");\n\n script_name(english:\"Fedora 23 : webkitgtk-2.4.10-1.fc23 (2016-5d6d75dbea)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following vulnerabilities :\n\n - CVE-2015-1120\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120)\n\n - CVE-2015-1076\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076)\n\n - CVE-2015-1071\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071)\n\n - CVE-2015-1081\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081)\n\n - CVE-2015-1122\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122)\n\n - CVE-2015-1155\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155)\n\n - CVE-2014-1748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748)\n\n - CVE-2015-3752\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752)\n\n - CVE-2015-5809\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809)\n\n - CVE-2015-5928\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928)\n\n - CVE-2015-3749\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749)\n\n - CVE-2015-3659\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659)\n\n - CVE-2015-3748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748)\n\n - CVE-2015-3743\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743)\n\n - CVE-2015-3731\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731)\n\n - CVE-2015-3745\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745)\n\n - CVE-2015-5822\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822)\n\n - CVE-2015-3658\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658)\n\n - CVE-2015-3741\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741)\n\n - CVE-2015-3727\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727)\n\n - CVE-2015-5801\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801)\n\n - CVE-2015-5788\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788)\n\n - CVE-2015-3747\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747)\n\n - CVE-2015-5794\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794)\n\n - CVE-2015-1127\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127)\n\n - CVE-2015-1153\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153)\n\n - CVE-2015-1083\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/179225.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0136964c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkitgtk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkitgtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"webkitgtk-2.4.10-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:42:35", "description": "This update addresses the following vulnerabilities :\n\n - CVE-2015-1120\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120)\n\n - CVE-2015-1076\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076)\n\n - CVE-2015-1071\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071)\n\n - CVE-2015-1081\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081)\n\n - CVE-2015-1122\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122)\n\n - CVE-2015-1155\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155)\n\n - CVE-2014-1748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748)\n\n - CVE-2015-3752\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752)\n\n - CVE-2015-5809\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809)\n\n - CVE-2015-5928\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928)\n\n - CVE-2015-3749\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749)\n\n - CVE-2015-3659\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659)\n\n - CVE-2015-3748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748)\n\n - CVE-2015-3743\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743)\n\n - CVE-2015-3731\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731)\n\n - CVE-2015-3745\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745)\n\n - CVE-2015-5822\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822)\n\n - CVE-2015-3658\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658)\n\n - CVE-2015-3741\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741)\n\n - CVE-2015-3727\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727)\n\n - CVE-2015-5801\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801)\n\n - CVE-2015-5788\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788)\n\n - CVE-2015-3747\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747)\n\n - CVE-2015-5794\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794)\n\n - CVE-2015-1127\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127)\n\n - CVE-2015-1153\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153)\n\n - CVE-2015-1083\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-28T00:00:00", "type": "nessus", "title": "Fedora 24 : webkitgtk3-2.4.10-1.fc24 (2016-fde7ffcb77)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkitgtk3", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-FDE7FFCB77.NASL", "href": "https://www.tenable.com/plugins/nessus/90232", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-fde7ffcb77.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90232);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\", \"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\", \"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\", \"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n script_xref(name:\"FEDORA\", value:\"2016-fde7ffcb77\");\n\n script_name(english:\"Fedora 24 : webkitgtk3-2.4.10-1.fc24 (2016-fde7ffcb77)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following vulnerabilities :\n\n - CVE-2015-1120\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120)\n\n - CVE-2015-1076\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076)\n\n - CVE-2015-1071\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071)\n\n - CVE-2015-1081\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081)\n\n - CVE-2015-1122\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122)\n\n - CVE-2015-1155\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155)\n\n - CVE-2014-1748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748)\n\n - CVE-2015-3752\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752)\n\n - CVE-2015-5809\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809)\n\n - CVE-2015-5928\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928)\n\n - CVE-2015-3749\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749)\n\n - CVE-2015-3659\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659)\n\n - CVE-2015-3748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748)\n\n - CVE-2015-3743\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743)\n\n - CVE-2015-3731\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731)\n\n - CVE-2015-3745\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745)\n\n - CVE-2015-5822\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822)\n\n - CVE-2015-3658\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658)\n\n - CVE-2015-3741\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741)\n\n - CVE-2015-3727\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727)\n\n - CVE-2015-5801\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801)\n\n - CVE-2015-5788\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788)\n\n - CVE-2015-3747\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747)\n\n - CVE-2015-5794\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794)\n\n - CVE-2015-1127\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127)\n\n - CVE-2015-1153\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153)\n\n - CVE-2015-1083\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/179773.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d98b6a55\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkitgtk3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkitgtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"webkitgtk3-2.4.10-1.fc24\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk3\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:42:32", "description": "This update addresses the following vulnerabilities :\n\n - CVE-2015-1120\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120)\n\n - CVE-2015-1076\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076)\n\n - CVE-2015-1071\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071)\n\n - CVE-2015-1081\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081)\n\n - CVE-2015-1122\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122)\n\n - CVE-2015-1155\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155)\n\n - CVE-2014-1748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748)\n\n - CVE-2015-3752\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752)\n\n - CVE-2015-5809\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809)\n\n - CVE-2015-5928\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928)\n\n - CVE-2015-3749\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749)\n\n - CVE-2015-3659\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659)\n\n - CVE-2015-3748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748)\n\n - CVE-2015-3743\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743)\n\n - CVE-2015-3731\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731)\n\n - CVE-2015-3745\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745)\n\n - CVE-2015-5822\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822)\n\n - CVE-2015-3658\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658)\n\n - CVE-2015-3741\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741)\n\n - CVE-2015-3727\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727)\n\n - CVE-2015-5801\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801)\n\n - CVE-2015-5788\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788)\n\n - CVE-2015-3747\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747)\n\n - CVE-2015-5794\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794)\n\n - CVE-2015-1127\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127)\n\n - CVE-2015-1153\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153)\n\n - CVE-2015-1083\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-28T00:00:00", "type": "nessus", "title": "Fedora 24 : webkitgtk-2.4.10-1.fc24 (2016-a4fcb02d6b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkitgtk", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-A4FCB02D6B.NASL", "href": "https://www.tenable.com/plugins/nessus/90220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-a4fcb02d6b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90220);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\", \"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\", \"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\", \"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n script_xref(name:\"FEDORA\", value:\"2016-a4fcb02d6b\");\n\n script_name(english:\"Fedora 24 : webkitgtk-2.4.10-1.fc24 (2016-a4fcb02d6b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following vulnerabilities :\n\n - CVE-2015-1120\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120)\n\n - CVE-2015-1076\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076)\n\n - CVE-2015-1071\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071)\n\n - CVE-2015-1081\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081)\n\n - CVE-2015-1122\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122)\n\n - CVE-2015-1155\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155)\n\n - CVE-2014-1748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748)\n\n - CVE-2015-3752\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752)\n\n - CVE-2015-5809\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809)\n\n - CVE-2015-5928\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928)\n\n - CVE-2015-3749\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749)\n\n - CVE-2015-3659\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659)\n\n - CVE-2015-3748\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748)\n\n - CVE-2015-3743\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743)\n\n - CVE-2015-3731\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731)\n\n - CVE-2015-3745\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745)\n\n - CVE-2015-5822\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822)\n\n - CVE-2015-3658\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658)\n\n - CVE-2015-3741\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741)\n\n - CVE-2015-3727\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727)\n\n - CVE-2015-5801\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801)\n\n - CVE-2015-5788\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788)\n\n - CVE-2015-3747\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747)\n\n - CVE-2015-5794\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794)\n\n - CVE-2015-1127\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127)\n\n - CVE-2015-1153\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153)\n\n - CVE-2015-1083\n\n(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/179772.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6fc0f2fa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkitgtk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkitgtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"webkitgtk-2.4.10-1.fc24\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:45:19", "description": "The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.7 / 7.1.7 / 8.0.7. It is, therefore, affected by the following vulnerabilities :\n\n - A flaw exists in WebKit Page Loading due to the Origin request header being preserved for cross-origin redirects. A remote attacker can exploit this, via a specially crafted web page, to circumvent cross-site request forgery (XSRF) protections. (CVE-2015-3658)\n\n - A flaw exists in the WebKit Storage's SQLite authorizer due to insufficient comparison. A remote attacker can exploit this, via a specially crafted web page, to invoke arbitrary SQL functions, resulting in a denial of service condition or executing arbitrary code.\n (CVE-2015-3659)\n\n - An information disclosure vulnerability exists in WebKit PDF due to improper restrictions, related to JavaScript execution, of links embedded in PDF files. A remote attacker can exploit this, via a specially crafted PDF file, to disclose sensitive information from the file system, including cookies. (CVE-2015-3660)\n\n - An information disclosure vulnerability exists in WebKit due to improper restrictions on renaming WebSQL tables.\n A remote attacker can exploit this, via a specially crafted website, to access WebSQL databases belonging to other websites. (CVE-2015-3727)", "cvss3": {"score": null, "vector": null}, "published": "2015-07-01T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 6.2.7 / 7.1.7 / 8.0.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3660", "CVE-2015-3727"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI8_0_7.NASL", "href": "https://www.tenable.com/plugins/nessus/84491", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84491);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2015-3658\",\n \"CVE-2015-3659\",\n \"CVE-2015-3660\",\n \"CVE-2015-3727\"\n );\n\n script_name(english:\"Mac OS X : Apple Safari < 6.2.7 / 7.1.7 / 8.0.7 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The web browser installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nprior to 6.2.7 / 7.1.7 / 8.0.7. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A flaw exists in WebKit Page Loading due to the Origin\n request header being preserved for cross-origin\n redirects. A remote attacker can exploit this, via a\n specially crafted web page, to circumvent cross-site\n request forgery (XSRF) protections. (CVE-2015-3658)\n\n - A flaw exists in the WebKit Storage's SQLite authorizer\n due to insufficient comparison. A remote attacker can\n exploit this, via a specially crafted web page, to\n invoke arbitrary SQL functions, resulting in a denial\n of service condition or executing arbitrary code.\n (CVE-2015-3659)\n\n - An information disclosure vulnerability exists in WebKit\n PDF due to improper restrictions, related to JavaScript\n execution, of links embedded in PDF files. A remote\n attacker can exploit this, via a specially crafted PDF\n file, to disclose sensitive information from the file\n system, including cookies. (CVE-2015-3660)\n\n - An information disclosure vulnerability exists in WebKit\n due to improper restrictions on renaming WebSQL tables.\n A remote attacker can exploit this, via a specially\n crafted website, to access WebSQL databases belonging to\n other websites. (CVE-2015-3727)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT204950\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari 6.2.7 / 7.1.7 / 8.0.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3727\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.([89]|10)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.8 / 10.9 / 10.10\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\nfixed_version = NULL;\n\nif (\"10.8\" >< os)\n fixed_version = \"6.2.7\";\nelse if (\"10.9\" >< os)\n fixed_version = \"7.1.7\";\nelse\n fixed_version = \"8.0.7\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n set_kb_item(name:'www/0/XSRF', value:TRUE);\n if (report_verbosity > 0)\n {\n\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:23", "description": "Versions of Safari prior to 6.2.7 / 7.1.7 / 8.0.7 are reportedly affected by the following vulnerabilities :\n\n - A flaw exists in WebKit Page Loading due to the Origin request header being preserved for cross-origin redirects. A remote attacker can exploit this, via a specially crafted web page, to circumvent cross-site request forgery (XSRF) protections. (CVE-2015-3658)\n - A flaw exists in the WebKit Storage's SQLite authorizer due to insufficient comparison. A remote attacker can exploit this, via a specially crafted web page, to invoke arbitrary SQL functions, resulting in a denial of service condition or executing arbitrary code. (CVE-2015-3659)\n - An information disclosure vulnerability exists in WebKit PDF due to improper restrictions, related to JavaScript execution, of links embedded in PDF files. A remote attacker can exploit this, via a specially crafted PDF file, to disclose sensitive information from the file system, including cookies. (CVE-2015-3660)\n - An information disclosure vulnerability exists in WebKit due to improper restrictions on renaming WebSQL tables. A remote attacker can exploit this, via a specially crafted website, to access WebSQL databases belonging to other websites. (CVE-2015-3727)\n ", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-10-01T00:00:00", "type": "nessus", "title": "Safari < 6.2.7 / 7.1.7 / 8.0.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3660"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8950.PRM", "href": "https://www.tenable.com/plugins/nnm/8950", "sourceData": "Binary data 8950.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:44:47", "description": "The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.8 / 7.1.8 / 8.0.8. It is, therefore, affected by the following vulnerabilities :\n\n - An unspecified flaw exists that allows an attacker to spoof UI elements by using crafted web pages.\n (CVE-2015-3729)\n\n - Multiple memory corruption flaws exist in WebKit due to improper validation of user-supplied input. An attacker can exploit these, by using a crafted web page, to execute arbitrary code. (CVE-2015-3730, CVE-2015-3731 CVE-2015-3732, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749)\n\n - A security policy bypass vulnerability exists in WebKit related to handling Content Security Policy report requests. An attacker can exploit this to bypass the HTTP Strict Transport Security policy. (CVE-2015-3750)\n\n - A security policy bypass vulnerability exists in WebKit that allows websites to use video controls to load images nested in object elements in violation of Content Security Policy directives. (CVE-2015-3751)\n\n - An information disclosure vulnerability exists in WebKit related to how cookies are added to Content Security Policy report requests, which results in cookies being exposed to cross-origin requests. Also, cookies set during regular browsing are sent during private browsing. (CVE-2015-3752)\n\n - An information disclosure vulnerability exists in the WebKit Canvas component when images are called using URLs that redirect to a data:image resource. An attacker, using a malicious website, can exploit this to disclose image data cross-origin. (CVE-2015-3753)\n\n - An information disclosure vulnerability exists in WebKit page loading where the caching of HTTP authentication credentials entered in private browsing mode were carried over into regular browsing, resulting in a user's private browsing history being exposed. (CVE-2015-3754)\n\n - A flaw in the WebKit process model allows a malicious website to display an arbitrary URL, which can allow user interface spoofing. (CVE-2015-3755)", "cvss3": {"score": null, "vector": null}, "published": "2015-08-17T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 6.2.8 / 7.1.8 / 8.0.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3729", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3752", "CVE-2015-3753", "CVE-2015-3754", "CVE-2015-3755"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI8_0_8.NASL", "href": "https://www.tenable.com/plugins/nessus/85446", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85446);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2015-3729\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3732\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-3750\",\n \"CVE-2015-3751\",\n \"CVE-2015-3752\",\n \"CVE-2015-3753\",\n \"CVE-2015-3754\",\n \"CVE-2015-3755\"\n );\n script_bugtraq_id(\n 76338,\n 76339,\n 76341,\n 76342,\n 76344\n );\n\n script_name(english:\"Mac OS X : Apple Safari < 6.2.8 / 7.1.8 / 8.0.8 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The web browser installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nprior to 6.2.8 / 7.1.8 / 8.0.8. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - An unspecified flaw exists that allows an attacker to\n spoof UI elements by using crafted web pages.\n (CVE-2015-3729)\n\n - Multiple memory corruption flaws exist in WebKit due\n to improper validation of user-supplied input. An\n attacker can exploit these, by using a crafted web page,\n to execute arbitrary code. (CVE-2015-3730, CVE-2015-3731\n CVE-2015-3732, CVE-2015-3733, CVE-2015-3734,\n CVE-2015-3735, CVE-2015-3736, CVE-2015-3737,\n CVE-2015-3738, CVE-2015-3739, CVE-2015-3740,\n CVE-2015-3741, CVE-2015-3742, CVE-2015-3743,\n CVE-2015-3744, CVE-2015-3745, CVE-2015-3746,\n CVE-2015-3747, CVE-2015-3748, CVE-2015-3749)\n\n - A security policy bypass vulnerability exists in WebKit\n related to handling Content Security Policy report\n requests. An attacker can exploit this to bypass the\n HTTP Strict Transport Security policy. (CVE-2015-3750)\n\n - A security policy bypass vulnerability exists in WebKit\n that allows websites to use video controls to load\n images nested in object elements in violation of Content\n Security Policy directives. (CVE-2015-3751)\n\n - An information disclosure vulnerability exists in WebKit\n related to how cookies are added to Content Security\n Policy report requests, which results in cookies being\n exposed to cross-origin requests. Also, cookies set\n during regular browsing are sent during private\n browsing. (CVE-2015-3752)\n\n - An information disclosure vulnerability exists in the\n WebKit Canvas component when images are called using\n URLs that redirect to a data:image resource. An\n attacker, using a malicious website, can exploit this to\n disclose image data cross-origin. (CVE-2015-3753)\n\n - An information disclosure vulnerability exists in WebKit\n page loading where the caching of HTTP authentication\n credentials entered in private browsing mode were carried\n over into regular browsing, resulting in a user's private\n browsing history being exposed. (CVE-2015-3754)\n\n - A flaw in the WebKit process model allows a malicious\n website to display an arbitrary URL, which can allow\n user interface spoofing. (CVE-2015-3755)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205033\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari 6.2.8 / 7.1.8 / 8.0.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.([89]|10)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.8 / 10.9 / 10.10\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\nfixed_version = NULL;\n\nif (\"10.8\" >< os)\n fixed_version = \"6.2.8\";\nelse if (\"10.9\" >< os)\n fixed_version = \"7.1.8\";\nelse\n fixed_version = \"8.0.8\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:22", "description": "Versions of Safari prior to 6.2.8 / 7.1.8 / 8.0.8 are reportedly affected by the following vulnerabilities :\n\n - An unspecified flaw exists that allows an attacker to spoof UI elements by using crafted web pages. (CVE-2015-3729)\n - Multiple memory corruption flaws exist in WebKit due to improper validation of user-supplied input. An attacker can exploit these, by using a crafted web page, to execute arbitrary code. (CVE-2015-3730, CVE-2015-3731, CVE-2015-3732, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749)\n - A security policy bypass vulnerability exists in WebKit related to handling Content Security Policy report requests. An attacker can exploit this to bypass the HTTP Strict Transport Security policy. (CVE-2015-3750)\n - A security policy bypass vulnerability exists in WebKit that allows websites to use video controls to load images nested in object elements in violation of Content Security Policy directives. (CVE-2015-3751)\n - An information disclosure vulnerability exists in WebKit related to how cookies are added to Content Security Policy report requests, which results in cookies being exposed to cross-origin requests. Also, cookies set during regular browsing are sent during private browsing. (CVE-2015-3752)\n - An information disclosure vulnerability exists in the WebKit Canvas component when images are called using URLs that redirect to a data:image resource. An attacker, using a malicious website, can exploit this to disclose image data cross-origin. (CVE-2015-3753)\n - An information disclosure vulnerability exists in WebKit page loading where the caching of HTTP authentication credentials entered in private browsing mode were carried over into regular browsing, resulting in a user's private browsing history being exposed. (CVE-2015-3754)\n - A flaw in the WebKit process model allows a malicious website to display an arbitrary URL, which can allow user interface spoofing. (CVE-2015-3755)", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"}, "published": "2015-10-01T00:00:00", "type": "nessus", "title": "Safari < 6.2.8 / 7.1.8 / 8.0.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-3730", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3742", "CVE-2015-3744", "CVE-2015-3746", "CVE-2015-3753", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3755", "CVE-2015-3729", "CVE-2015-3754"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8949.PRM", "href": "https://www.tenable.com/plugins/nnm/8949", "sourceData": "Binary data 8949.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:13", "description": "The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.6 / 7.1.6 / 8.0.6. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple memory corruption issues in WebKit due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to cause a denial of service condition or to execute arbitrary code. (CVE-2015-1152, CVE-2015-1153, and CVE-2015-1154)\n\n - An information disclosure vulnerability in WebKit History exists due to a state management flaw and improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to disclose sensitive information from the file system. (CVE-2015-1155) \n - A flaw exists in WebKit Page Loading due to improper handling of rel attributes in anchor elements that allows target objects to get unauthorized access to link objects. A remote attacker can exploit this, via a specially crafted web page, to spoof the user interface.\n (CVE-2015-1156)", "cvss3": {"score": null, "vector": null}, "published": "2015-05-08T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1154", "CVE-2015-1155", "CVE-2015-1156"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI8_0_6.NASL", "href": "https://www.tenable.com/plugins/nessus/83291", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83291);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1154\",\n \"CVE-2015-1155\",\n \"CVE-2015-1156\"\n );\n script_bugtraq_id(\n 74523,\n 74524,\n 74525,\n 74526,\n 74527\n );\n\n script_name(english:\"Mac OS X : Apple Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a web browser installed that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nprior to 6.2.6 / 7.1.6 / 8.0.6. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - Multiple memory corruption issues in WebKit due to\n improper validation of user-supplied input. A remote\n attacker can exploit this, via a specially crafted\n web page, to cause a denial of service condition or to\n execute arbitrary code. (CVE-2015-1152, CVE-2015-1153,\n and CVE-2015-1154)\n\n - An information disclosure vulnerability in WebKit\n History exists due to a state management flaw and\n improper validation of user-supplied input. A remote\n attacker can exploit this, via a specially crafted web\n page, to disclose sensitive information from the file\n system. (CVE-2015-1155)\n \n - A flaw exists in WebKit Page Loading due to improper\n handling of rel attributes in anchor elements that\n allows target objects to get unauthorized access to link\n objects. A remote attacker can exploit this, via a\n specially crafted web page, to spoof the user interface.\n (CVE-2015-1156)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT204826\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari 6.2.6 / 7.1.6 / 8.0.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-1154\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.([89]|10)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.8 / 10.9 / 10.10\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nif (\"10.8\" >< os)\n fixed_version = \"6.2.6\";\nelse if (\"10.9\" >< os)\n fixed_version = \"7.1.6\";\nelse\n fixed_version = \"8.0.6\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:22", "description": "The version of Safari installed on the remote host is prior to 6.2.6 / 7.1.6 / 8.0.6 and is affected by the following vulnerabilities :\n\n - Multiple memory corruption issues in WebKit due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to cause a denial of service condition or to execute arbitrary code. (CVE-2015-1152, CVE-2015-1153, and CVE-2015-1154)\n - An information disclosure vulnerability in WebKit History exists due to a state management flaw and improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to disclose sensitive information from the file system. (CVE-2015-1155)\n - A flaw exists in WebKit Page Loading due to improper handling of rel attributes in anchor elements that allows target objects to get unauthorized access to link objects. A remote attacker can exploit this, via a specially crafted web page, to spoof the user interface. (CVE-2015-1156)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2015-09-17T00:00:00", "type": "nessus", "title": "Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1153", "CVE-2015-1155", "CVE-2015-1152", "CVE-2015-1154", "CVE-2015-1156"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8870.PRM", "href": "https://www.tenable.com/plugins/nnm/8870", "sourceData": "Binary data 8870.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:46:08", "description": "The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.5 / 7.1.5 / 8.0.5. It is, therefore, affected by the following vulnerabilities :\n\n - A flaw exists in the state management which can result in the user's browser history not being fully purged from 'history.plist'. (CVE-2015-1112)\n\n - Multiple memory corruption vulnerabilities exist in WebKit due to improperly validated user-supplied input.\n A remote attacker, using a specially crafted website, can exploit these issues to execute arbitrary code.\n (CVE-2015-1119, CVE-2015-1120, CVE-2015-1121, CVE-2015-1122, CVE-2015-1124)\n\n - A flaw exists in Webkit when handling credentials for FTP URLs. A remote attacker, using a specially crafted website, can cause the resources of another origin to be accessed. (CVE-2015-1126)\n\n - A flaw exists in the state management which can cause a user's browsing history to be indexed while in private mode. An attacker can use this to gain information on the sites that were visited. (CVE-2015-1127)\n\n - A flaw exists with push notification requests while in private browsing mode that can reveal a user's browsing history when responding to notifications.\n (CVE-2015-1128)\n\n - A flaw in client certificate matching allows a remote attacker, using a specially crafted website, to track a user's web traffic. (CVE-2015-1129)", "cvss3": {"score": null, "vector": null}, "published": "2015-04-10T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 6.2.5 / 7.1.5 / 8.0.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1112", "CVE-2015-1119", "CVE-2015-1120", "CVE-2015-1121", "CVE-2015-1122", "CVE-2015-1124", "CVE-2015-1126", "CVE-2015-1127", "CVE-2015-1128", "CVE-2015-1129"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI8_0_5.NASL", "href": "https://www.tenable.com/plugins/nessus/82711", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82711);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2015-1112\",\n \"CVE-2015-1119\",\n \"CVE-2015-1120\",\n \"CVE-2015-1121\",\n \"CVE-2015-1122\",\n \"CVE-2015-1124\",\n \"CVE-2015-1126\",\n \"CVE-2015-1127\",\n \"CVE-2015-1128\",\n \"CVE-2015-1129\"\n );\n script_bugtraq_id(\n 73972,\n 73973,\n 73974,\n 73975,\n 73976,\n 73977\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-04-08-1\");\n\n script_name(english:\"Mac OS X : Apple Safari < 6.2.5 / 7.1.5 / 8.0.5 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nprior to 6.2.5 / 7.1.5 / 8.0.5. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A flaw exists in the state management which can result\n in the user's browser history not being fully purged\n from 'history.plist'. (CVE-2015-1112)\n\n - Multiple memory corruption vulnerabilities exist in\n WebKit due to improperly validated user-supplied input.\n A remote attacker, using a specially crafted website,\n can exploit these issues to execute arbitrary code.\n (CVE-2015-1119, CVE-2015-1120, CVE-2015-1121,\n CVE-2015-1122, CVE-2015-1124)\n\n - A flaw exists in Webkit when handling credentials for\n FTP URLs. A remote attacker, using a specially crafted\n website, can cause the resources of another origin to\n be accessed. (CVE-2015-1126)\n\n - A flaw exists in the state management which can cause a\n user's browsing history to be indexed while in private\n mode. An attacker can use this to gain information on\n the sites that were visited. (CVE-2015-1127)\n\n - A flaw exists with push notification requests while in\n private browsing mode that can reveal a user's browsing\n history when responding to notifications.\n (CVE-2015-1128)\n\n - A flaw in client certificate matching allows a remote\n attacker, using a specially crafted website, to track a\n user's web traffic. (CVE-2015-1129)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT204658\");\n # http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?792fcba9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari 6.2.5 / 7.1.5 / 8.0.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-1124\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.([89]|10)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.8 / 10.9 / 10.10\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nif (\"10.8\" >< os)\n fixed_version = \"6.2.5\";\nelse if (\"10.9\" >< os)\n fixed_version = \"7.1.5\";\nelse\n fixed_version = \"8.0.5\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:00", "description": "The version of Safari installed on the remote host is prior to 6.2.5 / 7.1.5 / 8.0.5 and is affected by the following vulnerabilities :\n\n - A flaw exists in the state management which can result in the user's browser history not being fully purged from 'history.plist'. (CVE-2015-1112)\n - Multiple memory corruption vulnerabilities exist in WebKit due to improperly validated user-supplied input. A remote attacker, using a specially crafted website, can exploit these issues to execute arbitrary code. (CVE-2015-1119, CVE-2015-1120, CVE-2015-1121, CVE-2015-1122, CVE-2015-1124)\n - A flaw exists in Webkit when handling credentials for FTP URLs. A remote attacker, using a specially crafted website, can cause the resources of another origin to be accessed. (CVE-2015-1126)\n - A flaw exists in the state management which can cause a user's browsing history to be indexed while in private mode. An attacker can use this to gain information on the sites that were visited. (CVE-2015-1127)\n - A flaw exists with push notification requests while in private browsing mode that can reveal a user's browsing history when responding to notifications.(CVE-2015-1128)\n - A flaw in client certificate matching allows a remote attacker, using a specially crafted website, to track a user's web traffic.(CVE-2015-1129)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-04-17T00:00:00", "type": "nessus", "title": "Safari < 6.2.5 / 7.1.5 / 8.0.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1129", "CVE-2015-1126", "CVE-2015-1128", "CVE-2015-1119", "CVE-2015-1121", "CVE-2015-1124", "CVE-2015-1112"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8696.PRM", "href": "https://www.tenable.com/plugins/nnm/8696", "sourceData": "Binary data 8696.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:43:32", "description": "webkit reports :\n\nThe ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.", "cvss3": {"score": null, "vector": null}, "published": "2016-02-05T00:00:00", "type": "nessus", "title": "FreeBSD : webkit -- UI spoof (1091d2d1-cb2e-11e5-b14b-bcaec565249c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:webkit-gtk2", "p-cpe:/a:freebsd:freebsd:webkit-gtk3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_1091D2D1CB2E11E5B14BBCAEC565249C.NASL", "href": "https://www.tenable.com/plugins/nessus/88583", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88583);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-1748\");\n\n script_name(english:\"FreeBSD : webkit -- UI spoof (1091d2d1-cb2e-11e5-b14b-bcaec565249c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"webkit reports :\n\nThe ScrollView::paint function in platform/scroll/ScrollView.cpp in\nBlink, as used in Google Chrome before 35.0.1916.114, allows remote\nattackers to spoof the UI by extending scrollbar painting into the\nparent frame.\"\n );\n # http://webkitgtk.org/security/WSA-2015-0002.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2015-0002.html\"\n );\n # https://vuxml.freebsd.org/freebsd/1091d2d1-cb2e-11e5-b14b-bcaec565249c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d372340\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:webkit-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:webkit-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"webkit-gtk2<2.4.9_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"webkit-gtk3<2.4.9_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-09T16:10:06", "description": "The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.4 / 7.1.4 / 8.0.4. It is, therefore, affected by multiple memory corruption vulnerabilities in WebKit due to improperly validated user-supplied input. A remote attacker, using a specially crafted website, can exploit these to execute arbitrary code.\n\nA flaw also exists related to user interface inconsistency that allows an attacker to conduct phishing attacks by spoofing the URL.", "cvss3": {"score": null, "vector": null}, "published": "2015-03-18T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 6.2.4 / 7.1.4 / 8.0.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1068", "CVE-2015-1069", "CVE-2015-1070", "CVE-2015-1071", "CVE-2015-1072", "CVE-2015-1073", "CVE-2015-1074", "CVE-2015-1075", "CVE-2015-1076", "CVE-2015-1077", "CVE-2015-1078", "CVE-2015-1079", "CVE-2015-1080", "CVE-2015-1081", "CVE-2015-1082", "CVE-2015-1083", "CVE-2015-1084"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI8_0_4.NASL", "href": "https://www.tenable.com/plugins/nessus/81915", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81915);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2015-1068\",\n \"CVE-2015-1069\",\n \"CVE-2015-1070\",\n \"CVE-2015-1071\",\n \"CVE-2015-1072\",\n \"CVE-2015-1073\",\n \"CVE-2015-1074\",\n \"CVE-2015-1075\",\n \"CVE-2015-1076\",\n \"CVE-2015-1077\",\n \"CVE-2015-1078\",\n \"CVE-2015-1079\",\n \"CVE-2015-1080\",\n \"CVE-2015-1081\",\n \"CVE-2015-1082\",\n \"CVE-2015-1083\",\n \"CVE-2015-1084\"\n );\n script_bugtraq_id(\n 73176,\n 73178\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-03-17-1\");\n\n script_name(english:\"Mac OS X : Apple Safari < 6.2.4 / 7.1.4 / 8.0.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nprior to 6.2.4 / 7.1.4 / 8.0.4. It is, therefore, affected by multiple\nmemory corruption vulnerabilities in WebKit due to improperly\nvalidated user-supplied input. A remote attacker, using a specially\ncrafted website, can exploit these to execute arbitrary code.\n\nA flaw also exists related to user interface inconsistency that allows\nan attacker to conduct phishing attacks by spoofing the URL.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT204560\");\n # http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d19dd32\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple Safari 6.2.4 / 7.1.4 / 8.0.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.([89]|10)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.8 / 10.9 / 10.10\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nif (\"10.8\" >< os)\n fixed_version = \"6.2.4\";\nelse if (\"10.9\" >< os)\n fixed_version = \"7.1.4\";\nelse\n fixed_version = \"8.0.4\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:02", "description": "The version of Safari installed on the remote host is prior to 6.2.4 / 7.1.4 / 8.0.4, and is affected by multiple memory corruption vulnerabilities in WebKit due to improperly validated user-supplied input. A remote attacker, using a specially crafted website, can exploit these to execute arbitrary code. (CVE-2015-1068, CVE-2015-1069, CVE-2015-1070, CVE-2015-1071, CVE-2015-1072, CVE-2015-1073, CVE-2015-1074, CVE-2015-1075, CVE-2015-1076, CVE-2015-1077, CVE-2015-1078, CVE-2015-1079, CVE-2015-1080, CVE-2015-1081, CVE-2015-1082, CVE-2015-1083)\n\nA flaw exists related to user interface inconsistency that allows an attacker to conduct phishing attacks by spoofing the URL. (CVE-2015-1084)", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2015-04-17T00:00:00", "type": "nessus", "title": "Safari < 6.2.4 / 7.1.4 / 8.0.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1069", "CVE-2015-1068", "CVE-2015-1070", "CVE-2015-1072", "CVE-2015-1073", "CVE-2015-1074", "CVE-2015-1077", "CVE-2015-1078", "CVE-2015-1079", "CVE-2015-1080", "CVE-2015-1082", "CVE-2015-1084", "CVE-2015-1075"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8695.PRM", "href": "https://www.tenable.com/plugins/nnm/8695", "sourceData": "Binary data 8695.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T14:09:59", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the bundled versions of WebKit, CoreText, the Microsoft Visual Studio C++ Redistributable Package, and ICU.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2015-09-18T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3190", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1157", "CVE-2015-1205", "CVE-2015-3686", "CVE-2015-3687", "CVE-2015-3688", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-5755", "CVE-2015-5761", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5874", "CVE-2015-5920"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_3_0.NASL", "href": "https://www.tenable.com/plugins/nessus/86001", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86001);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2010-3190\",\n \"CVE-2014-8146\",\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1157\",\n \"CVE-2015-1205\",\n \"CVE-2015-3686\",\n \"CVE-2015-3687\",\n \"CVE-2015-3688\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-5755\",\n \"CVE-2015-5761\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5874\",\n \"CVE-2015-5920\"\n );\n script_bugtraq_id(\n 42811,\n 72288,\n 74457,\n 74523,\n 74525,\n 75491,\n 76338,\n 76343,\n 76763,\n 76764,\n 76765,\n 76766\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-16-3\");\n script_xref(name:\"IAVB\", value:\"2011-B-0046\");\n\n script_name(english:\"Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.3. It is, therefore, affected by multiple vulnerabilities\nin the bundled versions of WebKit, CoreText, the Microsoft Visual\nStudio C++ Redistributable Package, and ICU.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205221\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb0bd3a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-3190\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_id = 'iTunes Version';\ninstall = get_single_install(app_name:app_id, exit_if_unknown_ver:TRUE);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nfixed_version = \"12.3.0.44\";\nif (ver_compare(ver:version, fix:fixed_version) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T14:08:46", "description": "The version of Apple iTunes running on the remote host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the WebKit, CoreText, and ICU components, and in the bundled version of the Microsoft Visual Studio C++ Redistributable Package. An attacker can exploit these vulnerabilities to cause a denial of service, execute arbitrary code, or gain access to encrypted SMB credentials.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2015-10-26T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3190", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1157", "CVE-2015-1205", "CVE-2015-3686", "CVE-2015-3687", "CVE-2015-3688", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-5755", "CVE-2015-5761", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5874", "CVE-2015-5920"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_3_0_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/86601", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86601);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2010-3190\",\n \"CVE-2014-8146\",\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1157\",\n \"CVE-2015-1205\",\n \"CVE-2015-3686\",\n \"CVE-2015-3687\",\n \"CVE-2015-3688\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-5755\",\n \"CVE-2015-5761\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5874\",\n \"CVE-2015-5920\"\n );\n script_bugtraq_id(\n 42811,\n 72288,\n 74457,\n 74523,\n 74525,\n 75491,\n 76338,\n 76343,\n 76763,\n 76764,\n 76765,\n 76766\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-16-3\");\n script_xref(name:\"IAVB\", value:\"2011-B-0046\");\n\n script_name(english:\"Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote host is prior to\n12.3. It is, therefore, affected by multiple vulnerabilities in the\nWebKit, CoreText, and ICU components, and in the bundled version of\nthe Microsoft Visual Studio C++ Redistributable Package. An attacker\ncan exploit these vulnerabilities to cause a denial of service,\nexecute arbitrary code, or gain access to encrypted SMB credentials.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205221\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb0bd3a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-3190\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"12.3.0.44\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:08:02", "description": "Versions of iTunes earlier than 12.3 are affected by multiple vulnerabilities which include :\n\n - A flaw exists in Microsoft Foundation Class's handling of library loading due to the use of a fixed path. An attacker can place a custom version of the file or library in the path, and the program will load it before the legitimate version. Thus, an attacker can leverage this flaw to execute custom code. (CVE-2010-3190)\n - International Components for Unicode for C/C++ (ICU4C) contains several flaws. An overflow condition exists in the resolveImplicitLevels() function in 'ubidi.c', which is triggered as user-supplied input is not properly validated. Additionally, an integer truncation flaw exists in the same function in 'ubidi.c'. Either flaw may allow an attacker to crash an application linked against the library or potentially execute arbitrary code. (CVE-2014-8146, CVE-2014-8147, CVE-2015-5922)\n - A flaw exists in CoreText that is triggered as user-supplied input is not properly validated when handling text and font files. This may allow a context-dependent attacker can corrupt memory and potentially execute arbitrary code. (CVE-2015-1157, CVE-2015-5874, CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, CVE-2015-5755, CVE-2015-5761)\n - A flaw exists that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2015-1152, CVE-2015-1153, CVE-2015-3730, CVE-2015-3731, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5798, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802, CVE-2015-5803, CVE-2015-5804, CVE-2015-5805, CVE-2015-5806, CVE-2015-5807, CVE-2015-5808, CVE-2015-5809, CVE-2015-5810, CVE-2015-5811, CVE-2015-5812, CVE-2015-5813, CVE-2015-5814, CVE-2015-5815, CVE-2015-5816, CVE-2015-5817, CVE-2015-5818, CVE-2015-5819, CVE-2015-5821, CVE-2015-5822, CVE-2015-5823)\n - An unspecified flaw exists that is triggered during the handling of network connection redirects. This may allow a remote man-in-the-middle attacker to gain access to hashed SMB credential information. (CVE-2015-5920)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-10-23T00:00:00", "type": "nessus", "title": "iTunes for Windows < 12.3 Multiple Vulnerabilities ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3190", "CVE-2014-8146", "CVE-2014-8147", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1157", "CVE-2015-3686", "CVE-2015-3687", "CVE-2015-3688", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-5755", "CVE-2015-5761", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5874", "CVE-2015-5920", "CVE-2015-5922"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*"], "id": "8958.PRM", "href": "https://www.tenable.com/plugins/nnm/8958", "sourceData": "Binary data 8958.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:17:53", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.2. It is, therefore, affected by multiple vulnerabilities in the bundled version of WebKit, including denial of service and arbitrary code execution vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2015-07-03T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.2 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3192", "CVE-2014-4452", "CVE-2014-4459", "CVE-2014-4466", "CVE-2014-4468", "CVE-2014-4469", "CVE-2014-4470", "CVE-2014-4471", "CVE-2014-4472", "CVE-2014-4473", "CVE-2014-4474", "CVE-2014-4475", "CVE-2014-4476", "CVE-2014-4477", "CVE-2014-4479", "CVE-2015-1068", "CVE-2015-1069", "CVE-2015-1070", "CVE-2015-1071", "CVE-2015-1072", "CVE-2015-1073", "CVE-2015-1074", "CVE-2015-1075", "CVE-2015-1076", "CVE-2015-1077", "CVE-2015-1078", "CVE-2015-1079", "CVE-2015-1080", "CVE-2015-1081", "CVE-2015-1082", "CVE-2015-1083", "CVE-2015-1119", "CVE-2015-1120", "CVE-2015-1121", "CVE-2015-1122", "CVE-2015-1124", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1154"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_2_0.NASL", "href": "https://www.tenable.com/plugins/nessus/84504", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84504);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2014-3192\",\n \"CVE-2014-4452\",\n \"CVE-2014-4459\",\n \"CVE-2014-4466\",\n \"CVE-2014-4468\",\n \"CVE-2014-4469\",\n \"CVE-2014-4470\",\n \"CVE-2014-4471\",\n \"CVE-2014-4472\",\n \"CVE-2014-4473\",\n \"CVE-2014-4474\",\n \"CVE-2014-4475\",\n \"CVE-2014-4476\",\n \"CVE-2014-4477\",\n \"CVE-2014-4479\",\n \"CVE-2015-1068\",\n \"CVE-2015-1069\",\n \"CVE-2015-1070\",\n \"CVE-2015-1071\",\n \"CVE-2015-1072\",\n \"CVE-2015-1073\",\n \"CVE-2015-1074\",\n \"CVE-2015-1075\",\n \"CVE-2015-1076\",\n \"CVE-2015-1077\",\n \"CVE-2015-1078\",\n \"CVE-2015-1079\",\n \"CVE-2015-1080\",\n \"CVE-2015-1081\",\n \"CVE-2015-1082\",\n \"CVE-2015-1083\",\n \"CVE-2015-1119\",\n \"CVE-2015-1120\",\n \"CVE-2015-1121\",\n \"CVE-2015-1122\",\n \"CVE-2015-1124\",\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1154\"\n );\n script_bugtraq_id(\n 70273,\n 71137,\n 71144,\n 71438,\n 71442,\n 71444,\n 71445,\n 71449,\n 71451,\n 71459,\n 71461,\n 71462,\n 72329,\n 72330,\n 72331,\n 73972,\n 74523,\n 74525,\n 74526\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-06-30-6\");\n\n script_name(english:\"Apple iTunes < 12.2 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.2. It is, therefore, affected by multiple vulnerabilities\nin the bundled version of WebKit, including denial of service and\narbitrary code execution vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT204949\");\n # https://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?103c0dda\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes 12.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-4466\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_id = 'iTunes Version';\ninstall = get_single_install(app_name:app_id, exit_if_unknown_ver:TRUE);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nfixed_version = \"12.2.0.145\";\nif (ver_compare(ver:version, fix:fixed_version) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-09T16:23:16", "description": "The version of Apple iTunes running on the remote host is prior to 12.2. It is, therefore, affected by multiple vulnerabilities due to memory corruption issues in the WebKit component. An attacker can exploit these to cause a denial of service or execute arbitrary code.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2015-10-26T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.2 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3192", "CVE-2014-4452", "CVE-2014-4459", "CVE-2014-4466", "CVE-2014-4468", "CVE-2014-4469", "CVE-2014-4470", "CVE-2014-4471", "CVE-2014-4472", "CVE-2014-4473", "CVE-2014-4474", "CVE-2014-4475", "CVE-2014-4476", "CVE-2014-4477", "CVE-2014-4479", "CVE-2015-1068", "CVE-2015-1069", "CVE-2015-1070", "CVE-2015-1071", "CVE-2015-1072", "CVE-2015-1073", "CVE-2015-1074", "CVE-2015-1075", "CVE-2015-1076", "CVE-2015-1077", "CVE-2015-1078", "CVE-2015-1079", "CVE-2015-1080", "CVE-2015-1081", "CVE-2015-1082", "CVE-2015-1083", "CVE-2015-1119", "CVE-2015-1120", "CVE-2015-1121", "CVE-2015-1122", "CVE-2015-1124", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1154"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_2_0_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/86600", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86600);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2014-3192\",\n \"CVE-2014-4452\",\n \"CVE-2014-4459\",\n \"CVE-2014-4466\",\n \"CVE-2014-4468\",\n \"CVE-2014-4469\",\n \"CVE-2014-4470\",\n \"CVE-2014-4471\",\n \"CVE-2014-4472\",\n \"CVE-2014-4473\",\n \"CVE-2014-4474\",\n \"CVE-2014-4475\",\n \"CVE-2014-4476\",\n \"CVE-2014-4477\",\n \"CVE-2014-4479\",\n \"CVE-2015-1068\",\n \"CVE-2015-1069\",\n \"CVE-2015-1070\",\n \"CVE-2015-1071\",\n \"CVE-2015-1072\",\n \"CVE-2015-1073\",\n \"CVE-2015-1074\",\n \"CVE-2015-1075\",\n \"CVE-2015-1076\",\n \"CVE-2015-1077\",\n \"CVE-2015-1078\",\n \"CVE-2015-1079\",\n \"CVE-2015-1080\",\n \"CVE-2015-1081\",\n \"CVE-2015-1082\",\n \"CVE-2015-1083\",\n \"CVE-2015-1119\",\n \"CVE-2015-1120\",\n \"CVE-2015-1121\",\n \"CVE-2015-1122\",\n \"CVE-2015-1124\",\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1154\"\n );\n script_bugtraq_id(\n 70273,\n 71137,\n 71144,\n 71438,\n 71442,\n 71444,\n 71445,\n 71449,\n 71451,\n 71459,\n 71461,\n 71462,\n 72329,\n 72330,\n 72331,\n 73972,\n 74523,\n 74525,\n 74526\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-06-30-6\");\n\n script_name(english:\"Apple iTunes < 12.2 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote host is prior to\n12.2. It is, therefore, affected by multiple vulnerabilities due to\nmemory corruption issues in the WebKit component. An attacker can\nexploit these to cause a denial of service or execute arbitrary code.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT204949\");\n # https://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?103c0dda\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple version iTunes 12.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-4466\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"12.2.0.145\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T17:12:20", "description": "The mobile device is running a version of iOS prior to version 8.4. It is, therefore, affected by vulnerabilities in the following components :\n\n - Application Store\n - Certificate Trust Policy\n - CFNetwork HTTPAuthentication\n - CoreGraphics\n - CoreText\n - coreTLS\n - DiskImages\n - FontParser\n - ImageIO\n - Kernel\n - Mail\n - MobileInstallation\n - Safari\n - Security\n - SQLite\n - Telephony\n - WebKit\n - WiFi Connectivity", "cvss3": {"score": null, "vector": null}, "published": "2015-07-01T00:00:00", "type": "nessus", "title": "Apple iOS < 8.4 Multiple Vulnerabilities (Logjam)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1741", "CVE-2014-8127", "CVE-2014-8128", "CVE-2014-8129", "CVE-2014-8130", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-1156", "CVE-2015-1157", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3684", "CVE-2015-3685", "CVE-2015-3686", "CVE-2015-3687", "CVE-2015-3688", "CVE-2015-3689", "CVE-2015-3690", "CVE-2015-3694", "CVE-2015-3703", "CVE-2015-3710", "CVE-2015-3717", "CVE-2015-3719", "CVE-2015-3721", "CVE-2015-3722", "CVE-2015-3723", "CVE-2015-3724", "CVE-2015-3725", "CVE-2015-3726", "CVE-2015-3727", "CVE-2015-3728", "CVE-2015-4000"], "modified": "2022-07-19T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_84_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/84490", "sourceData": "Binary data apple_ios_84_check.nbin", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:06", "description": "The remote host is running a version of iOS that is prior to version 8.4.0 and the following components contain vulnerabilities :\n\n - Application Store \n - Certificate Trust Policy \n - CFNetwork HTTPAuthentication \n - CoreGraphics \n - CoreText \n - coreTLS \n - DiskImages \n - FontParser \n - ImageIO \n - Kernel \n - Mail \n - MobileInstallation \n - Safari \n - Security \n - SQLite \n - Telephony \n - WebKit \n - WiFi Connectivity \n", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-10-12T00:00:00", "type": "nessus", "title": "Apple iOS < 8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8128", "CVE-2015-4000", "CVE-2014-8127", "CVE-2014-8129", "CVE-2014-8130", "CVE-2013-1741", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3717", "CVE-2015-3684", "CVE-2015-1157", "CVE-2015-3685", "CVE-2015-3686", "CVE-2015-3687", "CVE-2015-3688", "CVE-2015-3689", "CVE-2015-3690", "CVE-2015-3694", "CVE-2015-3719", "CVE-2015-3703", "CVE-2015-3721", "CVE-2015-1152", "CVE-2015-3722", "CVE-2015-3723", "CVE-2015-3724", "CVE-2015-3725", "CVE-2015-3726", "CVE-2015-3728", "CVE-2015-1156"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "8977.PRM", "href": "https://www.tenable.com/plugins/nnm/8977", "sourceData": "Binary data 8977.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:11:50", "description": "According to its banner, the remote Apple TV device is a version prior to 7.2. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple memory corruption vulnerabilities exist in WebKit due to improperly validated user-supplied input.\n A remote attacker, using a specially crafted website, can exploit these to execute arbitrary code.\n (CVE-2015-1068, CVE-2015-1069, CVE-2015-1070, CVE-2015-1071, CVE-2015-1072, CVE-2015-1073, CVE-2015-1074, CVE-2015-1076, CVE-2015-1077, CVE-2015-1078, CVE-2015-1079, CVE-2015-1080, CVE-2015-1081, CVE-2015-1082, CVE-2015-1083, CVE-2015-1119, CVE-2015-1120, CVE-2015-1121, CVE-2015-1122, CVE-2015-1123, CVE-2015-1124)\n\n - An error exists in the IOKit objects due to improper validation of metadata used by an audio driver, which allows arbitrary code execution. (CVE-2015-1086)\n\n - An XML External Entity (XXE) injection vulnerability exists in the NSXMLParser due to improper handling of XML files, which allows information disclosure.\n (CVE-2015-1092)\n\n - An error exists in the IOAcceleratorFamily that allows the kernel memory layout to be disclosed.\n (CVE-2015-1094)\n\n - A memory corruption vulnerability exists in the IOHIDFamily API that allows arbitrary code execution.\n (CVE-2015-1095)\n\n - An error exists in the IOHIDFamily due to improper bounds checking, which allows the kernel memory layout to be disclosed. (CVE-2015-1096)\n\n - An error exists in the MobileFrameBuffer due to improper bounds checking, which allows the kernel memory layout to be disclosed. (CVE-2015-1097)\n\n - A denial of service vulnerability exists in the setreuid() system call due to a race condition.\n (CVE-2015-1099)\n\n - An out-of-bounds memory error exists in the kernel that allows a denial of service attack or information disclosure. (CVE-2015-1100)\n\n - A memory corruption vulnerability exists in the kernel that allows arbitrary code execution. (CVE-2015-1101)\n\n - A denial of service vulnerability exists due to a state inconsistency in the processing of TCP headers, which can only be exploited from an adjacent network.\n (CVE-2015-1102)\n\n - A vulnerability exists that allows a man-in-the-middle attacker to redirect traffic via ICMP redirects.\n (CVE-2015-1103)\n\n - A security bypass vulnerability exists due to the system treating remote IPv6 packets as local packets, which allows an attacker to bypass network filters.\n (CVE-2015-1104)\n\n - A denial of service vulnerability exists due to improper processing of TCP out-of-band data, which allows a denial of service by a remote attacker. (CVE-2015-1105)\n\n - An information disclosure vulnerability exists due to unique identifiers being sent to remote servers when downloading assets for a podcast. (CVE-2015-1110)\n\n - An information disclosure vulnerability exists in the third-party application sandbox that allows hardware identifiers to be accessible by other applications.\n (CVE-2015-1114)\n\n - A privilege escalation vulnerability exists in the setreuid() and setregid() system calls due to a failure to drop privileges permanently. (CVE-2015-1117)\n\n - A memory corruption vulnerability exists due to improper bounds checking when processing configuration profiles, which allows a denial of service attack. (CVE-2015-1118)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-04-10T00:00:00", "type": "nessus", "title": "Apple TV < 7.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1068", "CVE-2015-1069", "CVE-2015-1070", "CVE-2015-1071", "CVE-2015-1072", "CVE-2015-1073", "CVE-2015-1074", "CVE-2015-1076", "CVE-2015-1077", "CVE-2015-1078", "CVE-2015-1079", "CVE-2015-1080", "CVE-2015-1081", "CVE-2015-1082", "CVE-2015-1083", "CVE-2015-1086", "CVE-2015-1092", "CVE-2015-1094", "CVE-2015-1095", "CVE-2015-1096", "CVE-2015-1097", "CVE-2015-1099", "CVE-2015-1100", "CVE-2015-1101", "CVE-2015-1102", "CVE-2015-1103", "CVE-2015-1104", "CVE-2015-1105", "CVE-2015-1110", "CVE-2015-1114", "CVE-2015-1117", "CVE-2015-1118", "CVE-2015-1119", "CVE-2015-1120", "CVE-2015-1121", "CVE-2015-1122", "CVE-2015-1123", "CVE-2015-1124"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_7_2.NASL", "href": "https://www.tenable.com/plugins/nessus/82712", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82712);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2015-1068\",\n \"CVE-2015-1069\",\n \"CVE-2015-1070\",\n \"CVE-2015-1071\",\n \"CVE-2015-1072\",\n \"CVE-2015-1073\",\n \"CVE-2015-1074\",\n \"CVE-2015-1076\",\n \"CVE-2015-1077\",\n \"CVE-2015-1078\",\n \"CVE-2015-1079\",\n \"CVE-2015-1080\",\n \"CVE-2015-1081\",\n \"CVE-2015-1082\",\n \"CVE-2015-1083\",\n \"CVE-2015-1086\",\n \"CVE-2015-1092\",\n \"CVE-2015-1094\",\n \"CVE-2015-1095\",\n \"CVE-2015-1096\",\n \"CVE-2015-1097\",\n \"CVE-2015-1099\",\n \"CVE-2015-1100\",\n \"CVE-2015-1101\",\n \"CVE-2015-1102\",\n \"CVE-2015-1103\",\n \"CVE-2015-1104\",\n \"CVE-2015-1105\",\n \"CVE-2015-1110\",\n \"CVE-2015-1114\",\n \"CVE-2015-1117\",\n \"CVE-2015-1118\",\n \"CVE-2015-1119\",\n \"CVE-2015-1120\",\n \"CVE-2015-1121\",\n \"CVE-2015-1122\",\n \"CVE-2015-1123\",\n \"CVE-2015-1124\"\n );\n script_bugtraq_id(\n 73176,\n 73972,\n 73981,\n 73983,\n 73985,\n 73986\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-04-08-4\");\n\n script_name(english:\"Apple TV < 7.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version in the banner.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote Apple TV device is a version prior\nto 7.2. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple memory corruption vulnerabilities exist in\n WebKit due to improperly validated user-supplied input.\n A remote attacker, using a specially crafted website,\n can exploit these to execute arbitrary code.\n (CVE-2015-1068, CVE-2015-1069, CVE-2015-1070,\n CVE-2015-1071, CVE-2015-1072, CVE-2015-1073,\n CVE-2015-1074, CVE-2015-1076, CVE-2015-1077,\n CVE-2015-1078, CVE-2015-1079, CVE-2015-1080,\n CVE-2015-1081, CVE-2015-1082, CVE-2015-1083,\n CVE-2015-1119, CVE-2015-1120, CVE-2015-1121,\n CVE-2015-1122, CVE-2015-1123, CVE-2015-1124)\n\n - An error exists in the IOKit objects due to improper\n validation of metadata used by an audio driver, which\n allows arbitrary code execution. (CVE-2015-1086)\n\n - An XML External Entity (XXE) injection vulnerability\n exists in the NSXMLParser due to improper handling of\n XML files, which allows information disclosure.\n (CVE-2015-1092)\n\n - An error exists in the IOAcceleratorFamily that allows\n the kernel memory layout to be disclosed.\n (CVE-2015-1094)\n\n - A memory corruption vulnerability exists in the\n IOHIDFamily API that allows arbitrary code execution.\n (CVE-2015-1095)\n\n - An error exists in the IOHIDFamily due to improper\n bounds checking, which allows the kernel memory layout\n to be disclosed. (CVE-2015-1096)\n\n - An error exists in the MobileFrameBuffer due to improper\n bounds checking, which allows the kernel memory layout\n to be disclosed. (CVE-2015-1097)\n\n - A denial of service vulnerability exists in the\n setreuid() system call due to a race condition.\n (CVE-2015-1099)\n\n - An out-of-bounds memory error exists in the kernel that\n allows a denial of service attack or information\n disclosure. (CVE-2015-1100)\n\n - A memory corruption vulnerability exists in the kernel\n that allows arbitrary code execution. (CVE-2015-1101)\n\n - A denial of service vulnerability exists due to a state\n inconsistency in the processing of TCP headers, which\n can only be exploited from an adjacent network.\n (CVE-2015-1102)\n\n - A vulnerability exists that allows a man-in-the-middle\n attacker to redirect traffic via ICMP redirects.\n (CVE-2015-1103)\n\n - A security bypass vulnerability exists due to the\n system treating remote IPv6 packets as local packets,\n which allows an attacker to bypass network filters.\n (CVE-2015-1104)\n\n - A denial of service vulnerability exists due to improper\n processing of TCP out-of-band data, which allows a\n denial of service by a remote attacker. (CVE-2015-1105)\n\n - An information disclosure vulnerability exists due to\n unique identifiers being sent to remote servers when\n downloading assets for a podcast. (CVE-2015-1110)\n\n - An information disclosure vulnerability exists in the\n third-party application sandbox that allows hardware\n identifiers to be accessible by other applications.\n (CVE-2015-1114)\n\n - A privilege escalation vulnerability exists in the\n setreuid() and setregid() system calls due to a failure\n to drop privileges permanently. (CVE-2015-1117)\n\n - A memory corruption vulnerability exists due to improper\n bounds checking when processing configuration profiles,\n which allows a denial of service attack. (CVE-2015-1118)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT204662\");\n # https://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?028da58b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple TV 7.2 or later. Note that this update is only\navailable for 3rd generation and later models.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-1103\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"appletv_version.nasl\");\n script_require_keys(\"AppleTV/Version\", \"AppleTV/URL\", \"AppleTV/Port\");\n script_require_ports(\"Services/www\", 7000);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"appletv_func.inc\");\n\nurl = get_kb_item('AppleTV/URL');\nif (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');\nport = get_kb_item('AppleTV/Port');\nif (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');\n\nbuild = get_kb_item('AppleTV/Version');\nif (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');\n\nmodel = get_kb_item('AppleTV/Model');\nif (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');\n\nfixed_build = \"12F69\";\ntvos_ver = '7.2';\ngen = APPLETV_MODEL_GEN[model];\n\nappletv_check_version(\n build : build,\n fix : fixed_build,\n affected_gen : 3,\n model : model,\n gen : gen,\n fix_tvos_ver : tvos_ver,\n port : port,\n url : url,\n severity : SECURITY_HOLE\n);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T01:31:20", "description": "According to its banner, the remote Apple TV device is a version prior to 7.2.1. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - bootp\n - CFPreferences\n - CloudKit\n - Code Signing\n - CoreMedia Playback\n - CoreText\n - DiskImages\n - FontParser\n - ImageIO\n - IOHIDFamily\n - IOKit\n - Kernel\n - Libc\n - Libinfo\n - libpthread\n - libxml2\n - libxpc\n - libxslt\n - Location Framework\n - Office Viewer\n - QL Office\n - Sandbox_profiles\n - WebKit", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-04-04T00:00:00", "type": "nessus", "title": "Apple TV < 7.2.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6685", "CVE-2014-0191", "CVE-2014-3660", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3752", "CVE-2015-3753", "CVE-2015-3759", "CVE-2015-3766", "CVE-2015-3768", "CVE-2015-3776", "CVE-2015-3778", "CVE-2015-3782", "CVE-2015-3784", "CVE-2015-3793", "CVE-2015-3795", "CVE-2015-3796", "CVE-2015-3797", "CVE-2015-3798", "CVE-2015-3800", "CVE-2015-3802", "CVE-2015-3803", "CVE-2015-3804", "CVE-2015-3805", "CVE-2015-3806", "CVE-2015-3807", "CVE-2015-5749", "CVE-2015-5755", "CVE-2015-5756", "CVE-2015-5757", "CVE-2015-5758", "CVE-2015-5761", "CVE-2015-5773", "CVE-2015-5774", "CVE-2015-5775", "CVE-2015-5776", "CVE-2015-5777", "CVE-2015-5778", "CVE-2015-5781", "CVE-2015-5782", "CVE-2015-7995"], "modified": "2019-11-19T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_7_2_1.NASL", "href": "https://www.tenable.com/plugins/nessus/90315", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90315);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/11/19\");\n\n script_cve_id(\n \"CVE-2012-6685\",\n \"CVE-2014-0191\",\n \"CVE-2014-3660\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3732\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-3750\",\n \"CVE-2015-3751\",\n \"CVE-2015-3752\",\n \"CVE-2015-3753\",\n \"CVE-2015-3759\",\n \"CVE-2015-3766\",\n \"CVE-2015-3768\",\n \"CVE-2015-3776\",\n \"CVE-2015-3778\",\n \"CVE-2015-3782\",\n \"CVE-2015-3784\",\n \"CVE-2015-3793\",\n \"CVE-2015-3795\",\n \"CVE-2015-3796\",\n \"CVE-2015-3797\",\n \"CVE-2015-3798\",\n \"CVE-2015-3800\",\n \"CVE-2015-3802\",\n \"CVE-2015-3803\",\n \"CVE-2015-3804\",\n \"CVE-2015-3805\",\n \"CVE-2015-3806\",\n \"CVE-2015-3807\",\n \"CVE-2015-5749\",\n \"CVE-2015-5755\",\n \"CVE-2015-5756\",\n \"CVE-2015-5757\",\n \"CVE-2015-5758\",\n \"CVE-2015-5761\",\n \"CVE-2015-5773\",\n \"CVE-2015-5774\",\n \"CVE-2015-5775\",\n \"CVE-2015-5776\",\n \"CVE-2015-5777\",\n \"CVE-2015-5778\",\n \"CVE-2015-5781\",\n \"CVE-2015-5782\",\n \"CVE-2015-7995\"\n );\n script_bugtraq_id(\n 67233,\n 70644,\n 76337,\n 76338,\n 76341,\n 76343,\n 77325\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-02-25-1\");\n\n script_name(english:\"Apple TV < 7.2.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version in the banner.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote Apple TV device is a version prior\nto 7.2.1. It is, therefore, affected by multiple vulnerabilities in\nthe following components :\n\n - bootp\n - CFPreferences\n - CloudKit\n - Code Signing\n - CoreMedia Playback\n - CoreText\n - DiskImages\n - FontParser\n - ImageIO\n - IOHIDFamily\n - IOKit\n - Kernel\n - Libc\n - Libinfo\n - libpthread\n - libxml2\n - libxpc\n - libxslt\n - Location Framework\n - Office Viewer\n - QL Office\n - Sandbox_profiles\n - WebKit\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205795\");\n # https://lists.apple.com/archives/security-announce/2016/Feb/msg00000.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d959a1e0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple TV version 7.2.1 or later. Note that this update is\nonly available for 3rd generation models.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-5757\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"appletv_version.nasl\");\n script_require_keys(\"AppleTV/Version\", \"AppleTV/URL\", \"AppleTV/Port\");\n script_require_ports(\"Services/www\", 7000);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"appletv_func.inc\");\n\nurl = get_kb_item('AppleTV/URL');\nif (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');\nport = get_kb_item('AppleTV/Port');\nif (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');\n\nbuild = get_kb_item('AppleTV/Version');\nif (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');\n\nmodel = get_kb_item('AppleTV/Model');\nif (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');\n\nfixed_build = \"12H523\";\ntvos_ver = '7.2.1';\ngen = APPLETV_MODEL_GEN[model];\n\nappletv_check_version(\n build : build,\n fix : fixed_build,\n affected_gen : 3,\n model : model,\n gen : gen,\n fix_tvos_ver : tvos_ver,\n port : port,\n url : url,\n severity : SECURITY_HOLE\n);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:41:35", "description": "Versions of Apple TV earlier than 7.2.1 are unpatched for vulnerabilities in the following components :\n\n - bootp\n - CFPreferences\n - CloudKit\n - Code Signing\n - CoreMedia Playback\n - CoreText\n - DiskImages\n - FontParser\n - ImageIO\n - IOHIDFamily\n - IOKit\n - Kernel\n - Libc\n - Libinfo\n - libpthread\n - libxml2\n - libxpc\n - libxslt\n - Location Framework\n - Office Viewer\n - QL Office\n - Sandbox_profiles\n - WebKit", "cvss3": {"score": 3.7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-05-27T00:00:00", "type": "nessus", "title": "Apple TV < 7.2.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3660", "CVE-2015-7995", "CVE-2014-0191", "CVE-2015-3766", "CVE-2015-3768", "CVE-2015-3776", "CVE-2015-3778", "CVE-2015-3782", "CVE-2015-3784", "CVE-2015-3795", "CVE-2015-3796", "CVE-2015-3797", "CVE-2015-3798", "CVE-2015-3800", "CVE-2015-3802", "CVE-2015-3803", "CVE-2015-3804", "CVE-2015-3805", "CVE-2015-3806", "CVE-2015-3807", "CVE-2015-5755", "CVE-2015-5756", "CVE-2015-5757", "CVE-2015-5758", "CVE-2015-5761", "CVE-2015-5773", "CVE-2015-5774", "CVE-2015-5775", "CVE-2015-5776", "CVE-2015-5777", "CVE-2015-5778", "CVE-2015-5781", "CVE-2015-5782", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-3793", "CVE-2012-6685", "CVE-2015-3759", "CVE-2015-5749", "CVE-2015-3730", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3742", "CVE-2015-3744", "CVE-2015-3746", "CVE-2015-3753", "CVE-2015-3750", "CVE-2015-3751"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*"], "id": "9333.PRM", "href": "https://www.tenable.com/plugins/nnm/9333", "sourceData": "Binary data 9333.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-21T17:16:47", "description": "The mobile device is running a version of iOS prior to version 8.4.1.\nIt is, therefore, affected by vulnerabilities in the following components :\n\n - Air Traffic\n - AppleFileConduit\n - Backup\n - bootp\n - CFPreferences\n - Certificate UI\n - CloudKit\n - Code Signing\n - CoreMedia Playback\n - CoreText\n - DiskImages\n - FontParser\n - IOHIDFamily\n - IOKit\n - ImageIO\n - Kernel\n - Libc\n - Libinfo\n - libpthread\n - libxml2\n - libxpc\n - Location Framework\n - MSVDX Driver\n - MobileInstallation\n - Office Viewer\n - QL Office\n - Safari\n - Sandbox_profiles\n - UIKit WebView\n - Web\n - WebKit", "cvss3": {"score": null, "vector": null}, "published": "2015-08-14T00:00:00", "type": "nessus", "title": "Apple iOS < 8.4.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6685", "CVE-2014-0191", "CVE-2014-3660", "CVE-2015-3729", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3752", "CVE-2015-3753", "CVE-2015-3755", "CVE-2015-3756", "CVE-2015-3758", "CVE-2015-3759", "CVE-2015-3763", "CVE-2015-3766", "CVE-2015-3768", "CVE-2015-3776", "CVE-2015-3778", "CVE-2015-3782", "CVE-2015-3784", "CVE-2015-3793", "CVE-2015-3795", "CVE-2015-3796", "CVE-2015-3797", "CVE-2015-3798", "CVE-2015-3800", "CVE-2015-3802", "CVE-2015-3803", "CVE-2015-3804", "CVE-2015-3805", "CVE-2015-3806", "CVE-2015-3807", "CVE-2015-5746", "CVE-2015-5749", "CVE-2015-5752", "CVE-2015-5755", "CVE-2015-5756", "CVE-2015-5757", "CVE-2015-5758", "CVE-2015-5759", "CVE-2015-5761", "CVE-2015-5766", "CVE-2015-5769", "CVE-2015-5770", "CVE-2015-5773", "CVE-2015-5774", "CVE-2015-5775", "CVE-2015-5776", "CVE-2015-5777", "CVE-2015-5778", "CVE-2015-5781", "CVE-2015-5782"], "modified": "2022-07-19T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_841_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/85407", "sourceData": "Binary data apple_ios_841_check.nbin", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:44:06", "description": "The remote host is running a version of iOS that is prior to version 8.4.1 and the following components contain vulnerabilities :\n\n - Air Traffic \n - AppleFileConduit \n - Backup \n - bootp \n - CFPreferences \n - Certificate UI \n - CloudKit \n - Code Signing \n - CoreMedia Playback \n - CoreText \n - DiskImages \n - FontParser \n - IOHIDFamily \n - IOKit \n - ImageIO \n - Kernel \n - Libc \n - Libinfo \n - libpthread \n - libxml2 \n - libxpc \n - Location Framework \n - MSVDX Driver \n - MobileInstallation \n - Office Viewer \n - QL Office \n - Safari \n - Sandbox_profiles \n - UIKit WebView \n - Web \n - WebKit \n", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-10-14T00:00:00", "type": "nessus", "title": "Apple iOS < 8.4.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3660", "CVE-2014-0191", "CVE-2015-3766", "CVE-2015-3768", "CVE-2015-3776", "CVE-2015-3778", "CVE-2015-3782", "CVE-2015-3784", "CVE-2015-3795", "CVE-2015-3796", "CVE-2015-3797", "CVE-2015-3798", "CVE-2015-3800", "CVE-2015-3802", "CVE-2015-3803", "CVE-2015-3804", "CVE-2015-3805", "CVE-2015-3806", "CVE-2015-3807", "CVE-2015-5755", "CVE-2015-5756", "CVE-2015-5757", "CVE-2015-5758", "CVE-2015-5761", "CVE-2015-5773", "CVE-2015-5774", "CVE-2015-5775", "CVE-2015-5776", "CVE-2015-5777", "CVE-2015-5778", "CVE-2015-5781", "CVE-2015-5782", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-3793", "CVE-2015-3759", "CVE-2015-5749", "CVE-2015-3730", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3742", "CVE-2015-3744", "CVE-2015-3746", "CVE-2015-3753", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3755", "CVE-2015-3729", "CVE-2015-5787", "CVE-2015-5746", "CVE-2015-5766", "CVE-2015-5752", "CVE-2015-3756", "CVE-2015-5770", "CVE-2015-5769", "CVE-2015-3763", "CVE-2015-3758", "CVE-2015-5759"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "8978.PRM", "href": "https://www.tenable.com/plugins/nnm/8978", "sourceData": "Binary data 8978.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:44:31", "description": "The version of Apple Safari installed on the remote Mac OS X host is prior to 9.0. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins", "cvss3": {"score": null, "vector": null}, "published": "2015-10-02T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3801", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5780", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5828"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI9_0.NASL", "href": "https://www.tenable.com/plugins/nessus/86252", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86252);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-3801\",\n \"CVE-2015-5764\",\n \"CVE-2015-5765\",\n \"CVE-2015-5767\",\n \"CVE-2015-5780\",\n \"CVE-2015-5788\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5820\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5825\",\n \"CVE-2015-5826\",\n \"CVE-2015-5827\",\n \"CVE-2015-5828\"\n );\n script_bugtraq_id(76764);\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-30-2\");\n\n script_name(english:\"Mac OS X : Apple Safari < 9.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a web browser installed is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nprior to 9.0. It is, therefore, affected by multiple vulnerabilities\nin the following components :\n\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205265\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari version 9.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-5780\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.(9|10|11)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.9 / 10.10 / 10.11\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"9.0\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:44:06", "description": "The version of Safari installed on the remote host is prior to 9.0. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins", "cvss3": {"score": 6.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}, "published": "2015-10-13T00:00:00", "type": "nessus", "title": "Safari < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5827", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5821", "CVE-2015-5820", "CVE-2015-5826", "CVE-2015-5825", "CVE-2015-3801", "CVE-2015-5816", "CVE-2015-5823", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5803", "CVE-2015-5802", "CVE-2015-5800", "CVE-2015-5799", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5814", "CVE-2015-5813", "CVE-2015-5828", "CVE-2015-5780", "CVE-2015-5798", "CVE-2015-5808", "CVE-2015-5815"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8976.PRM", "href": "https://www.tenable.com/plugins/nnm/8976", "sourceData": "Binary data 8976.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T14:10:22", "description": "The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-006. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - apache\n - apache_mod_php\n - CoreText\n - FontParser\n - Libinfo\n - libxml2\n - OpenSSL\n - perl\n - PostgreSQL\n - QL Office\n - Quartz Composer Framework\n - QuickTime 7\n - SceneKit\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-08-17T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2015-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6685", "CVE-2014-0067", "CVE-2014-0191", "CVE-2014-3581", "CVE-2014-3583", "CVE-2014-3660", "CVE-2014-8109", "CVE-2014-8161", "CVE-2015-0228", "CVE-2015-0241", "CVE-2015-0242", "CVE-2015-0243", "CVE-2015-0244", "CVE-2015-0253", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3183", "CVE-2015-3185", "CVE-2015-3307", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-3729", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3752", "CVE-2015-3753", "CVE-2015-3754", "CVE-2015-3755", "CVE-2015-3765", "CVE-2015-3779", "CVE-2015-3783", "CVE-2015-3788", "CVE-2015-3789", "CVE-2015-3790", "CVE-2015-3791", "CVE-2015-3792", "CVE-2015-3804", "CVE-2015-3807", "CVE-2015-4021", "CVE-2015-4022", "CVE-2015-4024", "CVE-2015-4025", "CVE-2015-4026", "CVE-2015-4147", "CVE-2015-4148", "CVE-2015-5751", "CVE-2015-5753", "CVE-2015-5756", "CVE-2015-5761", "CVE-2015-5771", "CVE-2015-5773", "CVE-2015-5775", "CVE-2015-5776", "CVE-2015-5779"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2015-006.NASL", "href": "https://www.tenable.com/plugins/nessus/85409", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85409);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2012-6685\",\n \"CVE-2014-0067\",\n \"CVE-2014-0191\",\n \"CVE-2014-3581\",\n \"CVE-2014-3583\",\n \"CVE-2014-3660\",\n \"CVE-2014-8109\",\n \"CVE-2014-8161\",\n \"CVE-2015-0228\",\n \"CVE-2015-0241\",\n \"CVE-2015-0242\",\n \"CVE-2015-0243\",\n \"CVE-2015-0244\",\n \"CVE-2015-0253\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-2783\",\n \"CVE-2015-2787\",\n \"CVE-2015-3183\",\n \"CVE-2015-3185\",\n \"CVE-2015-3307\",\n \"CVE-2015-3329\",\n \"CVE-2015-3330\",\n \"CVE-2015-3729\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3732\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-3750\",\n \"CVE-2015-3751\",\n \"CVE-2015-3752\",\n \"CVE-2015-3753\",\n \"CVE-2015-3754\",\n \"CVE-2015-3755\",\n \"CVE-2015-3765\",\n \"CVE-2015-3779\",\n \"CVE-2015-3783\",\n \"CVE-2015-3788\",\n \"CVE-2015-3789\",\n \"CVE-2015-3790\",\n \"CVE-2015-3791\",\n \"CVE-2015-3792\",\n \"CVE-2015-3804\",\n \"CVE-2015-3807\",\n \"CVE-2015-4021\",\n \"CVE-2015-4022\",\n \"CVE-2015-4024\",\n \"CVE-2015-4025\",\n \"CVE-2015-4026\",\n \"CVE-2015-4147\",\n \"CVE-2015-4148\",\n \"CVE-2015-5751\",\n \"CVE-2015-5753\",\n \"CVE-2015-5756\",\n \"CVE-2015-5761\",\n \"CVE-2015-5771\",\n \"CVE-2015-5773\",\n \"CVE-2015-5775\",\n \"CVE-2015-5776\",\n \"CVE-2015-5779\"\n );\n script_bugtraq_id(\n 65721,\n 67233,\n 70644,\n 71656,\n 71657,\n 72538,\n 72540,\n 72542,\n 72543,\n 73040,\n 73041,\n 73357,\n 73431,\n 74174,\n 74204,\n 74239,\n 74240,\n 74700,\n 74703,\n 74902,\n 74903,\n 74904,\n 75056,\n 75103,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161,\n 75963,\n 75964,\n 75965,\n 76338,\n 76339,\n 76340,\n 76341,\n 76342,\n 76343,\n 76344\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-08-13-2\");\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2015-006)\");\n script_summary(english:\"Checks for the presence of Security Update 2015-006.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.8.5 or 10.9.5\nthat is missing Security Update 2015-006. It is, therefore, affected\nby multiple vulnerabilities in the following components :\n\n - apache\n - apache_mod_php\n - CoreText\n - FontParser\n - Libinfo\n - libxml2\n - OpenSSL\n - perl\n - PostgreSQL\n - QL Office\n - Quartz Composer Framework\n - QuickTime 7\n - SceneKit\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205031\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2015-006 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-5779\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\npatch = \"2015-006\";\n\n# Compare 2 patch numbers to determine if patch requirements are satisfied.\n# Return true if this patch or a later patch is applied\n# Return false otherwise\nfunction check_patch(year, number)\n{\n local_var p_split = split(patch, sep:\"-\");\n local_var p_year = int( p_split[0]);\n local_var p_num = int( p_split[1]);\n\n if (year > p_year) return TRUE;\n else if (year < p_year) return FALSE;\n else if (number >= p_num) return TRUE;\n else return FALSE;\n}\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\n# Advisory states that the update is available for 10.10.2\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\nif (!ereg(pattern:\"Mac OS X 10\\.[89]\\.5([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.8.5 or Mac OS X 10.9.5\");\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nsec_boms_report = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\..*bom$\", string:packages);\nsec_boms = split(sec_boms_report, sep:'\\n');\n\nforeach package (sec_boms)\n{\n # Grab patch year and number\n match = eregmatch(pattern:\"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]\", string:package);\n if (empty_or_null(match[1]) || empty_or_null(match[2]))\n continue;\n\n patch_found = check_patch(year:int(match[1]), number:int(match[2]));\n if (patch_found) exit(0, \"The host has Security Update \" + patch + \" or later installed and is therefore not affected.\");\n}\n\nreport = '\\n Missing security update : ' + patch;\nreport += '\\n Installed security BOMs : ';\nif (sec_boms_report) report += str_replace(find:'\\n', replace:'\\n ', string:sec_boms_report);\nelse report += 'n/a';\nreport += '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-09T16:12:21", "description": "The mobile device is running a version of iOS prior to version 8.3.\nIt is, therefore, affected by vulnerabilities in the following components :\n\n - AppleKeyStore\n - Audio Drivers\n - Backup\n - Certificate Trust Policy\n - CFNetwork\n - CFNetwork Session\n - CFURL\n - FontParser\n - Foundation\n - IOAcceleratorFamily\n - IOHIDFamily\n - IOMobileFramebuffer\n - iWork Viewer\n - Kernel\n - Keyboards\n - libnetcore\n - Lock Screen\n - NetworkExtension\n - Podcasts\n - Safari\n - Sandbox Profiles\n - Telephony\n - UIKit View\n - WebKit", "cvss3": {"score": null, "vector": null}, "published": "2015-04-10T00:00:00", "type": "nessus", "title": "Apple iOS < 8.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1068", "CVE-2015-1069", "CVE-2015-1070", "CVE-2015-1071", "CVE-2015-1072", "CVE-2015-1073", "CVE-2015-1074", "CVE-2015-1076", "CVE-2015-1077", "CVE-2015-1078", "CVE-2015-1079", "CVE-2015-1080", "CVE-2015-1081", "CVE-2015-1082", "CVE-2015-1083", "CVE-2015-1084", "CVE-2015-1085", "CVE-2015-1086", "CVE-2015-1087", "CVE-2015-1088", "CVE-2015-1089", "CVE-2015-1090", "CVE-2015-1091", "CVE-2015-1092", "CVE-2015-1093", "CVE-2015-1094", "CVE-2015-1095", "CVE-2015-1096", "CVE-2015-1097", "CVE-2015-1098", "CVE-2015-1099", "CVE-2015-1100", "CVE-2015-1101", "CVE-2015-1102", "CVE-2015-1103", "CVE-2015-1104", "CVE-2015-1105", "CVE-2015-1106", "CVE-2015-1107", "CVE-2015-1108", "CVE-2015-1109", "CVE-2015-1110", "CVE-2015-1111", "CVE-2015-1112", "CVE-2015-1113", "CVE-2015-1114", "CVE-2015-1115", "CVE-2015-1116", "CVE-2015-1117", "CVE-2015-1118", "CVE-2015-1119", "CVE-2015-1120", "CVE-2015-1121", "CVE-2015-1122", "CVE-2015-1123", "CVE-2015-1124", "CVE-2015-1125", "CVE-2015-1126", "CVE-2015-5762"], "modified": "2022-07-19T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_83_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/82703", "sourceData": "Binary data apple_ios_83_check.nbin", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:16", "description": "The version of Apple Safari installed on the remote host is prior to 9.0.1. It is, therefore, affected by multiple memory corruption issues in WebKit due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these, via a crafted website, to execute arbitrary code or possibly cause a denial of service.", "cvss3": {"score": null, "vector": null}, "published": "2015-11-06T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 9.0.1 Multiple RCE", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5928", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931", "CVE-2015-7002", "CVE-2015-7011", "CVE-2015-7012", "CVE-2015-7013", "CVE-2015-7014"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI9_0_1.NASL", "href": "https://www.tenable.com/plugins/nessus/86790", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86790);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-5928\",\n \"CVE-2015-5929\",\n \"CVE-2015-5930\",\n \"CVE-2015-5931\",\n \"CVE-2015-7002\",\n \"CVE-2015-7011\",\n \"CVE-2015-7012\",\n \"CVE-2015-7013\",\n \"CVE-2015-7014\"\n );\n script_bugtraq_id(77264, 77267);\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-10-21-3\");\n\n script_name(english:\"Mac OS X : Apple Safari < 9.0.1 Multiple RCE\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a web browser installed that is affected by\nmultiple remote code execution vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote host is prior to\n9.0.1. It is, therefore, affected by multiple memory corruption issues\nin WebKit due to improper validation of user-supplied input. An\nunauthenticated, remote attacker can exploit these, via a crafted\nwebsite, to execute arbitrary code or possibly cause a denial of\nservice.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205377\");\n # http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5234a069\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari version 9.0.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7014\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.(9|10|11)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.9 / 10.10 / 10.11\");\n\ninstalled = get_kb_item_or_exit(\"MacOSX/Safari/Installed\", exit_code:0);\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"9.0.1\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:43:34", "description": "The version of Safari installed on the remote host is prior to 9.0.1, and is affected by multiple vulnerabilities in WebKit that are triggered as user-supplied input is not properly validated. With a specially crafted web page, a context-dependent attacker can potentially execute arbitrary code.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Safari < 9.0.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5928", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931", "CVE-2015-7002", "CVE-2015-7011", "CVE-2015-7012", "CVE-2015-7013", "CVE-2015-7014"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "9028.PRM", "href": "https://www.tenable.com/plugins/nnm/9028", "sourceData": "Binary data 9028.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:06:39", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\n - CVE-2014-1743 cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation.\n\n - CVE-2014-1744 Aaron Staple discovered an integer overflow issue in audio input handling.\n\n - CVE-2014-1745 Atte Kettunen discovered a use-after-free issue in the Blink/Webkit scalable vector graphics implementation. \n\n - CVE-2014-1746 Holger Fuhrmannek discovered an out-of-bounds read issue in the URL protocol implementation for handling media.\n\n - CVE-2014-1747 packagesu discovered a cross-site scripting issue involving malformed MHTML files.\n\n - CVE-2014-1748 Jordan Milne discovered a user interface spoofing issue.\n\n - CVE-2014-1749 The Google Chrome development team discovered and fixed multiple issues with potential security impact.\n\n - CVE-2014-3152 An integer underflow issue was discovered in the v8 JavaScript library.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-02T00:00:00", "type": "nessus", "title": "Debian DSA-2939-1 : chromium-browser - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1745", "CVE-2014-1746", "CVE-2014-1747", "CVE-2014-1748", "CVE-2014-1749", "CVE-2014-3152"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2939.NASL", "href": "https://www.tenable.com/plugins/nessus/74256", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2939. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74256);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3152\");\n script_bugtraq_id(67517);\n script_xref(name:\"DSA\", value:\"2939\");\n\n script_name(english:\"Debian DSA-2939-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in the chromium web browser.\n\n - CVE-2014-1743\n cloudfuzzer discovered a use-after-free issue in the\n Blink/Webkit document object model implementation.\n\n - CVE-2014-1744\n Aaron Staple discovered an integer overflow issue in\n audio input handling.\n\n - CVE-2014-1745\n Atte Kettunen discovered a use-after-free issue in the\n Blink/Webkit scalable vector graphics implementation. \n\n - CVE-2014-1746\n Holger Fuhrmannek discovered an out-of-bounds read issue\n in the URL protocol implementation for handling media.\n\n - CVE-2014-1747\n packagesu discovered a cross-site scripting issue\n involving malformed MHTML files.\n\n - CVE-2014-1748\n Jordan Milne discovered a user interface spoofing issue.\n\n - CVE-2014-1749\n The Google Chrome development team discovered and fixed\n multiple issues with potential security impact.\n\n - CVE-2014-3152\n An integer underflow issue was discovered in the v8\n JavaScript library.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1743\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1749\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2939\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 35.0.1916.114-1~deb7u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"chromium\", reference:\"35.0.1916.114-1~deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser\", reference:\"35.0.1916.114-1~deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-dbg\", reference:\"35.0.1916.114-1~deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-inspector\", reference:\"35.0.1916.114-1~deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-browser-l10n\", reference:\"35.0.1916.114-1~deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-dbg\", reference:\"35.0.1916.114-1~deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-inspector\", reference:\"35.0.1916.114-1~deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"chromium-l10n\", reference:\"35.0.1916.114-1~deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:03:56", "description": "Google Chrome Releases reports :\n\n23 security fixes in this release, including :\n\n- [356653] High CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer.\n\n- [359454] High CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple.\n\n- [346192] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.\n\n- [364065] Medium CVE-2014-1746: Out-of-bounds read in media filters.\nCredit to Holger Fuhrmannek.\n\n- [330663] Medium CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu.\n\n- [331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne.\n\n- [374649] CVE-2014-1749: Various fixes from internal audits, fuzzing and other initiatives.\n\n- [358057] CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-21T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (64f3872b-e05d-11e3-9dd4-00262d5ed8ee)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1745", "CVE-2014-1746", "CVE-2014-1747", "CVE-2014-1748", "CVE-2014-1749", "CVE-2014-3152"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_64F3872BE05D11E39DD400262D5ED8EE.NASL", "href": "https://www.tenable.com/plugins/nessus/74114", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2014 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74114);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3152\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (64f3872b-e05d-11e3-9dd4-00262d5ed8ee)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n23 security fixes in this release, including :\n\n- [356653] High CVE-2014-1743: Use-after-free in styles. Credit to\ncloudfuzzer.\n\n- [359454] High CVE-2014-1744: Integer overflow in audio. Credit to\nAaron Staple.\n\n- [346192] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte\nKettunen of OUSPG.\n\n- [364065] Medium CVE-2014-1746: Out-of-bounds read in media filters.\nCredit to Holger Fuhrmannek.\n\n- [330663] Medium CVE-2014-1747: UXSS with local MHTML file. Credit to\npackagesu.\n\n- [331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to\nJordan Milne.\n\n- [374649] CVE-2014-1749: Various fixes from internal audits, fuzzing\nand other initiatives.\n\n- [358057] CVE-2014-3152: Integer underflow in V8 fixed in version\n3.25.28.16.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://googlechromereleases.blogspot.nl/\"\n );\n # http://www.freebsd.org/ports/portaudit/64f3872b-e05d-11e3-9dd4-00262d5ed8ee.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9f712737\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<35.0.1916.114\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:03:52", "description": "The version of Google Chrome installed on the remote Mac OS X host is a version prior to 35.0.1916.114. It is, therefore, affected by the following vulnerabilities :\n\n - Use-after-free errors exist related to 'styles' and 'SVG' handling. (CVE-2014-1743, CVE-2014-1745)\n\n - An integer overflow error exists related to audio handling. (CVE-2014-1744)\n\n - An out-of-bounds read error exists related to media filters. (CVE-2014-1746)\n\n - A user-input validation error exists related to handling local MHTML files. (CVE-2014-1747)\n\n - An unspecified error exists related to the scrollbar that could allow UI spoofing. (CVE-2014-1748)\n\n - Various unspecified errors. (CVE-2014-1749)\n\n - An integer underflow error exists related to the V8 JavaScript engine. (CVE-2014-3152)\n\n - An error exists related to the 'Blink' 'SpeechInput' feature that could allow click-jacking and information disclosure. (CVE-2014-3803)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-21T00:00:00", "type": "nessus", "title": "Google Chrome < 35.0.1916.114 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1745", "CVE-2014-1746", "CVE-2014-1747", "CVE-2014-1748", "CVE-2014-1749", "CVE-2014-3152", "CVE-2014-3803"], "modified": "2019-11-26T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_35_0_1916_114.NASL", "href": "https://www.tenable.com/plugins/nessus/74123", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74123);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\n \"CVE-2014-1743\",\n \"CVE-2014-1744\",\n \"CVE-2014-1745\",\n \"CVE-2014-1746\",\n \"CVE-2014-1747\",\n \"CVE-2014-1748\",\n \"CVE-2014-1749\",\n \"CVE-2014-3152\",\n \"CVE-2014-3803\"\n );\n script_bugtraq_id(67517, 67582);\n\n script_name(english:\"Google Chrome < 35.0.1916.114 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\na version prior to 35.0.1916.114. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - Use-after-free errors exist related to 'styles' and\n 'SVG' handling. (CVE-2014-1743, CVE-2014-1745)\n\n - An integer overflow error exists related to audio\n handling. (CVE-2014-1744)\n\n - An out-of-bounds read error exists related to media\n filters. (CVE-2014-1746)\n\n - A user-input validation error exists related to\n handling local MHTML files. (CVE-2014-1747)\n\n - An unspecified error exists related to the scrollbar\n that could allow UI spoofing. (CVE-2014-1748)\n\n - Various unspecified errors. (CVE-2014-1749)\n\n - An integer underflow error exists related to the V8\n JavaScript engine. (CVE-2014-3152)\n\n - An error exists related to the 'Blink' 'SpeechInput'\n feature that could allow click-jacking and information\n disclosure. (CVE-2014-3803)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2da726ba\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 35.0.1916.114 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3152\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'35.0.1916.114', severity:SECURITY_HOLE, xss:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:03:53", "description": "The version of Google Chrome installed on the remote host is a version prior to 35.0.1916.114. It is, therefore, affected by the following vulnerabilities :\n\n - Use-after-free errors exist related to 'styles' and 'SVG' handling. (CVE-2014-1743, CVE-2014-1745)\n\n - An integer overflow error exists related to audio handling. (CVE-2014-1744)\n\n - An out-of-bounds read error exists related to media filters. (CVE-2014-1746)\n\n - A user-input validation error exists related to handling local MHTML files. (CVE-2014-1747)\n\n - An unspecified error exists related to the scrollbar that could allow UI spoofing. (CVE-2014-1748)\n\n - Various unspecified errors. (CVE-2014-1749)\n\n - An integer underflow error exists related to the V8 JavaScript engine. (CVE-2014-3152)\n\n - An error exists related to the 'Blick' 'SpeechInput' feature that could allow click-jacking and information disclosure. (CVE-2014-3803)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-21T00:00:00", "type": "nessus", "title": "Google Chrome < 35.0.1916.114 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1745", "CVE-2014-1746", "CVE-2014-1747", "CVE-2014-1748", "CVE-2014-1749", "CVE-2014-3152", "CVE-2014-3803"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_35_0_1916_114.NASL", "href": "https://www.tenable.com/plugins/nessus/74122", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74122);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2014-1743\",\n \"CVE-2014-1744\",\n \"CVE-2014-1745\",\n \"CVE-2014-1746\",\n \"CVE-2014-1747\",\n \"CVE-2014-1748\",\n \"CVE-2014-1749\",\n \"CVE-2014-3152\",\n \"CVE-2014-3803\"\n );\n script_bugtraq_id(67517, 67582);\n\n script_name(english:\"Google Chrome < 35.0.1916.114 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is a version\nprior to 35.0.1916.114. It is, therefore, affected by the following\nvulnerabilities :\n\n - Use-after-free errors exist related to 'styles' and\n 'SVG' handling. (CVE-2014-1743, CVE-2014-1745)\n\n - An integer overflow error exists related to audio\n handling. (CVE-2014-1744)\n\n - An out-of-bounds read error exists related to media\n filters. (CVE-2014-1746)\n\n - A user-input validation error exists related to\n handling local MHTML files. (CVE-2014-1747)\n\n - An unspecified error exists related to the scrollbar\n that could allow UI spoofing. (CVE-2014-1748)\n\n - Various unspecified errors. (CVE-2014-1749)\n\n - An integer underflow error exists related to the V8\n JavaScript engine. (CVE-2014-3152)\n\n - An error exists related to the 'Blick' 'SpeechInput'\n feature that could allow click-jacking and information\n disclosure. (CVE-2014-3803)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2da726ba\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 35.0.1916.114 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3152\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'35.0.1916.114', severity:SECURITY_HOLE, xss:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:05:55", "description": "The version of Opera installed on the remote host is prior to version 22. It is, therefore, reportedly affected by multiple vulnerabilities in the bundled version of Chromium :\n\n - Use-after-free errors exist related to 'styles' and 'SVG' handling. (CVE-2014-1743, CVE-2014-1745)\n\n - An integer overflow error exists related to audio handling. (CVE-2014-1744)\n\n - An out-of-bounds read error exists related to media filters. (CVE-2014-1746)\n\n - A user-input validation error exists related to handling local MHTML files that could allow for universal cross-site scripting (UXSS) attacks.\n (CVE-2014-1747)\n\n - An unspecified error exists related to the scrollbar that could allow UI spoofing. (CVE-2014-1748)\n\n - Various unspecified errors. (CVE-2014-1749)\n\n - An integer underflow error exists related to the V8 JavaScript engine that could allow a denial of service condition. (CVE-2014-3152)\n\n - An error exists related to the 'Blick' 'SpeechInput' feature that could allow click-jacking and information disclosure. (CVE-2014-3803)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-06T00:00:00", "type": "nessus", "title": "Opera < 22 Multiple Chromium Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1745", "CVE-2014-1746", "CVE-2014-1747", "CVE-2014-1748", "CVE-2014-1749", "CVE-2014-3152", "CVE-2014-3803"], "modified": "2019-11-26T00:00:00", "cpe": ["cpe:/a:opera:opera_browser"], "id": "OPERA_2200.NASL", "href": "https://www.tenable.com/plugins/nessus/74362", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74362);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\n \"CVE-2014-1743\",\n \"CVE-2014-1744\",\n \"CVE-2014-1745\",\n \"CVE-2014-1746\",\n \"CVE-2014-1747\",\n \"CVE-2014-1748\",\n \"CVE-2014-1749\",\n \"CVE-2014-3152\",\n \"CVE-2014-3803\"\n );\n script_bugtraq_id(67237, 67517, 67582);\n\n script_name(english:\"Opera < 22 Multiple Chromium Vulnerabilities\");\n script_summary(english:\"Checks version number of Opera.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Opera installed on the remote host is prior to version\n22. It is, therefore, reportedly affected by multiple vulnerabilities\nin the bundled version of Chromium :\n\n - Use-after-free errors exist related to 'styles' and\n 'SVG' handling. (CVE-2014-1743, CVE-2014-1745)\n\n - An integer overflow error exists related to audio\n handling. (CVE-2014-1744)\n\n - An out-of-bounds read error exists related to media\n filters. (CVE-2014-1746)\n\n - A user-input validation error exists related to\n handling local MHTML files that could allow\n for universal cross-site scripting (UXSS) attacks.\n (CVE-2014-1747)\n\n - An unspecified error exists related to the scrollbar\n that could allow UI spoofing. (CVE-2014-1748)\n\n - Various unspecified errors. (CVE-2014-1749)\n\n - An integer underflow error exists related to the V8\n JavaScript engine that could allow a denial of service\n condition. (CVE-2014-3152)\n\n - An error exists related to the 'Blick' 'SpeechInput'\n feature that could allow click-jacking and information\n disclosure. (CVE-2014-3803)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blogs.opera.com/desktop/changelog22/\");\n # http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2da726ba\");\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20170922104144/http://www.opera.com:80/docs/changelogs/unified/2200/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Opera 22 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3152\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:opera:opera_browser\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"opera_installed.nasl\");\n script_require_keys(\"SMB/Opera/Version\", \"SMB/Opera/Path\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"SMB/Opera/Version\");\npath = get_kb_item_or_exit(\"SMB/Opera/Path\");\n\nversion_ui = get_kb_item(\"SMB/Opera/Version_UI\");\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui;\n\nif (get_kb_item(\"SMB/Opera/supported_classic_branch\")) audit(AUDIT_INST_PATH_NOT_VULN, \"Opera\", version_report, path);\n\nfixed_version = \"22.0.1471.50\";\n\n# Check if we need to display full version info in case of Alpha/Beta/RC\nmajor_minor = eregmatch(string:version, pattern:\"^([0-9]+\\.[0-9]+)\");\nif (major_minor[1] == \"22.0\")\n{\n fixed_version_report = fixed_version;\n version_report = version;\n}\nelse fixed_version_report = \"22.0\";\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version_report +\n '\\n Fixed version : ' + fixed_version_report +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Opera\", version_report, path);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:16", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.3.1. It is, therefore, affected by multiple vulnerabilities due to memory corruption issues in the WebKit and CoreText components. An attacker can exploit these to cause a denial of service or execute arbitrary code.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2015-10-26T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.3.1 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5928", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931", "CVE-2015-6975", "CVE-2015-6992", "CVE-2015-7002", "CVE-2015-7011", "CVE-2015-7012", "CVE-2015-7013", "CVE-2015-7014", "CVE-2015-7017"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_3_1.NASL", "href": "https://www.tenable.com/plugins/nessus/86602", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86602);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-5928\",\n \"CVE-2015-5929\",\n \"CVE-2015-5930\",\n \"CVE-2015-5931\",\n \"CVE-2015-6975\",\n \"CVE-2015-6992\",\n \"CVE-2015-7002\",\n \"CVE-2015-7011\",\n \"CVE-2015-7012\",\n \"CVE-2015-7013\",\n \"CVE-2015-7014\",\n \"CVE-2015-7017\"\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-10-21-5\");\n\n script_name(english:\"Apple iTunes < 12.3.1 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.3.1. It is, therefore, affected by multiple\nvulnerabilities due to memory corruption issues in the WebKit and\nCoreText components. An attacker can exploit these to cause a denial\nof service or execute arbitrary code.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205372\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.3.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7017\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_id = 'iTunes Version';\ninstall = get_single_install(app_name:app_id, exit_if_unknown_ver:TRUE);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nfixed_version = \"12.3.1.23\";\nif (ver_compare(ver:version, fix:fixed_version) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:17", "description": "The version of Apple iTunes running on the remote host is prior to 12.3.1. It is, therefore, affected by multiple vulnerabilities due to memory corruption issues in the WebKit and CoreText components. An attacker can exploit these to cause a denial of service or execute arbitrary code.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2015-10-26T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.3.1 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5928", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931", "CVE-2015-6975", "CVE-2015-6992", "CVE-2015-7002", "CVE-2015-7011", "CVE-2015-7012", "CVE-2015-7013", "CVE-2015-7014", "CVE-2015-7017"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_3_1_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/86603", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86603);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-5928\",\n \"CVE-2015-5929\",\n \"CVE-2015-5930\",\n \"CVE-2015-5931\",\n \"CVE-2015-6975\",\n \"CVE-2015-6992\",\n \"CVE-2015-7002\",\n \"CVE-2015-7011\",\n \"CVE-2015-7012\",\n \"CVE-2015-7013\",\n \"CVE-2015-7014\",\n \"CVE-2015-7017\"\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-10-21-5\");\n\n script_name(english:\"Apple iTunes < 12.3.1 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote host is prior to\n12.3.1. It is, therefore, affected by multiple vulnerabilities due to\nmemory corruption issues in the WebKit and CoreText components. An\nattacker can exploit these to cause a denial of service or execute\narbitrary code.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205372\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.3.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7017\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"12.3.1.23\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:03:44", "description": "The version of Google Chrome installed on the remote host is a version prior to 35.0.1916.114 and is thus missing fixes for multiple vulnerabilities, some of which include:\n\n - Use-after-free vulnerabilities in styles and SVG that may be leveraged by a context-dependent attacker to dereference freed memory and execute arbitrary code (CVE-2014-1743, CVE-2014-1746)\n\n - Integer overflow vulnerability due to improper audio file validation, which may be leveraged by an attacker to cause a buffer overflow resulting in arbitrary code execution (CVE-2014-1744)\n\n - An out-of-bounds read issue when handling media filters, which can be leveraged to cause a crash and/or potentially disclose memory contents (CVE-2014-1746)\n\n - A universal cross-site scripting attack due to insufficient validation when handling local MHTML files (CVE-2014-1747)\n\n - A UI spoofing flaw which can be leveraged by a context-dependent attacker to paint a scroll corner larger than the iframe it is attached to, potentially allowing for clickjacking attacks (CVE-2014-1748)\n\n - An update to Google V8 engine, which in version 3.25.28.16 fixes an integer underflow vulnerability that could otherwise be leveraged for arbitrary code execution (CVE-2014-3152)\n\n - A vulnerability in Blink's 'SpeechInput' speech recongition feature, which may be exploited for information disclosure in conjunction with clickjacking; the feature has since been disabled (CVE-2014-3803)\n\n - Other miscellaneous vulnerabilities undisclosed by the vendor (CVE-2014-1749)", "cvss3": {"score": null, "vector": null}, "published": "2014-05-22T00:00:00", "type": "nessus", "title": "Google Chrome < 35.0.1916.114 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1745", "CVE-2014-1746", "CVE-2014-1747", "CVE-2014-1748", "CVE-2014-1749", "CVE-2014-1752", "CVE-2014-3152", "CVE-2014-3803"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "8263.PASL", "href": "https://www.tenable.com/plugins/nnm/8263", "sourceData": "Binary data 8263.pasl", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-16T14:06:41", "description": "chromium was updated to version 35.0.1916.114 to fix various security issues. Security fixes :\n\n - CVE-2014-1743: Use-after-free in styles\n\n - CVE-2014-1744: Integer overflow in audio\n\n - CVE-2014-1745: Use-after-free in SVG\n\n - CVE-2014-1746: Out-of-bounds read in media filters\n\n - CVE-2014-1747: UXSS with local MHTML file\n\n - CVE-2014-1748: UI spoofing with scrollbar\n\n - CVE-2014-1749: Various fixes from internal audits, fuzzing and other initiatives\n\n - CVE-2014-3152: Integer underflow in V8 fixed\n\n - CVE-2014-1740: Use-after-free in WebSockets\n\n - CVE-2014-1741: Integer overflow in DOM range\n\n - CVE-2014-1742: Use-after-free in editing and 17 more for which no detailed information is given.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-SU-2014:0783-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1740", "CVE-2014-1741", "CVE-2014-1742", "CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1745", "CVE-2014-1746", "CVE-2014-1747", "CVE-2014-1748", "CVE-2014-1749", "CVE-2014-3152"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromium-desktop-gnome", "p-cpe:/a:novell:opensuse:chromium-desktop-kde", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo", "p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo", "p-cpe:/a:novell:opensuse:chromium-suid-helper", "p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo", "p-cpe:/a:novell:opensuse:ninja", "p-cpe:/a:novell:opensuse:ninja-debuginfo", "p-cpe:/a:novell:opensuse:ninja-debugsource", "cpe:/o:novell:opensuse:12.3", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-420.NASL", "href": "https://www.tenable.com/plugins/nessus/75387", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-420.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75387);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-1740\", \"CVE-2014-1741\", \"CVE-2014-1742\", \"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3152\");\n script_bugtraq_id(67374, 67375, 67376, 67517, 71464);\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-SU-2014:0783-1)\");\n script_summary(english:\"Check for the openSUSE-2014-420 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"chromium was updated to version 35.0.1916.114 to fix various security\nissues. Security fixes :\n\n - CVE-2014-1743: Use-after-free in styles\n\n - CVE-2014-1744: Integer overflow in audio\n\n - CVE-2014-1745: Use-after-free in SVG\n\n - CVE-2014-1746: Out-of-bounds read in media filters\n\n - CVE-2014-1747: UXSS with local MHTML file\n\n - CVE-2014-1748: UI spoofing with scrollbar\n\n - CVE-2014-1749: Various fixes from internal audits,\n fuzzing and other initiatives\n\n - CVE-2014-3152: Integer underflow in V8 fixed\n\n - CVE-2014-1740: Use-after-free in WebSockets\n\n - CVE-2014-1741: Integer overflow in DOM range\n\n - CVE-2014-1742: Use-after-free in editing and 17 more for\n which no detailed information is given.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-desktop-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-ffmpegsumo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-suid-helper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ninja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ninja-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ninja-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromedriver-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromedriver-debuginfo-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-debuginfo-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-debugsource-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-desktop-gnome-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-desktop-kde-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-ffmpegsumo-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-ffmpegsumo-debuginfo-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-suid-helper-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"chromium-suid-helper-debuginfo-35.0.1916.114-1.45.4\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ninja-3.0+git.20130603.0f53fd3-2.6.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ninja-debuginfo-3.0+git.20130603.0f53fd3-2.6.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ninja-debugsource-3.0+git.20130603.0f53fd3-2.6.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromedriver-debuginfo-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debuginfo-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-debugsource-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-gnome-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-desktop-kde-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-ffmpegsumo-debuginfo-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-35.0.1916.114-37.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"chromium-suid-helper-debuginfo-35.0.1916.114-37.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:13:13", "description": "The version of Apple Safari installed on the remote Mac OS X host is a version prior to 6.2.2 / 7.1.2 / 8.0.2. It is, therefore, affected by the following vulnerabilities in WebKit :\n\n - An SVG loaded in an IMG element could load a CSS file cross-origin. This can allow data exfiltration.\n (CVE-2014-4465)\n\n - A UI spoofing flaw exists in the handling of scrollbar boundaries. Visiting websites that frame malicious content can allow the UI to be spoofed. (CVE-2014-1748)\n\n - Multiple memory corruption issues exist that can lead to an unexpected application crash or potential arbitrary code execution by means of malicious website content.\n (CVE-2014-4452, CVE-2014-4459, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475)\n\nNote that the 6.2.2 / 7.1.2 / 8.0.2 Safari updates include the security content of the 6.2.1 / 7.1.1 / 8.0.1 updates. These more recent updates, however, were released to fix potential issues with the installation of the previous patch release.", "cvss3": {"score": null, "vector": null}, "published": "2014-12-16T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2014-4452", "CVE-2014-4459", "CVE-2014-4465", "CVE-2014-4466", "CVE-2014-4468", "CVE-2014-4469", "CVE-2014-4470", "CVE-2014-4471", "CVE-2014-4472", "CVE-2014-4473", "CVE-2014-4474", "CVE-2014-4475"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI8_0_2.NASL", "href": "https://www.tenable.com/plugins/nessus/80055", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80055);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-1748\",\n \"CVE-2014-4465\",\n \"CVE-2014-4466\",\n \"CVE-2014-4468\",\n \"CVE-2014-4469\",\n \"CVE-2014-4470\",\n \"CVE-2014-4471\",\n \"CVE-2014-4472\",\n \"CVE-2014-4473\",\n \"CVE-2014-4474\",\n \"CVE-2014-4475\"\n );\n script_bugtraq_id(\n 71438,\n 71439,\n 71442,\n 71444,\n 71445,\n 71449,\n 71451,\n 71459,\n 71461,\n 71462,\n 71464\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-12-3-1\");\n\n script_name(english:\"Mac OS X : Apple Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is a\nversion prior to 6.2.2 / 7.1.2 / 8.0.2. It is, therefore, affected by\nthe following vulnerabilities in WebKit :\n\n - An SVG loaded in an IMG element could load a CSS file\n cross-origin. This can allow data exfiltration.\n (CVE-2014-4465)\n\n - A UI spoofing flaw exists in the handling of scrollbar\n boundaries. Visiting websites that frame malicious\n content can allow the UI to be spoofed. (CVE-2014-1748)\n\n - Multiple memory corruption issues exist that can lead to\n an unexpected application crash or potential arbitrary\n code execution by means of malicious website content.\n (CVE-2014-4452, CVE-2014-4459, CVE-2014-4466,\n CVE-2014-4468, CVE-2014-4469, CVE-2014-4470,\n CVE-2014-4471, CVE-2014-4472, CVE-2014-4473,\n CVE-2014-4474, CVE-2014-4475)\n\nNote that the 6.2.2 / 7.1.2 / 8.0.2 Safari updates include the\nsecurity content of the 6.2.1 / 7.1.1 / 8.0.1 updates. These more\nrecent updates, however, were released to fix potential issues with\nthe installation of the previous patch release.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/en-us/HT1222\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/534148\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/en-us/HT6597\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari 6.2.2 / 7.1.2 / 8.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-4466\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.([89]|10)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.8 / 10.9 / 10.10\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\n# Even though the fixes that the recent\n# patches replace are no longer availabe,\n# the older versions are checked to avoid\n# FPs in the event that the initial fix\n# is present\nif (\"10.8\" >< os)\n{\n cutoff = \"6.2.1\";\n fixed_version = \"6.2.2\";\n}\nelse if (\"10.9\" >< os)\n{\n cutoff = \"7.1.1\";\n fixed_version = \"7.1.2\";\n}\nelse\n{\n cutoff= \"8.0.1\";\n fixed_version = \"8.0.2\";\n}\n\nif (ver_compare(ver:version, fix:cutoff, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:50:21", "description": "The version of Safari installed on the remote Mac OS X host is a version prior to 6.2.2 / 7.1.2 / 8.0.2. It is, therefore, affected by the following vulnerabilities in WebKit :\n\n - A UI spoofing flaw exists in the handling of scrollbar boundaries. Visiting websites that frame malicious content can allow the UI to be spoofed. (CVE-2014-1748)\n - An SVG loaded in an IMG element could load a CSS file cross-origin. This can allow data exfiltration. (CVE-2014-4465)\n\n - Multiple memory corruption errors exist in WebKit that could potentially be leveraged for arbitrary code execution. (CVE-2014-4452, CVE-2014-4459, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475)\n\nNote that the 6.2.2 / 7.1.2 / 8.0.2 Safari updates include the security content of the 6.2.1 / 7.1.1 / 8.0.1 updates. These more recent updates, however, were released to fix potential issues with the installation of the previous patch release.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2015-01-27T00:00:00", "type": "nessus", "title": "Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1748", "CVE-2014-4452", "CVE-2014-4459", "CVE-2014-4465", "CVE-2014-4466", "CVE-2014-4468", "CVE-2014-4469", "CVE-2014-4470", "CVE-2014-4471", "CVE-2014-4472", "CVE-2014-4473", "CVE-2014-4474", "CVE-2014-4475"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8590.PRM", "href": "https://www.tenable.com/plugins/nnm/8590", "sourceData": "Binary data 8590.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:06", "description": "The remote host is running a version of iOS that is prior to version 9.0 and the following components contain vulnerabilities :\n\n - Apple Pay \n - AppleKeyStore \n - Application Store \n - Audio \n - Certificate Trust Policy \n - CFNetwork \n - CFNetwork Cookies \n - CFNetwork FTPProtocol \n - CFNetwork Proxies \n - CFNetwork SSL \n - CoreAnimation \n - CoreCrypto \n - CoreText \n - Data Detectors Engine \n - Dev Tools \n - Disk Images \n - dyld \n - Game Center \n - ICU \n - IOAcceleratorFamily \n - IOHIDFamily \n - IOKit \n - IOMobileFrameBuffer \n - IOStorageFamily \n - iTunes Store \n - JavaScriptCore \n - Kernel \n - libc \n - libpthread \n - Mail \n - Multipeer Connectivity \n - NetworkExtension \n - OpenSSL \n - PluginKit \n - removefile \n - Safari \n - Safari Safe Browsing \n - Security \n - Siri \n - SpringBoard \n - SQLite \n - tidy \n - WebKit \n - WebKit Canvas \n - WebKit Page Loading", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-10-15T00:00:00", "type": "nessus", "title": "Apple iOS < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8146", "CVE-2014-8147", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-5748", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5827", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5821", "CVE-2015-5820", "CVE-2015-5906", "CVE-2015-5907", "CVE-2015-5826", "CVE-2015-5825", "CVE-2015-5921", "CVE-2015-5916", "CVE-2015-5850", "CVE-2015-5856", "CVE-2015-5862", "CVE-2015-5898", "CVE-2015-5885", "CVE-2015-3801", "CVE-2015-5912", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5841", "CVE-2015-5824", "CVE-2015-5880", "CVE-2015-5829", "CVE-2015-5876", "CVE-2015-5839", "CVE-2015-5847", "CVE-2015-5855", "CVE-2015-5834", "CVE-2015-5848", "CVE-2015-5867", "CVE-2015-5844", "CVE-2015-5845", "CVE-2015-5846", "CVE-2015-5843", "CVE-2015-5863", "CVE-2015-5832", "CVE-2015-5816", "CVE-2015-5823", "CVE-2015-5868", "CVE-2015-5896", "CVE-2015-5903", "CVE-2015-5882", "CVE-2015-5879", "CVE-2015-5869", "CVE-2015-5842", "CVE-2015-5899", "CVE-2015-5857", "CVE-2015-5851", "CVE-2015-5831", "CVE-2015-5837", "CVE-2015-5840", "CVE-2015-5904", "CVE-2015-5905", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5835", "CVE-2015-5892", "CVE-2015-5861", "CVE-2015-5838", "CVE-2015-1129", "CVE-2015-5874", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5803", "CVE-2015-5802", "CVE-2015-5800", "CVE-2015-5799", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5814", "CVE-2015-5813", "CVE-2013-3951", "CVE-2015-5922", "CVE-2014-8611"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "8979.PRM", "href": "https://www.tenable.com/plugins/nnm/8979", "sourceData": "Binary data 8979.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-21T17:18:13", "description": "The mobile device is running a version of iOS prior to version 9.0. It is, therefore, affected by vulnerabilities in the following components :\n\n - Apple Pay\n - AppleKeyStore\n - Application Store\n - Audio\n - Certificate Trust Policy\n - CFNetwork\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CommonCrypto \n - CoreAnimation\n - CoreCrypto\n - CoreText\n - Data Detectors Engine\n - Dev Tools\n - Disk Images\n - dyld\n - Game Center\n - ICU\n - IOAcceleratorFamily\n - IOHIDFamily\n - IOKit\n - IOMobileFrameBuffer\n - IOStorageFamily\n - iTunes Store\n - JavaScriptCore\n - Kernel\n - libc\n - libpthread\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - OpenSSL\n - PluginKit\n - removefile\n - Safari\n - Safari Safe Browsing\n - Security\n - Siri\n - SpringBoard\n - SQLite\n - tidy\n - WebKit\n - WebKit Canvas\n - WebKit Page Loading", "cvss3": {"score": null, "vector": null}, "published": "2015-09-17T00:00:00", "type": "nessus", "title": "Apple iOS < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3951", "CVE-2014-8146", "CVE-2014-8611", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1129", "CVE-2015-1205", "CVE-2015-3801", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5748", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5824", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5829", "CVE-2015-5831", "CVE-2015-5832", "CVE-2015-5834", "CVE-2015-5835", "CVE-2015-5837", "CVE-2015-5838", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5843", "CVE-2015-5844", "CVE-2015-5845", "CVE-2015-5846", "CVE-2015-5847", "CVE-2015-5848", "CVE-2015-5850", "CVE-2015-5851", "CVE-2015-5855", "CVE-2015-5856", "CVE-2015-5857", "CVE-2015-5858", "CVE-2015-5859", "CVE-2015-5860", "CVE-2015-5861", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5874", "CVE-2015-5876", "CVE-2015-5879", "CVE-2015-5880", "CVE-2015-5882", "CVE-2015-5885", "CVE-2015-5892", "CVE-2015-5895", "CVE-2015-5896", "CVE-2015-5898", "CVE-2015-5899", "CVE-2015-5903", "CVE-2015-5904", "CVE-2015-5905", "CVE-2015-5906", "CVE-2015-5907", "CVE-2015-5912", "CVE-2015-5916", "CVE-2015-5921"], "modified": "2022-07-19T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_90_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/85987", "sourceData": "Binary data apple_ios_90_check.nbin", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:52:07", "description": "The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.5. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - apache\n - apache_mod_php\n - Apple ID OD Plug-in\n - AppleGraphicsControl\n - Bluetooth\n - bootp\n - CloudKit\n - CoreMedia Playback\n - CoreText\n - curl\n - Data Detectors Engine\n - Date & Time pref pane\n - Dictionary Application\n - DiskImages\n - dyld\n - FontParser\n - groff\n - ImageIO\n - Install Framework Legacy\n - IOFireWireFamily\n - IOGraphics\n - IOHIDFamily\n - Kernel\n - Libc\n - Libinfo\n - libpthread\n - libxml2\n - libxpc\n - mail_cmds\n - Notification Center OSX\n - ntfs\n - OpenSSH\n - OpenSSL\n - perl\n - PostgreSQL\n - python\n - QL Office\n - Quartz Composer Framework\n - Quick Look\n - QuickTime 7\n - SceneKit\n - Security\n - SMBClient\n - Speech UI\n - sudo\n - tcpdump\n - Text Formats\n - udf \n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": null, "vector": null}, "published": "2015-08-17T00:00:00", "type": "nessus", "title": "Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5044", "CVE-2009-5078", "CVE-2012-6685", "CVE-2013-1775", "CVE-2013-1776", "CVE-2013-2776", "CVE-2013-2777", "CVE-2013-7040", "CVE-2013-7338", "CVE-2013-7422", "CVE-2014-0067", "CVE-2014-0106", "CVE-2014-0191", "CVE-2014-1912", "CVE-2014-3581", "CVE-2014-3583", "CVE-2014-3613", "CVE-2014-3620", "CVE-2014-3660", "CVE-2014-3707", "CVE-2014-7185", "CVE-2014-7844", "CVE-2014-8109", "CVE-2014-8150", "CVE-2014-8151", "CVE-2014-8161", "CVE-2014-8767", "CVE-2014-8769", "CVE-2014-9140", "CVE-2014-9365", "CVE-2014-9680", "CVE-2015-0228", "CVE-2015-0241", "CVE-2015-0242", "CVE-2015-0243", "CVE-2015-0244", "CVE-2015-0253", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3143", "CVE-2015-3144", "CVE-2015-3145", "CVE-2015-3148", "CVE-2015-3153", "CVE-2015-3183", "CVE-2015-3185", "CVE-2015-3307", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-3729", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3752", "CVE-2015-3753", "CVE-2015-3754", "CVE-2015-3755", "CVE-2015-3757", "CVE-2015-3760", "CVE-2015-3761", "CVE-2015-3762", "CVE-2015-3764", "CVE-2015-3765", "CVE-2015-3766", "CVE-2015-3767", "CVE-2015-3768", "CVE-2015-3769", "CVE-2015-3770", "CVE-2015-3771", "CVE-2015-3772", "CVE-2015-3773", "CVE-2015-3774", "CVE-2015-3775", "CVE-2015-3776", "CVE-2015-3777", "CVE-2015-3778", "CVE-2015-3779", "CVE-2015-3780", "CVE-2015-3781", "CVE-2015-3782", "CVE-2015-3783", "CVE-2015-3784", "CVE-2015-3786", "CVE-2015-3787", "CVE-2015-3788", "CVE-2015-3789", "CVE-2015-3790", "CVE-2015-3791", "CVE-2015-3792", "CVE-2015-3794", "CVE-2015-3795", "CVE-2015-3796", "CVE-2015-3797", "CVE-2015-3798", "CVE-2015-3799", "CVE-2015-3800", "CVE-2015-3802", "CVE-2015-3803", "CVE-2015-3804", "CVE-2015-3805", "CVE-2015-3806", "CVE-2015-3807", "CVE-2015-4021", "CVE-2015-4022", "CVE-2015-4024", "CVE-2015-4025", "CVE-2015-4026", "CVE-2015-4147", "CVE-2015-4148", "CVE-2015-5600", "CVE-2015-5747", "CVE-2015-5748", "CVE-2015-5750", "CVE-2015-5751", "CVE-2015-5753", "CVE-2015-5754", "CVE-2015-5755", "CVE-2015-5756", "CVE-2015-5757", "CVE-2015-5758", "CVE-2015-5761", "CVE-2015-5763", "CVE-2015-5768", "CVE-2015-5771", "CVE-2015-5772", "CVE-2015-5773", "CVE-2015-5774", "CVE-2015-5775", "CVE-2015-5776", "CVE-2015-5777", "CVE-2015-5778", "CVE-2015-5779", "CVE-2015-5781", "CVE-2015-5782", "CVE-2015-5783", "CVE-2015-5784"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_10_5.NASL", "href": "https://www.tenable.com/plugins/nessus/85408", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85408);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/16 12:48:31\");\n\n script_cve_id(\n \"CVE-2009-5044\",\n \"CVE-2009-5078\",\n \"CVE-2012-6685\",\n \"CVE-2013-1775\",\n \"CVE-2013-1776\",\n \"CVE-2013-2776\",\n \"CVE-2013-2777\",\n \"CVE-2013-7040\",\n \"CVE-2013-7338\",\n \"CVE-2013-7422\",\n \"CVE-2014-0067\",\n \"CVE-2014-0106\",\n \"CVE-2014-0191\",\n \"CVE-2014-1912\",\n \"CVE-2014-3581\",\n \"CVE-2014-3583\",\n \"CVE-2014-3613\",\n \"CVE-2014-3620\",\n \"CVE-2014-3660\",\n \"CVE-2014-3707\",\n \"CVE-2014-7185\",\n \"CVE-2014-7844\",\n \"CVE-2014-8109\",\n \"CVE-2014-8150\",\n \"CVE-2014-8151\",\n \"CVE-2014-8161\",\n \"CVE-2014-8767\",\n \"CVE-2014-8769\",\n \"CVE-2014-9140\",\n \"CVE-2014-9365\",\n \"CVE-2014-9680\",\n \"CVE-2015-0228\",\n \"CVE-2015-0241\",\n \"CVE-2015-0242\",\n \"CVE-2015-0243\",\n \"CVE-2015-0244\",\n \"CVE-2015-0253\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-2783\",\n \"CVE-2015-2787\",\n \"CVE-2015-3143\",\n \"CVE-2015-3144\",\n \"CVE-2015-3145\",\n \"CVE-2015-3148\",\n \"CVE-2015-3153\",\n \"CVE-2015-3183\",\n \"CVE-2015-3185\",\n \"CVE-2015-3307\",\n \"CVE-2015-3329\",\n \"CVE-2015-3330\",\n \"CVE-2015-3729\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3732\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-3750\",\n \"CVE-2015-3751\",\n \"CVE-2015-3752\",\n \"CVE-2015-3753\",\n \"CVE-2015-3754\",\n \"CVE-2015-3755\",\n \"CVE-2015-3757\",\n \"CVE-2015-3760\",\n \"CVE-2015-3761\",\n \"CVE-2015-3762\",\n \"CVE-2015-3764\",\n \"CVE-2015-3765\",\n \"CVE-2015-3766\",\n \"CVE-2015-3767\",\n \"CVE-2015-3768\",\n \"CVE-2015-3769\",\n \"CVE-2015-3770\",\n \"CVE-2015-3771\",\n \"CVE-2015-3772\",\n \"CVE-2015-3773\",\n \"CVE-2015-3774\",\n \"CVE-2015-3775\",\n \"CVE-2015-3776\",\n \"CVE-2015-3777\",\n \"CVE-2015-3778\",\n \"CVE-2015-3779\",\n \"CVE-2015-3780\",\n \"CVE-2015-3781\",\n \"CVE-2015-3782\",\n \"CVE-2015-3783\",\n \"CVE-2015-3784\",\n \"CVE-2015-3786\",\n \"CVE-2015-3787\",\n \"CVE-2015-3788\",\n \"CVE-2015-3789\",\n \"CVE-2015-3790\",\n \"CVE-2015-3791\",\n \"CVE-2015-3792\",\n \"CVE-2015-3794\",\n \"CVE-2015-3795\",\n \"CVE-2015-3796\",\n \"CVE-2015-3797\",\n \"CVE-2015-3798\",\n \"CVE-2015-3799\",\n \"CVE-2015-3800\",\n \"CVE-2015-3802\",\n \"CVE-2015-3803\",\n \"CVE-2015-3804\",\n \"CVE-2015-3805\",\n \"CVE-2015-3806\",\n \"CVE-2015-3807\",\n \"CVE-2015-4021\",\n \"CVE-2015-4022\",\n \"CVE-2015-4024\",\n \"CVE-2015-4025\",\n \"CVE-2015-4026\",\n \"CVE-2015-4147\",\n \"CVE-2015-4148\",\n \"CVE-2015-5600\",\n \"CVE-2015-5747\",\n \"CVE-2015-5748\",\n \"CVE-2015-5750\",\n \"CVE-2015-5751\",\n \"CVE-2015-5753\",\n \"CVE-2015-5754\",\n \"CVE-2015-5755\",\n \"CVE-2015-5756\",\n \"CVE-2015-5757\",\n \"CVE-2015-5758\",\n \"CVE-2015-5761\",\n \"CVE-2015-5763\",\n \"CVE-2015-5768\",\n \"CVE-2015-5771\",\n \"CVE-2015-5772\",\n \"CVE-2015-5773\",\n \"CVE-2015-5774\",\n \"CVE-2015-5775\",\n \"CVE-2015-5776\",\n \"CVE-2015-5777\",\n \"CVE-2015-5778\",\n \"CVE-2015-5779\",\n \"CVE-2015-5781\",\n \"CVE-2015-5782\",\n \"CVE-2015-5783\",\n \"CVE-2015-5784\"\n );\n script_bugtraq_id(\n 36381,\n 58203,\n 58207,\n 62741,\n 64194,\n 65179,\n 65379,\n 65721,\n 65997,\n 67233,\n 69742,\n 69748,\n 70089,\n 70644,\n 70988,\n 71150,\n 71153,\n 71468,\n 71639,\n 71656,\n 71657,\n 71701,\n 71964,\n 72538,\n 72540,\n 72542,\n 72543,\n 72649,\n 72981,\n 73040,\n 73041,\n 73357,\n 73431,\n 74174,\n 74204,\n 74239,\n 74240,\n 74299,\n 74300,\n 74301,\n 74303,\n 74408,\n 74700,\n 74703,\n 74902,\n 74903,\n 74904,\n 75056,\n 75103,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161,\n 75704,\n 75963,\n 75964,\n 75965,\n 75990,\n 76337,\n 76338,\n 76339,\n 76340,\n 76341,\n 76342,\n 76343,\n 76344\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-08-13-2\");\n\n script_name(english:\"Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.10.x that is prior\nto 10.10.5. It is, therefore, affected by multiple vulnerabilities in\nthe following components :\n\n - apache\n - apache_mod_php\n - Apple ID OD Plug-in\n - AppleGraphicsControl\n - Bluetooth\n - bootp\n - CloudKit\n - CoreMedia Playback\n - CoreText\n - curl\n - Data Detectors Engine\n - Date & Time pref pane\n - Dictionary Application\n - DiskImages\n - dyld\n - FontParser\n - groff\n - ImageIO\n - Install Framework Legacy\n - IOFireWireFamily\n - IOGraphics\n - IOHIDFamily\n - Kernel\n - Libc\n - Libinfo\n - libpthread\n - libxml2\n - libxpc\n - mail_cmds\n - Notification Center OSX\n - ntfs\n - OpenSSH\n - OpenSSL\n - perl\n - PostgreSQL\n - python\n - QL Office\n - Quartz Composer Framework\n - Quick Look\n - QuickTime 7\n - SceneKit\n - Security\n - SMBClient\n - Speech UI\n - sudo\n - tcpdump\n - Text Formats\n - udf \n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205031\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.10.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apple OS X DYLD_PRINT_TO_FILE Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nmatch = eregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(match)) exit(1, \"Failed to parse the Mac OS X version ('\" + os + \"').\");\n\nversion = match[1];\nif (!ereg(pattern:\"^10\\.10([^0-9]|$)\", string:version)) audit(AUDIT_OS_NOT, \"Mac OS X 10.10\", \"Mac OS X \"+version);\n\nfixed_version = \"10.10.5\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected since it is running Mac OS X \"+version+\".\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-16T14:07:57", "description": "A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1735, CVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in to the parent frame in some circumstances. An attacker could potentially exploit this to conduct clickjacking attacks via UI redress. (CVE-2014-1748)\n\nAn integer underflow was discovered in Blink. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3152)\n\nA use-after-free was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3154)\n\nA security issue was discovered in the SPDY implementation. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3155)\n\nA heap overflow was discovered in Chromium. If a use were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3157)\n\nIt was discovered that Blink did not enforce security rules for subresource loading in SVG images. If a user opened a site that embedded a specially crafted image, an attacker could exploit this to log page views. (CVE-2014-3160)\n\nIt was discovered that the SpeechInput feature in Blink could be activated without consent or any visible indication. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to eavesdrop on the user. (CVE-2014-3803).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-24T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : oxide-qt vulnerabilities (USN-2298-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1730", "CVE-2014-1731", "CVE-2014-1735", "CVE-2014-1740", "CVE-2014-1741", "CVE-2014-1742", "CVE-2014-1743", "CVE-2014-1744", "CVE-2014-1746", "CVE-2014-1748", "CVE-2014-3152", "CVE-2014-3154", "CVE-2014-3155", "CVE-2014-3157", "CVE-2014-3160", "CVE-2014-3162", "CVE-2014-3803"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0", "p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs", "p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2298-1.NASL", "href": "https://www.tenable.com/plugins/nessus/76756", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2298-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76756);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1735\", \"CVE-2014-1740\", \"CVE-2014-1741\", \"CVE-2014-1742\", \"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1746\", \"CVE-2014-1748\", \"CVE-2014-3152\", \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3157\", \"CVE-2014-3160\", \"CVE-2014-3162\", \"CVE-2014-3803\");\n script_bugtraq_id(67082, 67374, 67375, 67376, 67517, 67572, 67582, 67972, 67977, 67980, 68677);\n script_xref(name:\"USN\", value:\"2298-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : oxide-qt vulnerabilities (USN-2298-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A type confusion bug was discovered in V8. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash, or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via renderer\ncrash, or execute arbitrary code with the privileges of the sandboxed\nrender process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered\nin Chromium. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-1735,\nCVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets\nimplementation. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit these to cause\na denial of service via application crash or execute arbitrary code\nwith the privileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData\nimplementation. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit these to cause\na denial of service via renderer crash or execute arbitrary code with\nthe privileges of the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user\nwere tricked in to opening a specially crafted website, an attacker\ncould potentially exploit these to cause a denial of service via\nrenderer crash or execute arbitrary code with the privileges of the\nsandboxed render process. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash or execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were\ntricked in to opening a specially crafter website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash. (CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in\nto the parent frame in some circumstances. An attacker could\npotentially exploit this to conduct clickjacking attacks via UI\nredress. (CVE-2014-1748)\n\nAn integer underflow was discovered in Blink. If a user were tricked\nin to opening a specially crafter website, an attacker could\npotentially exploit this to cause a denial of service via renderer\ncrash or execute arbitrary code with the privileges of the sandboxed\nrender process. (CVE-2014-3152)\n\nA use-after-free was discovered in Chromium. If a use were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-3154)\n\nA security issue was discovered in the SPDY implementation. An\nattacker could potentially exploit this to cause a denial of service\nvia application crash or execute arbitrary code with the privileges of\nthe user invoking the program. (CVE-2014-3155)\n\nA heap overflow was discovered in Chromium. If a use were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash or\nexecute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-3157)\n\nIt was discovered that Blink did not enforce security rules for\nsubresource loading in SVG images. If a user opened a site that\nembedded a specially crafted image, an attacker could exploit this to\nlog page views. (CVE-2014-3160)\n\nIt was discovered that the SpeechInput feature in Blink could be\nactivated without consent or any visible indication. If a user were\ntricked in to opening a specially crafted website, an attacker could\nexploit this to eavesdrop on the user. (CVE-2014-3803).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2298-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected liboxideqtcore0, oxideqt-codecs and / or\noxideqt-codecs-extra packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liboxideqtcore0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:oxideqt-codecs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liboxideqtcore0\", pkgver:\"1.0.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs\", pkgver:\"1.0.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"oxideqt-codecs-extra\", pkgver:\"1.0.4-0ubuntu0.14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liboxideqtcore0 / oxideqt-codecs / oxideqt-codecs-extra\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-08-19T12:42:25", "description": "This update for webkit2gtk3 fixes the following issues :\n\n - Update to version 2.10.7 :\n\n + Fix the build with GTK+ < 3.16.\n\n - Changes from version 2.10.6 :\n\n + Fix a deadlock in the Web Process when JavaScript garbage collector was running for a web worker thread that made google maps to hang.\n\n + Fix media controls displaying without controls attribute.\n\n + Fix a Web Process crash when quickly attempting many DnD operations.\n\n - Changes from version 2.10.5 :\n\n + Disable DNS prefetch when a proxy is configured.\n\n + Reduce the maximum simultaneous network connections to match other browsers.\n\n + Make WebKitWebView always propagate motion-notify-event signal.\n\n + Add a way to force accelerating compositing mode at runtime using an environment variable.\n\n + Fix input elements and scrollbars rendering with GTK+ 3.19.\n\n + Fix rendering of lines when using solid colors.\n\n + Fix UI process crashes related to not having a main resource response when the load is committed for pages restored from the history cache.\n\n + Fix a WebProcess crash when loading large contents with custom URI schemes API.\n\n + Fix a crash in the UI process when the WebView is destroyed while the screensaver DBus proxy is being created.\n\n + Fix WebProcess crashes due to BadDrawable X errors in accelerated compositing mode.\n\n + Fix crashes on PPC64 due to mprotect() on address not aligned to the page size.\n\n + Fix std::bad_function_call exception raised in dispatchDecidePolicyForNavigationAction.\n\n + Fix downloads of data URLs.\n\n + Fix runtime critical warnings when closing a page containing windowed plugins.\n\n + Fix several crashes and rendering issues.\n\n + Translation updates: French, German, Italian, Turkish.\n\n + Security fixes: CVE-2015-7096, CVE-2015-7098.\n\n - Update to version 2.10.4, notable changes :\n\n + New HTTP disk cache for the Network Process.\n\n + New Web Inspector UI.\n\n + Automatic ScreenServer inhibition when playing fullscreen videos.\n\n + Initial Editor API.\n\n + Performance improvements.\n\n - This update addresses the following security issues:\n CVE-2015-1122, CVE-2015-1152, CVE-2015-1155, CVE-2015-3660, CVE-2015-3730, CVE-2015-3738, CVE-2015-3740, CVE-2015-3742, CVE-2015-3744, CVE-2015-3746, CVE-2015-3750, CVE-2015-3751, CVE-2015-3754, CVE-2015-3755, CVE-2015-5804, CVE-2015-5805, CVE-2015-5807, CVE-2015-5810, CVE-2015-5813, CVE-2015-5814, CVE-2015-5815, CVE-2015-5817, CVE-2015-5818, CVE-2015-5825, CVE-2015-5827, CVE-2015-5828, CVE-2015-5929, CVE-2015-5930, CVE-2015-5931, CVE-2015-7002, CVE-2015-7013, CVE-2015-7014, CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7102, CVE-2015-7103, CVE-2015-7104\n\n - Add BuildRequires: hyphen-devel to pick up hyphenation support. Note this is broken upstream.\n\n - Build with -DENABLE_DATABASE_PROCESS=OFF and\n\n -DENABLE_INDEXED_DATABASE=OFF to avoid an issue with GCC 4.8.", "cvss3": {"score": null, "vector": null}, "published": "2016-03-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : webkit2gtk3 (openSUSE-2016-340)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1122", "CVE-2015-1152", "CVE-2015-1155", "CVE-2015-3660", "CVE-2015-3730", "CVE-2015-3738", "CVE-2015-3740", "CVE-2015-3742", "CVE-2015-3744", "CVE-2015-3746", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3754", "CVE-2015-3755", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5807", "CVE-2015-5810", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5825", "CVE-2015-5827", "CVE-2015-5828", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931", "CVE-2015-7002", "CVE-2015-7013", "CVE-2015-7014", "CVE-2015-7048", "CVE-2015-7095", "CVE-2015-7096", "CVE-2015-7097", "CVE-2015-7098", "CVE-2015-7099", "CVE-2015-7100", "CVE-2015-7102", "CVE-2015-7103", "CVE-2015-7104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-340.NASL", "href": "https://www.tenable.com/plugins/nessus/89950", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-340.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89950);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-1122\", \"CVE-2015-1152\", \"CVE-2015-1155\", \"CVE-2015-3660\", \"CVE-2015-3730\", \"CVE-2015-3738\", \"CVE-2015-3740\", \"CVE-2015-3742\", \"CVE-2015-3744\", \"CVE-2015-3746\", \"CVE-2015-3750\", \"CVE-2015-3751\", \"CVE-2015-3754\", \"CVE-2015-3755\", \"CVE-2015-5804\", \"CVE-2015-5805\", \"CVE-2015-5807\", \"CVE-2015-5810\", \"CVE-2015-5813\", \"CVE-2015-5814\", \"CVE-2015-5815\", \"CVE-2015-5817\", \"CVE-2015-5818\", \"CVE-2015-5825\", \"CVE-2015-5827\", \"CVE-2015-5828\", \"CVE-2015-5929\", \"CVE-2015-5930\", \"CVE-2015-5931\", \"CVE-2015-7002\", \"CVE-2015-7013\", \"CVE-2015-7014\", \"CVE-2015-7048\", \"CVE-2015-7095\", \"CVE-2015-7096\", \"CVE-2015-7097\", \"CVE-2015-7098\", \"CVE-2015-7099\", \"CVE-2015-7100\", \"CVE-2015-7102\", \"CVE-2015-7103\", \"CVE-2015-7104\");\n\n script_name(english:\"openSUSE Security Update : webkit2gtk3 (openSUSE-2016-340)\");\n script_summary(english:\"Check for the openSUSE-2016-340 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for webkit2gtk3 fixes the following issues :\n\n - Update to version 2.10.7 :\n\n + Fix the build with GTK+ < 3.16.\n\n - Changes from version 2.10.6 :\n\n + Fix a deadlock in the Web Process when JavaScript\n garbage collector was running for a web worker thread\n that made google maps to hang.\n\n + Fix media controls displaying without controls\n attribute.\n\n + Fix a Web Process crash when quickly attempting many DnD\n operations.\n\n - Changes from version 2.10.5 :\n\n + Disable DNS prefetch when a proxy is configured.\n\n + Reduce the maximum simultaneous network connections to\n match other browsers.\n\n + Make WebKitWebView always propagate motion-notify-event\n signal.\n\n + Add a way to force accelerating compositing mode at\n runtime using an environment variable.\n\n + Fix input elements and scrollbars rendering with GTK+\n 3.19.\n\n + Fix rendering of lines when using solid colors.\n\n + Fix UI process crashes related to not having a main\n resource response when the load is committed for pages\n restored from the history cache.\n\n + Fix a WebProcess crash when loading large contents with\n custom URI schemes API.\n\n + Fix a crash in the UI process when the WebView is\n destroyed while the screensaver DBus proxy is being\n created.\n\n + Fix WebProcess crashes due to BadDrawable X errors in\n accelerated compositing mode.\n\n + Fix crashes on PPC64 due to mprotect() on address not\n aligned to the page size.\n\n + Fix std::bad_function_call exception raised in\n dispatchDecidePolicyForNavigationAction.\n\n + Fix downloads of data URLs.\n\n + Fix runtime critical warnings when closing a page\n containing windowed plugins.\n\n + Fix several crashes and rendering issues.\n\n + Translation updates: French, German, Italian, Turkish.\n\n + Security fixes: CVE-2015-7096, CVE-2015-7098.\n\n - Update to version 2.10.4, notable changes :\n\n + New HTTP disk cache for the Network Process.\n\n + New Web Inspector UI.\n\n + Automatic ScreenServer inhibition when playing\n fullscreen videos.\n\n + Initial Editor API.\n\n + Performance improvements.\n\n - This update addresses the following security issues:\n CVE-2015-1122, CVE-2015-1152, CVE-2015-1155,\n CVE-2015-3660, CVE-2015-3730, CVE-2015-3738,\n CVE-2015-3740, CVE-2015-3742, CVE-2015-3744,\n CVE-2015-3746, CVE-2015-3750, CVE-2015-3751,\n CVE-2015-3754, CVE-2015-3755, CVE-2015-5804,\n CVE-2015-5805, CVE-2015-5807, CVE-2015-5810,\n CVE-2015-5813, CVE-2015-5814, CVE-2015-5815,\n CVE-2015-5817, CVE-2015-5818, CVE-2015-5825,\n CVE-2015-5827, CVE-2015-5828, CVE-2015-5929,\n CVE-2015-5930, CVE-2015-5931, CVE-2015-7002,\n CVE-2015-7013, CVE-2015-7014, CVE-2015-7048,\n CVE-2015-7095, CVE-2015-7097, CVE-2015-7099,\n CVE-2015-7100, CVE-2015-7102, CVE-2015-7103,\n CVE-2015-7104\n\n - Add BuildRequires: hyphen-devel to pick up hyphenation\n support. Note this is broken upstream.\n\n - Build with -DENABLE_DATABASE_PROCESS=OFF and\n\n -DENABLE_INDEXED_DATABASE=OFF to avoid an issue with GCC\n 4.8.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkit2gtk3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libjavascriptcoregtk-4_0-18-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkit2gtk-4_0-37-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libwebkit2gtk3-lang-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"typelib-1_0-WebKit2-4_0-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit-jsc-4-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit-jsc-4-debuginfo-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit2gtk-4_0-injected-bundles-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit2gtk3-debugsource-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"webkit2gtk3-devel-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-32bit-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.10.7-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-debuginfo-32bit-2.10.7-7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:50:30", "description": "Update to 2.10.4. Major new features: * New HTTP disk cache for the Network Process. * IndexedDB support. * New Web Inspector UI. * Automatic ScreenServer inhibition when playing fullscreen videos. * Initial Editor API.\n\n - Performance improvements. This update addresses the following vulnerabilities: * CVE-2015-1122 * CVE-2015-1152 * CVE-2015-1155 * CVE-2015-3660 * CVE-2015-3730 * CVE-2015-3738 * CVE-2015-3740 * CVE-2015-3742 * CVE-2015-3744 * CVE-2015-3746 * CVE-2015-3750 * CVE-2015-3751 * CVE-2015-3754 * CVE-2015-3755 * CVE-2015-5804 * CVE-2015-5805 * CVE-2015-5807 * CVE-2015-5810 * CVE-2015-5813 * CVE-2015-5814 * CVE-2015-5815 * CVE-2015-5817 * CVE-2015-5818 * CVE-2015-5825 * CVE-2015-5827 * CVE-2015-5828 * CVE-2015-5929 * CVE-2015-5930 * CVE-2015-5931 * CVE-2015-7002 * CVE-2015-7013 * CVE-2015-7014 * CVE-2015-7048 * CVE-2015-7095 * CVE-2015-7097 * CVE-2015-7099 * CVE-2015-7100 * CVE-2015-7102 * CVE-2015-7103 * CVE-2015-7104 For further information on the new features, see the [Igalia blog post](http://blogs.igalia.com/carlosgc/2015/09/21/webkit gtk-2-10/). For information on the security vulnerabilities, refer to [WebKitGTK+ Security Advisory WSA-2015-0002](http://webkitgtk.org/security/WSA-2015-00 02.html).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : webkitgtk4-2.10.4-1.fc22 (2016-d132dbb529)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1122", "CVE-2015-1152", "CVE-2015-1155", "CVE-2015-3660", "CVE-2015-3730", "CVE-2015-3738", "CVE-2015-3740", "CVE-2015-3742", "CVE-2015-3744", "CVE-2015-3746", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3754", "CVE-2015-3755", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5807", "CVE-2015-5810", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5825", "CVE-2015-5827", "CVE-2015-5828", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931", "CVE-2015-7002", "CVE-2015-7013", "CVE-2015-7014", "CVE-2015-7048", "CVE-2015-7095", "CVE-2015-7097", "CVE-2015-7099", "CVE-2015-7100", "CVE-2015-7102", "CVE-2015-7103", "CVE-2015-7104"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkitgtk4", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-D132DBB529.NASL", "href": "https://www.tenable.com/plugins/nessus/89619", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-d132dbb529.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89619);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2016-d132dbb529\");\n\n script_name(english:\"Fedora 22 : webkitgtk4-2.10.4-1.fc22 (2016-d132dbb529)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.10.4. Major new features: * New HTTP disk cache for the\nNetwork Process. * IndexedDB support. * New Web Inspector UI. *\nAutomatic ScreenServer inhibition when playing fullscreen videos. *\nInitial Editor API.\n\n - Performance improvements. This update addresses the\n following vulnerabilities: * CVE-2015-1122 *\n CVE-2015-1152 * CVE-2015-1155 * CVE-2015-3660 *\n CVE-2015-3730 * CVE-2015-3738 * CVE-2015-3740 *\n CVE-2015-3742 * CVE-2015-3744 * CVE-2015-3746 *\n CVE-2015-3750 * CVE-2015-3751 * CVE-2015-3754 *\n CVE-2015-3755 * CVE-2015-5804 * CVE-2015-5805 *\n CVE-2015-5807 * CVE-2015-5810 * CVE-2015-5813 *\n CVE-2015-5814 * CVE-2015-5815 * CVE-2015-5817 *\n CVE-2015-5818 * CVE-2015-5825 * CVE-2015-5827 *\n CVE-2015-5828 * CVE-2015-5929 * CVE-2015-5930 *\n CVE-2015-5931 * CVE-2015-7002 * CVE-2015-7013 *\n CVE-2015-7014 * CVE-2015-7048 * CVE-2015-7095 *\n CVE-2015-7097 * CVE-2015-7099 * CVE-2015-7100 *\n CVE-2015-7102 * CVE-2015-7103 * CVE-2015-7104 For\n further information on the new features, see the [Igalia\n blog\n post](http://blogs.igalia.com/carlosgc/2015/09/21/webkit\n gtk-2-10/). For information on the security\n vulnerabilities, refer to [WebKitGTK+ Security Advisory\n WSA-2015-0002](http://webkitgtk.org/security/WSA-2015-00\n 02.html).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://blogs.igalia.com/carlosgc/2015/09/21/webkitgtk-2-10/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.igalia.com/carlosgc/2015/09/21/webkitgtk-2-10/\"\n );\n # http://webkitgtk.org/security/WSA-2015-0002.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2015-0002.html\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176536.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5712c42\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkitgtk4 package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"webkitgtk4-2.10.4-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk4\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-11T01:33:26", "description": "The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Address Book\n - AirScan\n - apache_mod_php\n - Apple Online Store Kit\n - AppleEvents\n - Audio\n - bash\n - Certificate Trust Policy\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork HTTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CoreCrypto\n - CoreText\n - Dev Tools\n - Disk Images\n - dyld\n - EFI\n - Finder\n - Game Center\n - Heimdal\n - ICU\n - Install Framework Legacy\n - Intel Graphics Driver\n - IOAudioFamily\n - IOGraphics\n - IOHIDFamily\n - IOStorageFamily\n - Kernel\n - libc\n - libpthread\n - libxpc\n - Login Window\n - lukemftpd\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - Notes\n - OpenSSH\n - OpenSSL\n - procmail\n - remote_cmds\n - removefile\n - Ruby\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - Security\n - SMB\n - SQLite\n - Telephony\n - Terminal\n - tidy\n - Time Machine\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-10-05T00:00:00", "type": "nessus", "title": "Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3951", "CVE-2014-2532", "CVE-2014-3618", "CVE-2014-6277", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-8080", "CVE-2014-8090", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-8611", "CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9705", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-1855", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3785", "CVE-2015-3801", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5780", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5824", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5828", "CVE-2015-5830", "CVE-2015-5831", "CVE-2015-5833", "CVE-2015-5836", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5847", "CVE-2015-5849", "CVE-2015-5851", "CVE-2015-5853", "CVE-2015-5854", "CVE-2015-5855", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5864", "CVE-2015-5865", "CVE-2015-5866", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5870", "CVE-2015-5871", "CVE-2015-5872", "CVE-2015-5873", "CVE-2015-5874", "CVE-2015-5875", "CVE-2015-5876", "CVE-2015-5877", "CVE-2015-5878", "CVE-2015-5879", "CVE-2015-5881", "CVE-2015-5882", "CVE-2015-5883", "CVE-2015-5884", "CVE-2015-5885", "CVE-2015-5887", "CVE-2015-5888", "CVE-2015-5889", "CVE-2015-5890", "CVE-2015-5891", "CVE-2015-5893", "CVE-2015-5894", "CVE-2015-5896", "CVE-2015-5897", "CVE-2015-5899", "CVE-2015-5900", "CVE-2015-5901", "CVE-2015-5902", "CVE-2015-5903", "CVE-2015-5912", "CVE-2015-5913", "CVE-2015-5914", "CVE-2015-5915", "CVE-2015-5917", "CVE-2015-5922", "CVE-2015-7760", "CVE-2015-7761"], "modified": "2019-06-20T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_11.NASL", "href": "https://www.tenable.com/plugins/nessus/86270", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86270);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/06/20 11:24:24\");\n\n script_cve_id(\n \"CVE-2013-3951\",\n \"CVE-2014-2532\",\n \"CVE-2014-3618\",\n \"CVE-2014-6277\",\n \"CVE-2014-7186\",\n \"CVE-2014-7187\",\n \"CVE-2014-8080\",\n \"CVE-2014-8090\",\n \"CVE-2014-8146\",\n \"CVE-2014-8147\",\n \"CVE-2014-8611\",\n \"CVE-2014-9425\",\n \"CVE-2014-9427\",\n \"CVE-2014-9652\",\n \"CVE-2014-9705\",\n \"CVE-2014-9709\",\n \"CVE-2015-0231\",\n \"CVE-2015-0232\",\n \"CVE-2015-0235\",\n \"CVE-2015-0273\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-1351\",\n \"CVE-2015-1352\",\n \"CVE-2015-1855\",\n \"CVE-2015-2301\",\n \"CVE-2015-2305\",\n \"CVE-2015-2331\",\n \"CVE-2015-2348\",\n \"CVE-2015-2783\",\n \"CVE-2015-2787\",\n \"CVE-2015-3329\",\n \"CVE-2015-3330\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3785\",\n \"CVE-2015-3801\",\n \"CVE-2015-5522\",\n \"CVE-2015-5523\",\n \"CVE-2015-5764\",\n \"CVE-2015-5765\",\n \"CVE-2015-5767\",\n \"CVE-2015-5780\",\n \"CVE-2015-5788\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5820\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5824\",\n \"CVE-2015-5825\",\n \"CVE-2015-5826\",\n \"CVE-2015-5827\",\n \"CVE-2015-5828\",\n \"CVE-2015-5830\",\n \"CVE-2015-5831\",\n \"CVE-2015-5833\",\n \"CVE-2015-5836\",\n \"CVE-2015-5839\",\n \"CVE-2015-5840\",\n \"CVE-2015-5841\",\n \"CVE-2015-5842\",\n \"CVE-2015-5847\",\n \"CVE-2015-5849\",\n \"CVE-2015-5851\",\n \"CVE-2015-5853\",\n \"CVE-2015-5854\",\n \"CVE-2015-5855\",\n \"CVE-2015-5858\",\n \"CVE-2015-5860\",\n \"CVE-2015-5862\",\n \"CVE-2015-5863\",\n \"CVE-2015-5864\",\n \"CVE-2015-5865\",\n \"CVE-2015-5866\",\n \"CVE-2015-5867\",\n \"CVE-2015-5868\",\n \"CVE-2015-5869\",\n \"CVE-2015-5870\",\n \"CVE-2015-5871\",\n \"CVE-2015-5872\",\n \"CVE-2015-5873\",\n \"CVE-2015-5874\",\n \"CVE-2015-5875\",\n \"CVE-2015-5876\",\n \"CVE-2015-5877\",\n \"CVE-2015-5878\",\n \"CVE-2015-5879\",\n \"CVE-2015-5881\",\n \"CVE-2015-5882\",\n \"CVE-2015-5883\",\n \"CVE-2015-5884\",\n \"CVE-2015-5885\",\n \"CVE-2015-5887\",\n \"CVE-2015-5888\",\n \"CVE-2015-5889\",\n \"CVE-2015-5890\",\n \"CVE-2015-5891\",\n \"CVE-2015-5893\",\n \"CVE-2015-5894\",\n \"CVE-2015-5896\",\n \"CVE-2015-5897\",\n \"CVE-2015-5899\",\n \"CVE-2015-5900\",\n \"CVE-2015-5901\",\n \"CVE-2015-5902\",\n \"CVE-2015-5903\",\n \"CVE-2015-5912\",\n \"CVE-2015-5913\",\n \"CVE-2015-5914\",\n \"CVE-2015-5915\",\n \"CVE-2015-5917\",\n \"CVE-2015-5922\",\n \"CVE-2015-7760\",\n \"CVE-2015-7761\"\n );\n script_bugtraq_id(\n 60440,\n 66355,\n 69573,\n 70152,\n 70154,\n 70165,\n 70935,\n 71230,\n 71621,\n 71800,\n 71833,\n 71929,\n 71932,\n 72325,\n 72505,\n 72539,\n 72541,\n 72611,\n 72701,\n 73031,\n 73037,\n 73225,\n 73227,\n 73306,\n 73431,\n 73434,\n 74204,\n 74228,\n 74239,\n 74240,\n 74446,\n 74457,\n 75037,\n 76763,\n 76764,\n 76765,\n 76766,\n 76908,\n 76909,\n 76910,\n 76911,\n 79707\n );\n script_xref(name:\"CERT\", value:\"967332\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-30-3\");\n\n script_name(english:\"Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)\");\n script_summary(english:\"Checks the version of Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.6.8 or\nlater but prior to 10.11. It is, therefore, affected by multiple\nvulnerabilities in the following components :\n\n - Address Book\n - AirScan\n - apache_mod_php\n - Apple Online Store Kit\n - AppleEvents\n - Audio\n - bash\n - Certificate Trust Policy\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork HTTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CoreCrypto\n - CoreText\n - Dev Tools\n - Disk Images\n - dyld\n - EFI\n - Finder\n - Game Center\n - Heimdal\n - ICU\n - Install Framework Legacy\n - Intel Graphics Driver\n - IOAudioFamily\n - IOGraphics\n - IOHIDFamily\n - IOStorageFamily\n - Kernel\n - libc\n - libpthread\n - libxpc\n - Login Window\n - lukemftpd\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - Notes\n - OpenSSH\n - OpenSSL\n - procmail\n - remote_cmds\n - removefile\n - Ruby\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - Security\n - SMB\n - SQLite\n - Telephony\n - Terminal\n - tidy\n - Time Machine\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205267\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76b3b492\");\n # https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7a6ddbd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-6277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nmatch = eregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(match)) exit(1, \"Failed to parse the Mac OS X version ('\" + os + \"').\");\n\nversion = match[1];\nif (\n version !~ \"^10\\.6\\.([89]|[1-9][0-9]+)\" &&\n version !~ \"^10\\.([7-9]|10)\\.\"\n) audit(AUDIT_OS_NOT, \"Mac OS X 10.6.8 or later\", \"Mac OS X \"+version);\n\nfixed_version = \"10.11\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected since it is running Mac OS X \"+version+\".\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:41:36", "description": "The remote host is running a version of iOS that is prior to version 9.1 and the following components contain vulnerabilities :\n\n - Accelerate Framework (CVE-2015-5940)\n - Bom CVE-2015-7006)\n - CFNetwork (CVE-2015-7023)\n - configd (CVE-2015-7015)\n - CoreGraphics (CVE-2015-5925, CVE-2015-5926)\n - CoreText (CVE-2015-6975, CVE-2015-6992, CVE-2015-7017)\n - Disk Images (CVE-2015-6995)\n - FontParser (CVE-2015-5927, CVE-2015-5942, CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, CVE-2015-7018)\n - GasGauge (CVE-2015-6979)\n - Grand Central Dispatch (CVE-2015-6989)\n - Graphics Driver (CVE-2015-6986)\n - ImageIO (CVE-2015-5935, CVE-2015-5936, CVE-2015-5937, CVE-2015-5939)\n - IOAcceleratorFamily (CVE-2015-6996)\n - IOHIDFamily (CVE-2015-6974)\n - Kernel (CVE-2015-7004, CVE-2015-6988, CVE-2015-6994)\n - Notification Center (CVE-2015-7000)\n - OpenGL (CVE-2015-5924)\n - Security (CVE-2015-6983, CVE-2015-6999, CVE-2015-6997)\n - Telephony (CVE-2015-7022)\n - WebKit (CVE-2015-5928, CVE-2015-5929, CVE-2015-5930, CVE-2015-6981, CVE-2015-6982, CVE-2015-7002, CVE-2015-7005, CVE-2015-7012, CVE-2015-7014)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-05-26T00:00:00", "type": "nessus", "title": "Apple iOS < 9.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5928", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-7002", "CVE-2015-7012", "CVE-2015-7014", "CVE-2015-6981", "CVE-2015-6982", "CVE-2015-7005", "CVE-2015-6996", "CVE-2015-6975", "CVE-2015-6992", "CVE-2015-7017", "CVE-2015-7006", "CVE-2015-7015", "CVE-2015-5925", "CVE-2015-5926", "CVE-2015-5927", "CVE-2015-5942", "CVE-2015-6989", "CVE-2015-5935", "CVE-2015-5936", "CVE-2015-5937", "CVE-2015-5939", "CVE-2015-6974", "CVE-2015-6979", "CVE-2015-6986", "CVE-2015-7004", "CVE-2015-7000", "CVE-2015-6999", "CVE-2015-6997", "CVE-2015-7022", "CVE-2015-6995", "CVE-2015-7010", "CVE-2015-5924", "CVE-2015-7009", "CVE-2015-5940", "CVE-2015-7023", "CVE-2015-6976", "CVE-2015-6977", "CVE-2015-6978", "CVE-2015-6990", "CVE-2015-6991", "CVE-2015-6993", "CVE-2015-7008", "CVE-2015-7018", "CVE-2015-6994", "CVE-2015-6988", "CVE-2015-6983"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "9328.PRM", "href": "https://www.tenable.com/plugins/nnm/9328", "sourceData": "Binary data 9328.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-21T17:18:51", "description": "The mobile device is running a version of iOS prior to version 9.1. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Accelerate Framework (CVE-2015-5940)\n\n - Bom CVE-2015-7006)\n\n - CFNetwork (CVE-2015-7023)\n\n - configd (CVE-2015-7015)\n\n - CoreGraphics (CVE-2015-5925, CVE-2015-5926)\n\n - CoreText (CVE-2015-6975, CVE-2015-6992, CVE-2015-7017)\n\n - Disk Images (CVE-2015-6995)\n\n - FontParser (CVE-2015-5927, CVE-2015-5942, CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, CVE-2015-7018)\n\n - GasGauge (CVE-2015-6979)\n\n - Grand Central Dispatch (CVE-2015-6989)\n\n - Graphics Driver (CVE-2015-6986)\n\n - ImageIO (CVE-2015-5935, CVE-2015-5936, CVE-2015-5937, CVE-2015-5939)\n\n - IOAcceleratorFamily (CVE-2015-6996)\n\n - IOHIDFamily (CVE-2015-6974)\n\n - Kernel (CVE-2015-7004, CVE-2015-6988, CVE-2015-6994)\n\n - Notification Center (CVE-2015-7000)\n\n - OpenGL (CVE-2015-5924)\n\n - Security (CVE-2015-6983, CVE-2015-6999, CVE-2015-6997)\n\n - Telephony (CVE-2015-7022)\n\n - WebKit (CVE-2015-5928, CVE-2015-5929, CVE-2015-5930, CVE-2015-6981, CVE-2015-6982, CVE-2015-7002, CVE-2015-7005, CVE-2015-7012, CVE-2015-7014)", "cvss3": {"score": null, "vector": null}, "published": "2015-10-23T00:00:00", "type": "nessus", "title": "Apple iOS < 9.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5924", "CVE-2015-5925", "CVE-2015-5926", "CVE-2015-5927", "CVE-2015-5928", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5935", "CVE-2015-5936", "CVE-2015-5937", "CVE-2015-5939", "CVE-2015-5940", "CVE-2015-5942", "CVE-2015-6974", "CVE-2015-6975", "CVE-2015-6976", "CVE-2015-6977", "CVE-2015-6978", "CVE-2015-6979", "CVE-2015-6981", "CVE-2015-6982", "CVE-2015-6983", "CVE-2015-6986", "CVE-2015-6988", "CVE-2015-6989", "CVE-2015-6990", "CVE-2015-6991", "CVE-2015-6992", "CVE-2015-6993", "CVE-2015-6994", "CVE-2015-6995", "CVE-2015-6996", "CVE-2015-6997", "CVE-2015-6999", "CVE-2015-7000", "CVE-2015-7002", "CVE-2015-7004", "CVE-2015-7005", "CVE-2015-7006", "CVE-2015-7008", "CVE-2015-7009", "CVE-2015-7010", "CVE-2015-7012", "CVE-2015-7014", "CVE-2015-7015", "CVE-2015-7017", "CVE-2015-7018", "CVE-2015-7022", "CVE-2015-7023"], "modified": "2022-07-19T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_91_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/86571", "sourceData": "Binary data apple_ios_91_check.nbin", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:35:10", "description": "Mageia Linux Local Security Checks mgasa-2016-0120", "cvss3": {}, "published": "2016-03-31T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0120", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1127", "CVE-2015-5788", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-1122", "CVE-2015-5794", "CVE-2015-1071", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-1076", "CVE-2015-3727", "CVE-2015-1120", "CVE-2015-3749", "CVE-2015-1155", "CVE-2015-3748", "CVE-2015-3658", "CVE-2015-1083", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5928", "CVE-2015-3659", "CVE-2015-5822", "CVE-2015-1081", "CVE-2015-5809", "CVE-2014-1748"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131278", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131278", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0120.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131278\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-31 08:05:03 +0300 (Thu, 31 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0120\");\n script_tag(name:\"insight\", value:\"The webkit package has been updated to version 2.4.10, fixing several security issues and other bugs.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0120.html\");\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\", \"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\", \"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\", \"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0120\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"webkit\", rpm:\"webkit~2.4.10~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for webkitgtk USN-2937-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1127", "CVE-2015-5788", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-1122", "CVE-2015-5794", "CVE-2015-1071", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-1076", "CVE-2015-3727", "CVE-2015-1120", "CVE-2015-3749", "CVE-2015-1155", "CVE-2015-3748", "CVE-2015-3658", "CVE-2015-1083", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5928", "CVE-2015-3659", "CVE-2015-5822", "CVE-2015-1081", "CVE-2015-5809", "CVE-2014-1748"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842701", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842701", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for webkitgtk USN-2937-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842701\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-22 06:13:01 +0100 (Tue, 22 Mar 2016)\");\n script_cve_id(\"CVE-2014-1748\", \"CVE-2015-1071\", \"CVE-2015-1076\", \"CVE-2015-1081\",\n\t\t\"CVE-2015-1083\", \"CVE-2015-1120\", \"CVE-2015-1122\", \"CVE-2015-1127\",\n\t\t\"CVE-2015-1153\", \"CVE-2015-1155\", \"CVE-2015-3658\", \"CVE-2015-3659\",\n\t\t\"CVE-2015-3727\", \"CVE-2015-3731\", \"CVE-2015-3741\", \"CVE-2015-3743\",\n\t\t\"CVE-2015-3745\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\",\n\t\t\"CVE-2015-3752\", \"CVE-2015-5788\", \"CVE-2015-5794\", \"CVE-2015-5801\",\n\t\t\"CVE-2015-5809\", \"CVE-2015-5822\", \"CVE-2015-5928\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for webkitgtk USN-2937-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkitgtk'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A large number of security issues were\n discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked\n into viewing a malicious website, a remote attacker could exploit a variety of\n issues related to web browser security, including cross-site scripting attacks,\n denial of service attacks, and arbitrary code execution.\");\n script_tag(name:\"affected\", value:\"webkitgtk on Ubuntu 15.10,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2937-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2937-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-1.0-0:i386\", ver:\"2.4.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-1.0-0:amd64\", ver:\"2.4.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-3.0-0:i386\", ver:\"2.4.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-3.0-0:amd64\", ver:\"2.4.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkitgtk-1.0-0:i386\", ver:\"2.4.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkitgtk-1.0-0:amd64\", ver:\"2.4.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkitgtk-3.0-0:i386\", ver:\"2.4.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkitgtk-3.0-0:amd64\", ver:\"2.4.10-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-1.0-0:i386\", ver:\"2.4.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-1.0-0:amd64\", ver:\"2.4.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-3.0-0:i386\", ver:\"2.4.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-3.0-0:amd64\", ver:\"2.4.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkitgtk-1.0-0:i386\", ver:\"2.4.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkitgtk-1.0-0:amd64\", ver:\"2.4.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkitgtk-3.0-0:i386\", ver:\"2.4.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkitgtk-3.0-0:amd64\", ver:\"2.4.10-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-04-11T00:00:00", "type": "openvas", "title": "Fedora Update for webkitgtk FEDORA-2016-9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1127", "CVE-2015-5788", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-1122", "CVE-2015-5794", "CVE-2015-1071", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-1076", "CVE-2015-3727", "CVE-2015-1120", "CVE-2015-3749", "CVE-2015-1155", "CVE-2015-3748", "CVE-2015-3658", "CVE-2015-1083", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5928", "CVE-2015-3659", "CVE-2015-5822", "CVE-2015-1081", "CVE-2015-5809", "CVE-2014-1748"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310807742", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807742", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for webkitgtk FEDORA-2016-9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807742\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-11 12:47:18 +0530 (Mon, 11 Apr 2016)\");\n script_cve_id(\"CVE-2015-1120\", \"CVE-2015-1076\", \"CVE-2015-1071\", \"CVE-2015-1081\",\n \"CVE-2015-1122\", \"CVE-2015-1155\", \"CVE-2014-1748\", \"CVE-2015-3752\",\n \"CVE-2015-5809\", \"CVE-2015-5928\", \"CVE-2015-3749\", \"CVE-2015-3659\",\n \"CVE-2015-3748\", \"CVE-2015-3743\", \"CVE-2015-3731\", \"CVE-2015-3745\",\n \"CVE-2015-5822\", \"CVE-2015-3658\", \"CVE-2015-3741\", \"CVE-2015-3727\",\n \"CVE-2015-5801\", \"CVE-2015-5788\", \"CVE-2015-3747\", \"CVE-2015-5794\",\n \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1083\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for webkitgtk FEDORA-2016-9\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkitgtk'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"webkitgtk on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-March/180485.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"webkitgtk\", rpm:\"webkitgtk~2.4.10~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-23T00:00:00", "type": "openvas", "title": "Fedora Update for webkitgtk FEDORA-2016-5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1127", "CVE-2015-5788", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-1122", "CVE-2015-5794", "CVE-2015-1071", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-1076", "CVE-2015-3727", "CVE-2015-1120", "CVE-2015-3749", "CVE-2015-1155", "CVE-2015-3748", "CVE-2015-3658", "CVE-2015-1083", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5928", "CVE-2015-3659", "CVE-2015-5822", "CVE-2015-1081", "CVE-2015-5809", "CVE-2014-1748"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310807724", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807724", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for webkitgtk FEDORA-2016-5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807724\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-23 06:16:15 +0100 (Wed, 23 Mar 2016)\");\n script_cve_id(\"CVE-2015-1120\", \"CVE-2015-1076\", \"CVE-2015-1071\", \"CVE-2015-1081\",\n \"CVE-2015-1122\", \"CVE-2015-1155\", \"CVE-2014-1748\", \"CVE-2015-3752\",\n \"CVE-2015-5809\", \"CVE-2015-5928\", \"CVE-2015-3749\", \"CVE-2015-3659\",\n \"CVE-2015-3748\", \"CVE-2015-3743\", \"CVE-2015-3731\", \"CVE-2015-3745\",\n \"CVE-2015-5822\", \"CVE-2015-3658\", \"CVE-2015-3741\", \"CVE-2015-3727\",\n \"CVE-2015-5801\", \"CVE-2015-5788\", \"CVE-2015-3747\", \"CVE-2015-5794\",\n \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1083\");\n\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for webkitgtk FEDORA-2016-5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkitgtk'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"webkitgtk on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-March/179225.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"webkitgtk\", rpm:\"webkitgtk~2.4.10~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-21T00:00:00", "type": "openvas", "title": "Fedora Update for webkitgtk3 FEDORA-2016-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1127", "CVE-2015-5788", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-1122", "CVE-2015-5794", "CVE-2015-1071", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-1076", "CVE-2015-3727", "CVE-2015-1120", "CVE-2015-3749", "CVE-2015-1155", "CVE-2015-3748", "CVE-2015-3658", "CVE-2015-1083", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5928", "CVE-2015-3659", "CVE-2015-5822", "CVE-2015-1081", "CVE-2015-5809", "CVE-2014-1748"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310807720", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807720", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for webkitgtk3 FEDORA-2016-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807720\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-21 07:26:15 +0100 (Mon, 21 Mar 2016)\");\n script_cve_id(\"CVE-2015-1120\", \"CVE-2015-1076\", \"CVE-2015-1071\", \"CVE-2015-1081\",\n \"CVE-2015-1122\", \"CVE-2015-1155\", \"CVE-2014-1748\", \"CVE-2015-3752\",\n \"CVE-2015-5809\", \"CVE-2015-5928\", \"CVE-2015-3749\", \"CVE-2015-3659\",\n \"CVE-2015-3748\", \"CVE-2015-3743\", \"CVE-2015-3731\", \"CVE-2015-3745\",\n \"CVE-2015-5822\", \"CVE-2015-3658\", \"CVE-2015-3741\", \"CVE-2015-3727\",\n \"CVE-2015-5801\", \"CVE-2015-5788\", \"CVE-2015-3747\", \"CVE-2015-5794\",\n \"CVE-2015-1127\", \"CVE-2015-1153\", \"CVE-2015-1083\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for webkitgtk3 FEDORA-2016-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkitgtk3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"webkitgtk3 on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-March/179133.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"webkitgtk3\", rpm:\"webkitgtk3~2.4.10~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-17T14:26:33", "description": "This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-07-08T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities-01 July15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3660", "CVE-2015-3727", "CVE-2015-3658", "CVE-2015-3659"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310805675", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities-01 July15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805675\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2015-3727\", \"CVE-2015-3660\", \"CVE-2015-3659\", \"CVE-2015-3658\");\n script_bugtraq_id(75492, 75494);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-07-08 15:01:56 +0530 (Wed, 08 Jul 2015)\");\n script_name(\"Apple Safari Multiple Vulnerabilities-01 July15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An error in WebKit that does not properly restrict rename operations\n on WebSQL tables.\n\n - An error in the PDF functionality in WebKit.\n\n - An error in SQLite authorizer in the Storage functionality in WebKit\n that does not properly restrict access to SQL functions.\n\n - An error in Page Loading functionality in WebKit that does not properly\n consider redirects during decisions about sending an Origin header.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n remote attackers to access an arbitrary web site's database, inject arbitrary\n web script or HTML, execute arbitrary code or cause a denial of service and\n bypass CSRF protection mechanisms.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 6.2.7, 7.x\n before 7.1.7, and 8.x before 8.0.7\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 6.2.7 or\n 7.1.7 or 8.0.7 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT204941\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Jun/msg00004.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"6.2.7\"))\n{\n fix = \"6.2.7\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"7.0\", test_version2:\"7.1.6\"))\n{\n fix = \"7.1.7\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"8.0\", test_version2:\"8.0.6\"))\n{\n fix = \"8.0.7\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + safVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-17T14:26:37", "description": "This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-09-01T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities-01 Sep15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3733", "CVE-2015-3736", "CVE-2015-3754", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-3732", "CVE-2015-3738", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-3730", "CVE-2015-3750", "CVE-2015-3755", "CVE-2015-3753", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-3748", "CVE-2015-3746", "CVE-2015-3741", "CVE-2015-3751", "CVE-2015-3745", "CVE-2015-3735", "CVE-2015-3737", "CVE-2015-3729"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310805968", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805968", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities-01 Sep15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805968\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2015-3729\", \"CVE-2015-3730\", \"CVE-2015-3731\", \"CVE-2015-3732\",\n \"CVE-2015-3733\", \"CVE-2015-3734\", \"CVE-2015-3735\", \"CVE-2015-3736\",\n \"CVE-2015-3737\", \"CVE-2015-3738\", \"CVE-2015-3739\", \"CVE-2015-3740\",\n \"CVE-2015-3741\", \"CVE-2015-3742\", \"CVE-2015-3743\", \"CVE-2015-3744\",\n \"CVE-2015-3745\", \"CVE-2015-3746\", \"CVE-2015-3747\", \"CVE-2015-3748\",\n \"CVE-2015-3749\", \"CVE-2015-3750\", \"CVE-2015-3751\", \"CVE-2015-3752\",\n \"CVE-2015-3753\", \"CVE-2015-3754\", \"CVE-2015-3755\");\n script_bugtraq_id(76342, 76338, 76341, 76339, 76344);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-09-01 11:47:05 +0530 (Tue, 01 Sep 2015)\");\n script_name(\"Apple Safari Multiple Vulnerabilities-01 Sep15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists duu to,\n\n - Multiple memory corruption issues existed in WebKit.\n\n - An error existed in Content Security Policy report requests which would not\n honor HTTP Strict Transport Security.\n\n - An issue existed where websites with video controls would load images nested\n in object elements in violation of the website's Content Security Policy\n directive.\n\n - Two issues existed in how cookies were added to Content Security Policy report\n requests. Cookies were sent in cross-origin report requests in violation of the\n standard.\n\n - Images fetched through URLs that redirected to a data:image resource could have\n been exfiltrated cross-origin.\n\n - An issue existed in caching of HTTP authentication. Credentials entered in\n private browsing mode were carried over to regular browsing which would reveal\n parts of the user's private browsing history.\n\n - Navigating to a malformed URL may have allowed a malicious website to display\n an arbitrary URL.\n\n - A malicious website could open another site and prompt for user input without\n a way for the user to tell where the prompt came from.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct spoofing attack, unexpected application termination\n or arbitrary code execution, trigger plaintext requests to an origin under HTTP\n Strict Transport Security, load image out of accordance with Content Security\n Policy directive, gain access to sensitive information, exfiltrate image data\n cross-origin and reveal private browsing history.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 6.2.8, 7.x\n before 7.1.8, and 8.x before 8.0.8\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 6.2.8 or\n 7.1.8 or 8.0.8 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT205033\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"6.2.8\"))\n{\n fix = \"6.2.8\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"7.0\", test_version2:\"7.1.7\"))\n{\n fix = \"7.1.8\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"8.0\", test_version2:\"8.0.7\"))\n{\n fix = \"8.0.8\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + safVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:08", "description": "Mageia Linux Local Security Checks mgasa-2016-0116", "cvss3": {}, "published": "2016-03-31T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0116", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3733", "CVE-2015-5930", "CVE-2015-7013", "CVE-2016-1725", "CVE-2015-1072", "CVE-2015-5825", "CVE-2015-3736", "CVE-2015-3754", "CVE-2015-7097", "CVE-2015-7100", "CVE-2015-7099", "CVE-2015-7002", "CVE-2016-1728", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-7104", "CVE-2015-1127", "CVE-2015-5812", "CVE-2015-7014", "CVE-2015-5788", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-3732", "CVE-2015-1073", "CVE-2015-5805", "CVE-2015-1122", "CVE-2015-1126", "CVE-2015-5828", "CVE-2015-3738", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-5807", "CVE-2015-1071", "CVE-2015-7098", "CVE-2015-5801", "CVE-2016-1727", "CVE-2015-3743", "CVE-2015-1156", "CVE-2015-3747", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-3730", "CVE-2015-5931", "CVE-2015-7048", "CVE-2015-1068", "CVE-2015-5793", "CVE-2015-3750", "CVE-2015-5795", "CVE-2015-1076", "CVE-2015-1154", "CVE-2016-1723", "CVE-2015-1124", "CVE-2015-5929", "CVE-2015-3755", "CVE-2016-1726", "CVE-2015-3660", "CVE-2015-3753", "CVE-2015-5813", "CVE-2015-3727", "CVE-2015-1120", "CVE-2015-1070", "CVE-2015-7096", "CVE-2015-1077", "CVE-2015-3749", "CVE-2015-1155", "CVE-2015-3742", "CVE-2016-1724", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-5827", "CVE-2015-3748", "CVE-2015-1152", "CVE-2015-3658", "CVE-2015-5815", "CVE-2015-3746", "CVE-2015-7103", "CVE-2015-7012", "CVE-2015-5810", "CVE-2015-3741", "CVE-2015-3751", "CVE-2015-1121", "CVE-2015-1082", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5823", "CVE-2015-5928", "CVE-2015-3735", "CVE-2015-3659", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-1081", "CVE-2015-1119", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-7095", "CVE-2015-7102", "CVE-2015-5804", "CVE-2015-1069", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-1075", "CVE-2015-5811", "CVE-2015-3737"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131282", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131282", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0116.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131282\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-31 08:05:06 +0300 (Thu, 31 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0116\");\n script_tag(name:\"insight\", value:\"The webkit2 package has been updated to version 2.10.9, fixing several security issues and other bugs.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0116.html\");\n script_cve_id(\"CVE-2015-1068\", \"CVE-2015-1069\", \"CVE-2015-1070\", \"CVE-2015-1071\", \"CVE-2015-1072\", \"CVE-2015-1073\", \"CVE-2015-1075\", \"CVE-2015-1076\", \"CVE-2015-1077\", \"CVE-2015-1081\", \"CVE-2015-1082\", \"CVE-2015-1119\", \"CVE-2015-1120\", \"CVE-2015-1121\", \"CVE-2015-1122\", \"CVE-2015-1124\", \"CVE-2015-1126\", \"CVE-2015-1127\", \"CVE-2015-1152\", \"CVE-2015-1153\", \"CVE-2015-1154\", \"CVE-2015-1155\", \"CVE-2015-1156\", \"CVE-2015-3658\", \"CVE-2015-3659\", \"CVE-2015-3660\", \"CVE-2015-3727\", \"CVE-2015-3730\", \"CVE-2015-3731\", \"CVE-2015-3732\", \"CVE-2015-3733\", \"CVE-2015-3734\", \"CVE-2015-3735\", \"CVE-2015-3736\", \"CVE-2015-3737\", \"CVE-2015-3738\", \"CVE-2015-3739\", \"CVE-2015-3740\", \"CVE-2015-3741\", \"CVE-2015-3742\", \"CVE-2015-3743\", \"CVE-2015-3744\", \"CVE-2015-3745\", \"CVE-2015-3746\", \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-3749\", \"CVE-2015-3750\", \"CVE-2015-3751\", \"CVE-2015-3752\", \"CVE-2015-3753\", \"CVE-2015-3754\", \"CVE-2015-3755\", \"CVE-2015-5788\", \"CVE-2015-5793\", \"CVE-2015-5794\", \"CVE-2015-5795\", \"CVE-2015-5797\", \"CVE-2015-5799\", \"CVE-2015-5800\", \"CVE-2015-5801\", \"CVE-2015-5803\", \"CVE-2015-5804\", \"CVE-2015-5805\", \"CVE-2015-5806\", \"CVE-2015-5807\", \"CVE-2015-5809\", \"CVE-2015-5810\", \"CVE-2015-5811\", \"CVE-2015-5812\", \"CVE-2015-5813\", \"CVE-2015-5814\", \"CVE-2015-5815\", \"CVE-2015-5816\", \"CVE-2015-5817\", \"CVE-2015-5818\", \"CVE-2015-5819\", \"CVE-2015-5822\", \"CVE-2015-5823\", \"CVE-2015-5825\", \"CVE-2015-5827\", \"CVE-2015-5828\", \"CVE-2015-5928\", \"CVE-2015-5929\", \"CVE-2015-5930\", \"CVE-2015-5931\", \"CVE-2015-7002\", \"CVE-2015-7012\", \"CVE-2015-7013\", \"CVE-2015-7014\", \"CVE-2015-7048\", \"CVE-2015-7095\", \"CVE-2015-7096\", \"CVE-2015-7097\", \"CVE-2015-7098\", \"CVE-2015-7099\", \"CVE-2015-7100\", \"CVE-2015-7102\", \"CVE-2015-7103\", \"CVE-2015-7104\", \"CVE-2016-1723\", \"CVE-2016-1724\", \"CVE-2016-1725\", \"CVE-2016-1726\", \"CVE-2016-1727\", \"CVE-2016-1728\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0116\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"webkit2\", rpm:\"webkit2~2.10.9~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:28:00", "description": "This host is running Apple Safari and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-05-11T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities -01 May15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1156", "CVE-2015-1154", "CVE-2015-1155", "CVE-2015-1152", "CVE-2015-1153"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310805613", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805613", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities -01 May15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805613\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2015-1156\", \"CVE-2015-1155\", \"CVE-2015-1154\", \"CVE-2015-1153\",\n \"CVE-2015-1152\");\n script_bugtraq_id(74527, 74526, 74525, 74524, 74523);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-05-11 14:59:28 +0530 (Mon, 11 May 2015)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"Apple Safari Multiple Vulnerabilities -01 May15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Safari and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - A flaw in WebKit in the handling of rel attributes in anchor elements which\n is triggered when clicking a link to visit a specially crafted web page.\n\n - A state management flaw in WebKit that is triggered as user-supplied input\n is not properly validated.\n\n - multiple flaws in WebKit that are triggered as user-supplied input is not\n properly validated.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n context-dependent attacker can potentially execute arbitrary code, can gain\n access to potentially sensitive user information from the file system, to\n spoof the user interface.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 6.2.6, 7.x\n before 7.1.6 and 8.x before 8.0.6\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 6.2.6 or\n 7.1.6 or 8.0.6 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/HT204826\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/May/msg00000.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"6.2.6\"))\n{\n fix = \"6.2.6\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"7.0\", test_version2:\"7.1.5\"))\n{\n fix = \"7.1.6\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"8.0\", test_version2:\"8.0.5\"))\n{\n fix = \"8.0.6\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + safVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:07", "description": "This host is running Apple Safari and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-04-23T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities -01 Apr15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1127", "CVE-2015-1112", "CVE-2015-1122", "CVE-2015-1126", "CVE-2015-1124", "CVE-2015-1129", "CVE-2015-1120", "CVE-2015-1128", "CVE-2015-1121", "CVE-2015-1119"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310805467", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_mult_vuln_apr15_macosx.nasl 14319 2019-03-19 11:49:19Z cfischer $\n#\n# Apple Safari Multiple Vulnerabilities -01 Apr15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805467\");\n script_version(\"$Revision: 14319 $\");\n script_cve_id(\"CVE-2015-1112\", \"CVE-2015-1119\", \"CVE-2015-1120\", \"CVE-2015-1121\",\n \"CVE-2015-1122\", \"CVE-2015-1124\", \"CVE-2015-1126\", \"CVE-2015-1127\",\n \"CVE-2015-1128\", \"CVE-2015-1129\");\n script_bugtraq_id(73972, 73973, 73974, 73975, 73976, 73977);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:49:19 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-23 17:30:41 +0530 (Thu, 23 Apr 2015)\");\n script_name(\"Apple Safari Multiple Vulnerabilities -01 Apr15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Safari and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - a flaw in client certificate matching during SSL authentication.\n\n - a flaw in private browsing mode that is triggered when responding to push\n notification requests.\n\n - a flaw in loader/icon/IconController.cpp script in WebKit as URLs visited\n during private browsing are stored in WebpageIcons.db.\n\n - An unspecified state management issue in apple safari.\n\n - A flaw in WebKit that is triggered as user-supplied input is not properly\n validated.\n\n - A flaw in WebKit that is triggered when handling credentials for FTP URLs.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attacker to unexpectedly gain knowledge of sites visited during private\n browsing, context-dependent attacker to track a user's web traffic and gain\n access to a user's browsing history, potentially execute arbitrary code, to\n access cross-origin resources, cause a user's browser history to not be\n completely purged from history.plist.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 6.2.5, 7.x\n before 7.1.5 and 8.x before 8.0.5\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 6.2.5 or\n 7.1.5 or 8.0.5 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/en-us/HT204658\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"6.2.5\"))\n{\n fix = \"6.2.5\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"7.0\", test_version2:\"7.1.4\"))\n{\n fix = \"7.1.5\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"8.0\", test_version2:\"8.0.4\"))\n{\n fix = \"8.0.5\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + safVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:53", "description": "This host is running Apple Safari and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-03-27T00:00:00", "type": "openvas", "title": "Apple Safari 'Webkit' Multiple Vulnerabilities -01 Mar15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1072", "CVE-2015-1078", "CVE-2015-1073", "CVE-2015-1079", "CVE-2015-1071", "CVE-2015-1074", "CVE-2015-1068", "CVE-2015-1076", "CVE-2015-1070", "CVE-2015-1077", "CVE-2015-1084", "CVE-2015-1083", "CVE-2015-1082", "CVE-2015-1081", "CVE-2015-1069", "CVE-2015-1075", "CVE-2015-1080"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310805498", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805498", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_safari_webkit_mult_vuln_mar15_macosx.nasl 14319 2019-03-19 11:49:19Z cfischer $\n#\n# Apple Safari 'Webkit' Multiple Vulnerabilities -01 Mar15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805498\");\n script_version(\"$Revision: 14319 $\");\n script_cve_id(\"CVE-2015-1084\", \"CVE-2015-1083\", \"CVE-2015-1082\", \"CVE-2015-1081\",\n \"CVE-2015-1080\", \"CVE-2015-1079\", \"CVE-2015-1078\", \"CVE-2015-1077\",\n \"CVE-2015-1076\", \"CVE-2015-1075\", \"CVE-2015-1074\", \"CVE-2015-1073\",\n \"CVE-2015-1072\", \"CVE-2015-1071\", \"CVE-2015-1070\", \"CVE-2015-1069\",\n \"CVE-2015-1068\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:49:19 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-27 19:04:44 +0530 (Fri, 27 Mar 2015)\");\n script_name(\"Apple Safari 'Webkit' Multiple Vulnerabilities -01 Mar15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Safari and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple errors exist due to a flaw in\n webkit that is triggered as user-supplied input is not properly validated.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attackers to conduct denial of service attack and potentially execute\n arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 6.2.4, 7.x\n before 7.1.4 and 8.x before 8.0.4\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 6.2.4 or\n 7.1.4 or 8.0.4.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/en-us/HT204560\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"6.2.4\"))\n{\n fix = \"6.2.4\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"7.0\", test_version2:\"7.1.3\"))\n{\n fix = \"7.1.4\";\n VULN = TRUE;\n}\n\nif(version_in_range(version:safVer, test_version:\"8.0\", test_version2:\"8.0.3\"))\n{\n fix = \"8.0.4\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + safVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-03T20:54:18", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-10-01T00:00:00", "type": "openvas", "title": "Apple iTunes Multiple Vulnerabilities Sep15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3733", "CVE-2015-1157", "CVE-2015-3736", "CVE-2015-3686", "CVE-2015-5798", "CVE-2015-3688", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-5796", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-3731", "CVE-2015-3687", "CVE-2015-5805", "CVE-2015-3738", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-3730", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5789", "CVE-2015-5761", "CVE-2015-5813", "CVE-2015-5821", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-3748", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-5815", "CVE-2015-3746", "CVE-2015-5920", "CVE-2015-5755", "CVE-2015-5810", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5823", "CVE-2015-3735", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-3737", "CVE-2010-3190"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310806063", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806063", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Multiple Vulnerabilities Sep15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806063\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2015-1157\", \"CVE-2015-3686\", \"CVE-2015-3687\", \"CVE-2015-3688\",\n \"CVE-2015-5755\", \"CVE-2015-5761\", \"CVE-2015-5874\", \"CVE-2014-8146\",\n \"CVE-2015-1205\", \"CVE-2010-3190\", \"CVE-2015-1152\", \"CVE-2015-1153\",\n \"CVE-2015-3730\", \"CVE-2015-3731\", \"CVE-2015-3733\", \"CVE-2015-3734\",\n \"CVE-2015-3735\", \"CVE-2015-3736\", \"CVE-2015-3737\", \"CVE-2015-3738\",\n \"CVE-2015-3739\", \"CVE-2015-3740\", \"CVE-2015-3741\", \"CVE-2015-3742\",\n \"CVE-2015-3743\", \"CVE-2015-3744\", \"CVE-2015-3745\", \"CVE-2015-3746\",\n \"CVE-2015-3747\", \"CVE-2015-3748\", \"CVE-2015-5823\", \"CVE-2015-5920\",\n \"CVE-2015-3749\", \"CVE-2015-5789\", \"CVE-2015-5790\", \"CVE-2015-5791\",\n \"CVE-2015-5792\", \"CVE-2015-5793\", \"CVE-2015-5794\", \"CVE-2015-5795\",\n \"CVE-2015-5796\", \"CVE-2015-5797\", \"CVE-2015-5798\", \"CVE-2015-5799\",\n \"CVE-2015-5800\", \"CVE-2015-5801\", \"CVE-2015-5802\", \"CVE-2015-5803\",\n \"CVE-2015-5804\", \"CVE-2015-5805\", \"CVE-2015-5806\", \"CVE-2015-5807\",\n \"CVE-2015-5808\", \"CVE-2015-5809\", \"CVE-2015-5810\", \"CVE-2015-5811\",\n \"CVE-2015-5812\", \"CVE-2015-5813\", \"CVE-2015-5814\", \"CVE-2015-5815\",\n \"CVE-2015-5816\", \"CVE-2015-5817\", \"CVE-2015-5818\", \"CVE-2015-5819\",\n \"CVE-2015-5821\", \"CVE-2015-5822\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 10:34:38 +0530 (Thu, 01 Oct 2015)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities Sep15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple memory corruption issues in the processing of unicode strings.\n\n - Multiple memory corruption issues in the processing of text files.\n\n - A security issue in Microsoft Foundation Class's handling of library loading.\n\n - Multiple memory corruption issues in WebKit.\n\n - A redirection issue in the handling of certain network connections.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attacker to obtain encrypted SMB credentials, to cause unexpected application\n termination or arbitrary code execution, .\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.3 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.3 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT201222\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"12.3\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"12.3\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:26:38", "description": "This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities-01 Oct15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5825", "CVE-2015-5798", "CVE-2015-5796", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-5788", "CVE-2015-5805", "CVE-2015-5828", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5789", "CVE-2015-5765", "CVE-2015-5780", "CVE-2015-5813", "CVE-2015-5764", "CVE-2015-5821", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-5827", "CVE-2015-5826", "CVE-2015-5820", "CVE-2015-5815", "CVE-2015-3801", "CVE-2015-5810", "CVE-2015-5823", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-5767"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310805989", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805989", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities-01 Oct15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805989\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2015-5764\", \"CVE-2015-5765\", \"CVE-2015-5767\", \"CVE-2015-5780\",\n \"CVE-2015-5788\", \"CVE-2015-5789\", \"CVE-2015-5790\", \"CVE-2015-5791\",\n \"CVE-2015-5792\", \"CVE-2015-5793\", \"CVE-2015-5794\", \"CVE-2015-5795\",\n \"CVE-2015-5796\", \"CVE-2015-5797\", \"CVE-2015-5798\", \"CVE-2015-5799\",\n \"CVE-2015-5800\", \"CVE-2015-5801\", \"CVE-2015-5802\", \"CVE-2015-5803\",\n \"CVE-2015-5804\", \"CVE-2015-5805\", \"CVE-2015-5806\", \"CVE-2015-5807\",\n \"CVE-2015-5808\", \"CVE-2015-5809\", \"CVE-2015-5810\", \"CVE-2015-5811\",\n \"CVE-2015-5812\", \"CVE-2015-5813\", \"CVE-2015-5814\", \"CVE-2015-5815\",\n \"CVE-2015-5816\", \"CVE-2015-5817\", \"CVE-2015-5818\", \"CVE-2015-5819\",\n \"CVE-2015-5821\", \"CVE-2015-5822\", \"CVE-2015-5823\", \"CVE-2015-3801\",\n \"CVE-2015-5825\", \"CVE-2015-5820\", \"CVE-2015-5826\", \"CVE-2015-5827\",\n \"CVE-2015-5828\");\n script_bugtraq_id(76764, 76766, 76763, 76765);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 13:40:06 +0530 (Tue, 13 Oct 2015)\");\n script_name(\"Apple Safari Multiple Vulnerabilities-01 Oct15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists as,\n\n - Multiple user interface inconsistencies exists which can allow a malicious\n website to display an arbitrary URL.\n\n - A validated, user-installed Safari extension could be replaced on disk\n without prompting the user.\n\n - A race condition existed in validation of image origins.\n\n - Multiple memory corruption issues existed in WebKit.\n\n - WebKit would accept multiple cookies to be set in the 'document.cookie' API.\n\n - WebKit's Performance API could have allowed a malicious website to leak\n browsing history, network activity, and mouse movements by measuring time.\n\n - An issue existed in handling of tel://, facetime://, and facetime-audio:// URLs.\n\n - Safari allowed cross-origin stylesheets to be loaded with non-CSS MIME types\n which could be used for cross-origin data exfiltration.\n\n - An object leak issue broke the isolation boundary between origins.\n\n - The Safari plugins API did not communicate to plugins that a server-side\n redirect had happened.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct spoofing attacks, replace genuine extensions, bypass security\n restrictions, conduct denial-of-service attack, arbitrary code execution, gain\n access to sensitive information or url redirection.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 9.0\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 9.0 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT205265\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"9.0\"))\n{\n report = 'Installed version: ' + safVer + '\\n' +\n 'Fixed version: ' + \"9.0\" + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:27:44", "description": "This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-11-03T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities-01 Nov15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5930", "CVE-2015-7013", "CVE-2015-7002", "CVE-2015-7014", "CVE-2015-5931", "CVE-2015-5929", "CVE-2015-7012", "CVE-2015-5928", "CVE-2015-7011"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310806608", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806608", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities-01 Nov15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806608\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2015-5928\", \"CVE-2015-5929\", \"CVE-2015-5930\", \"CVE-2015-5931\",\n \"CVE-2015-7002\", \"CVE-2015-7011\", \"CVE-2015-7012\", \"CVE-2015-7013\",\n \"CVE-2015-7014\");\n script_bugtraq_id(77264, 77267);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-11-03 14:39:29 +0530 (Tue, 03 Nov 2015)\");\n script_name(\"Apple Safari Multiple Vulnerabilities-01 Nov15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to multiple\n memory corruption issues in webKit.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code on the affected system.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 9.0.1\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 9.0.1 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT205377\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"9.0.1\"))\n{\n report = 'Installed version: ' + safVer + '\\n' +\n 'Fixed version: ' + \"9.0.1\" + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-31T10:49:04", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2014-1743 \ncloudfuzzer discovered a use-after-free issue in the Blink/Webkit\ndocument object model implementation.\n\nCVE-2014-1744 \nAaron Staple discovered an integer overflow issue in audio input\nhandling.\n\nCVE-2014-1745 \nAtte Kettunen discovered a use-after-free issue in the Blink/Webkit\nscalable vector graphics implementation. \n\nCVE-2014-1746 \nHolger Fuhrmannek discovered an out-of-bounds read issue in the URL\nprotocol implementation for handling media.\n\nCVE-2014-1747 \npackagesu discovered a cross-site scripting issue involving\nmalformed MHTML files.\n\nCVE-2014-1748 \nJordan Milne discovered a user interface spoofing issue.\n\nCVE-2014-1749 \nThe Google Chrome development team discovered and fixed multiple\nissues with potential security impact.\n\nCVE-2014-3152 \nAn integer underflow issue was discovered in the v8 javascript\nlibrary.", "cvss3": {}, "published": "2014-05-31T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2939-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1747", "CVE-2014-3152", "CVE-2014-1744", "CVE-2014-1743", "CVE-2014-1746", "CVE-2014-1749", "CVE-2014-1745", "CVE-2014-1748"], "modified": "2017-07-14T00:00:00", "id": "OPENVAS:702939", "href": "http://plugins.openvas.org/nasl.php?oid=702939", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2939.nasl 6724 2017-07-14 09:57:17Z teissa $\n# Auto-generated from advisory DSA 2939-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"chromium-browser on Debian Linux\";\ntag_insight = \"Chromium is an open-source browser project that aims to build a safer, faster,\nand more stable way for all Internet users to experience the web.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 35.0.1916.114-1~deb7u2.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 35.0.1916.114-1.\n\nWe recommend that you upgrade your chromium-browser packages.\";\ntag_summary = \"Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2014-1743 \ncloudfuzzer discovered a use-after-free issue in the Blink/Webkit\ndocument object model implementation.\n\nCVE-2014-1744 \nAaron Staple discovered an integer overflow issue in audio input\nhandling.\n\nCVE-2014-1745 \nAtte Kettunen discovered a use-after-free issue in the Blink/Webkit\nscalable vector graphics implementation. \n\nCVE-2014-1746 \nHolger Fuhrmannek discovered an out-of-bounds read issue in the URL\nprotocol implementation for handling media.\n\nCVE-2014-1747 \npackagesu discovered a cross-site scripting issue involving\nmalformed MHTML files.\n\nCVE-2014-1748 \nJordan Milne discovered a user interface spoofing issue.\n\nCVE-2014-1749 \nThe Google Chrome development team discovered and fixed multiple\nissues with potential security impact.\n\nCVE-2014-3152 \nAn integer underflow issue was discovered in the v8 javascript\nlibrary.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702939);\n script_version(\"$Revision: 6724 $\");\n script_cve_id(\"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3152\");\n script_name(\"Debian Security Advisory DSA 2939-1 (chromium-browser - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-14 11:57:17 +0200 (Fri, 14 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-05-31 00:00:00 +0200 (Sat, 31 May 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2939.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:30", "description": "Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2014-1743\ncloudfuzzer discovered a use-after-free issue in the Blink/Webkit\ndocument object model implementation.\n\nCVE-2014-1744\nAaron Staple discovered an integer overflow issue in audio input\nhandling.\n\nCVE-2014-1745\nAtte Kettunen discovered a use-after-free issue in the Blink/Webkit\nscalable vector graphics implementation.\n\nCVE-2014-1746\nHolger Fuhrmannek discovered an out-of-bounds read issue in the URL\nprotocol implementation for handling media.\n\nCVE-2014-1747\npackagesu discovered a cross-site scripting issue involving\nmalformed MHTML files.\n\nCVE-2014-1748\nJordan Milne discovered a user interface spoofing issue.\n\nCVE-2014-1749\nThe Google Chrome development team discovered and fixed multiple\nissues with potential security impact.\n\nCVE-2014-3152\nAn integer underflow issue was discovered in the v8 javascript\nlibrary.", "cvss3": {}, "published": "2014-05-31T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2939-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1747", "CVE-2014-3152", "CVE-2014-1744", "CVE-2014-1743", "CVE-2014-1746", "CVE-2014-1749", "CVE-2014-1745", "CVE-2014-1748"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310702939", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702939", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2939.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2939-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702939\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3152\");\n script_name(\"Debian Security Advisory DSA 2939-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-31 00:00:00 +0200 (Sat, 31 May 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2939.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 35.0.1916.114-1~deb7u2.\n\nFor the testing distribution (jessie), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 35.0.1916.114-1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered in the chromium web browser.\n\nCVE-2014-1743\ncloudfuzzer discovered a use-after-free issue in the Blink/Webkit\ndocument object model implementation.\n\nCVE-2014-1744\nAaron Staple discovered an integer overflow issue in audio input\nhandling.\n\nCVE-2014-1745\nAtte Kettunen discovered a use-after-free issue in the Blink/Webkit\nscalable vector graphics implementation.\n\nCVE-2014-1746\nHolger Fuhrmannek discovered an out-of-bounds read issue in the URL\nprotocol implementation for handling media.\n\nCVE-2014-1747\npackagesu discovered a cross-site scripting issue involving\nmalformed MHTML files.\n\nCVE-2014-1748\nJordan Milne discovered a user interface spoofing issue.\n\nCVE-2014-1749\nThe Google Chrome development team discovered and fixed multiple\nissues with potential security impact.\n\nCVE-2014-3152\nAn integer underflow issue was discovered in the v8 javascript\nlibrary.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-browser-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-dbg\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-inspector\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"35.0.1916.114-1~deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-22T17:03:50", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2014-06-04T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - 01 June14 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1747", "CVE-2014-3152", "CVE-2014-1744", "CVE-2014-1743", "CVE-2014-1746", "CVE-2014-1749", "CVE-2014-1745", "CVE-2014-1748", "CVE-2014-3803"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562310804616", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities - 01 June14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804616\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\",\n \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3152\",\n \"CVE-2014-3803\");\n script_bugtraq_id(67790, 67517, 67582);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-06-04 09:39:42 +0530 (Wed, 04 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 01 June14 (Windows)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to,\n\n - A use-after-free error exists in 'StyleElement::removedFromDocument' function\nwithin core/dom/StyleElement.cpp.\n\n - An integer overflow error exists in 'AudioInputRendererHost::OnCreateStream'\nfunction in media/audio_input_renderer_host.cc.\n\n - A use-after-free error exists within SVG.\n\n - An error within media filters in 'InMemoryUrlProtocol::Read'.\n\n - An error in 'DocumentLoader::maybeCreateArchive' function related to a local\nMHTML file.\n\n - An error in 'ScrollView::paint' function related to scroll bars.\n\n - Multiple unspecified errors exist.\n\n - An integer overflow error in 'LCodeGen::PrepareKeyedOperand' function in\narm/lithium-codegen-arm.cc within v8.\n\n - Some error in speech API within Blink.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct a denial of\nservice, inject arbitrary web script or HTML, spoof the UI, enable microphone\naccess and obtain speech-recognition text and possibly have other unspecified\nimpact.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 35.0.1916.114 on Windows.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.114 or later.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/05/stable-channel-update_20.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.114\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"35.0.1916.114\");\n security_message(port:0, data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-22T17:03:54", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2014-06-04T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - 01 June14 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1747", "CVE-2014-3152", "CVE-2014-1744", "CVE-2014-1743", "CVE-2014-1746", "CVE-2014-1749", "CVE-2014-1745", "CVE-2014-1748", "CVE-2014-3803"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562310804618", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804618", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities - 01 June14 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804618\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\",\n \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3152\",\n \"CVE-2014-3803\");\n script_bugtraq_id(67790, 67517, 67582);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-06-04 10:20:11 +0530 (Wed, 04 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 01 June14 (Linux)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to,\n\n - A use-after-free error exists in 'StyleElement::removedFromDocument' function\nwithin core/dom/StyleElement.cpp.\n\n - An integer overflow error exists in 'AudioInputRendererHost::OnCreateStream'\nfunction in media/audio_input_renderer_host.cc.\n\n - A use-after-free error exists within SVG.\n\n - An error within media filters in 'InMemoryUrlProtocol::Read'.\n\n - An error in 'DocumentLoader::maybeCreateArchive' function related to a local\nMHTML file.\n\n - An error in 'ScrollView::paint' function related to scroll bars.\n\n - Multiple unspecified errors exist.\n\n - An integer overflow error in 'LCodeGen::PrepareKeyedOperand' function in\narm/lithium-codegen-arm.cc within v8.\n\n - Some error in speech API within Blink.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct a denial of\nservice, inject arbitrary web script or HTML, spoof the UI, enable microphone\naccess and obtain speech-recognition text and possibly have other unspecified\nimpact.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 35.0.1916.114 on Linux.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.114 or later.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/05/stable-channel-update_20.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.114\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"35.0.1916.114\");\n security_message(port:0, data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-22T17:03:00", "description": "The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2014-06-04T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - 01 June14 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1747", "CVE-2014-3152", "CVE-2014-1744", "CVE-2014-1743", "CVE-2014-1746", "CVE-2014-1749", "CVE-2014-1745", "CVE-2014-1748", "CVE-2014-3803"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562310804617", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804617", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Vulnerabilities - 01 June14 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804617\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\",\n \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3152\",\n \"CVE-2014-3803\");\n script_bugtraq_id(67790, 67517, 67582);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-06-04 10:20:11 +0530 (Wed, 04 Jun 2014)\");\n script_name(\"Google Chrome Multiple Vulnerabilities - 01 June14 (Mac OS X)\");\n\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to,\n\n - A use-after-free error exists in 'StyleElement::removedFromDocument' function\nwithin core/dom/StyleElement.cpp.\n\n - An integer overflow error exists in 'AudioInputRendererHost::OnCreateStream'\nfunction in media/audio_input_renderer_host.cc.\n\n - A use-after-free error exists within SVG.\n\n - An error within media filters in 'InMemoryUrlProtocol::Read'.\n\n - An error in 'DocumentLoader::maybeCreateArchive' function related to a local\nMHTML file.\n\n - An error in 'ScrollView::paint' function related to scroll bars.\n\n - Multiple unspecified errors exist.\n\n - An integer overflow error in 'LCodeGen::PrepareKeyedOperand' function in\narm/lithium-codegen-arm.cc within v8.\n\n - Some error in speech API within Blink.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to conduct a denial of\nservice, inject arbitrary web script or HTML, spoof the UI, enable microphone\naccess and obtain speech-recognition text and possibly have other unspecified\nimpact.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 35.0.1916.114 on Mac OS X.\");\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome 35.0.1916.114 or later.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.in/2014/05/stable-channel-update_20.html\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chromeVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"35.0.1916.114\"))\n{\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"35.0.1916.114\");\n security_message(port:0, data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-03T20:54:01", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-11-03T00:00:00", "type": "openvas", "title": "Apple iTunes Multiple Vulnerabilities Nov15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5930", "CVE-2015-7013", "CVE-2015-6975", "CVE-2015-7002", "CVE-2015-7014", "CVE-2015-6992", "CVE-2015-5931", "CVE-2015-5929", "CVE-2015-7012", "CVE-2015-5928", "CVE-2015-7017", "CVE-2015-7011"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310806609", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806609", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Multiple Vulnerabilities Nov15 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806609\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2015-5928\", \"CVE-2015-5929\", \"CVE-2015-5930\", \"CVE-2015-5931\",\n \"CVE-2015-7002\", \"CVE-2015-7011\", \"CVE-2015-7012\", \"CVE-2015-7013\",\n \"CVE-2015-7014\", \"CVE-2015-6975\", \"CVE-2015-6992\", \"CVE-2015-7017\");\n script_bugtraq_id(77264, 77267, 77270);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-11-03 14:51:27 +0530 (Tue, 03 Nov 2015)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities Nov15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple memory corruption issues in WebKit.\n\n - Multiple memory corruption issues in the processing of text files.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code or conduct denial-of-service condition on\n the affected system.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.3.1\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.3.1 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT205372\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"12.3.1\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"12.3.1\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for oxide-qt USN-2298-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3155", "CVE-2014-1735", "CVE-2014-3154", "CVE-2014-1742", "CVE-2014-3152", "CVE-2014-3157", "CVE-2014-1744", "CVE-2014-1743", "CVE-2014-1731", "CVE-2014-1740", "CVE-2014-1746", "CVE-2014-3162", "CVE-2014-1730", "CVE-2014-3160", "CVE-2014-1748", "CVE-2014-1741", "CVE-2014-3803"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841913", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841913", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2298_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for oxide-qt USN-2298-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841913\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:39:33 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1735\", \"CVE-2014-3162\",\n \"CVE-2014-1740\", \"CVE-2014-1741\", \"CVE-2014-1742\", \"CVE-2014-1743\",\n \"CVE-2014-1744\", \"CVE-2014-1746\", \"CVE-2014-1748\", \"CVE-2014-3152\",\n \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3157\", \"CVE-2014-3160\",\n \"CVE-2014-3803\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Ubuntu Update for oxide-qt USN-2298-1\");\n\n script_tag(name:\"affected\", value:\"oxide-qt on Ubuntu 14.04 LTS\");\n script_tag(name:\"insight\", value:\"A type confusion bug was discovered in V8. If a user were\ntricked in to opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service via renderer crash, or execute\narbitrary code with the privileges of the sandboxed render process.\n(CVE-2014-1730)\n\nA type confusion bug was discovered in Blink. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed render process. (CVE-2014-1731)\n\nMultiple security issues including memory safety bugs were discovered in\nChromium. If a user were tricked in to opening a specially crafted website,\nan attacker could potentially exploit these to cause a denial of service via\napplication crash or execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2014-1735, CVE-2014-3162)\n\nMultiple use-after-free issues were discovered in the WebSockets\nimplementation. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial of\nservice via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2014-1740)\n\nMultiple integer overflows were discovered in CharacterData\nimplementation. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit these to cause a denial of\nservice via renderer crash or execute arbitrary code with the privileges\nof the sandboxed render process. (CVE-2014-1741)\n\nMultiple use-after-free issues were discovered in Blink. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via renderer crash\nor execute arbitrary code with the privileges of the sandboxed render\nprocess. (CVE-2014-1742, CVE-2014-1743)\n\nAn integer overflow bug was discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash or execute arbitrary code with the privileges of the user invoking\nthe program. (CVE-2014-1744)\n\nAn out-of-bounds read was discovered in Chromium. If a user were tricked\nin to opening a specially crafter website, an attacker could potentially\nexploit this to cause a denial of service via application crash.\n(CVE-2014-1746)\n\nIt was discovered that Blink allowed scrollbar painting to extend in to\nthe parent frame in some circumstances. An attacker could potentially\nexploit ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2298-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2298-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'oxide-qt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liboxideqtcore0:i386\", ver:\"1.0.4-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs:i386\", ver:\"1.0.4-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"oxideqt-codecs-extra:i386\", ver:\"1.0.4-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:31", "description": "Gentoo Linux Local Security Checks GLSA 201408-16", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201408-16", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3171", "CVE-2014-3155", "CVE-2014-1747", "CVE-2014-3168", "CVE-2014-3176", "CVE-2014-1724", "CVE-2014-3166", "CVE-2014-1735", "CVE-2014-1729", "CVE-2014-3165", "CVE-2014-1720", "CVE-2014-3154", "CVE-2014-1742", "CVE-2014-1728", "CVE-2014-1703", "CVE-2014-1719", "CVE-2014-3157", "CVE-2014-1726", "CVE-2014-1705", "CVE-2014-1734", "CVE-2014-1733", "CVE-2014-1732", "CVE-2014-1718", "CVE-2014-1744", "CVE-2014-0538", "CVE-2014-1716", "CVE-2014-1722", "CVE-2014-1743", "CVE-2014-1731", "CVE-2014-1740", "CVE-2014-3174", "CVE-2014-3175", "CVE-2014-3173", "CVE-2014-3167", "CVE-2014-1746", "CVE-2014-1714", "CVE-2014-1749", "CVE-2014-1713", "CVE-2014-3169", "CVE-2014-1745", "CVE-2014-3172", "CVE-2014-1701", "CVE-2014-1704", "CVE-2014-3162", "CVE-2014-3170", "CVE-2014-1730", "CVE-2014-1721", "CVE-2014-3160", "CVE-2014-1725", "CVE-2014-1715", "CVE-2014-1727", "CVE-2014-1702", "CVE-2014-1723", "CVE-2014-1748", "CVE-2014-1717", "CVE-2014-3177", "CVE-2014-1741", "CVE-2014-1700", "CVE-2014-3156"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121260", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121260", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201408-16.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121260\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:27:47 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201408-16\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201408-16\");\n script_cve_id(\"CVE-2014-1741\", \"CVE-2014-0538\", \"CVE-2014-1700\", \"CVE-2014-1701\", \"CVE-2014-1702\", \"CVE-2014-1703\", \"CVE-2014-1704\", \"CVE-2014-1705\", \"CVE-2014-1713\", \"CVE-2014-1714\", \"CVE-2014-1715\", \"CVE-2014-1716\", \"CVE-2014-1717\", \"CVE-2014-1718\", \"CVE-2014-1719\", \"CVE-2014-1720\", \"CVE-2014-1721\", \"CVE-2014-1722\", \"CVE-2014-1723\", \"CVE-2014-1724\", \"CVE-2014-1725\", \"CVE-2014-1726\", \"CVE-2014-1727\", \"CVE-2014-1728\", \"CVE-2014-1729\", \"CVE-2014-1730\", \"CVE-2014-1731\", \"CVE-2014-1732\", \"CVE-2014-1733\", \"CVE-2014-1734\", \"CVE-2014-1735\", \"CVE-2014-1740\", \"CVE-2014-1742\", \"CVE-2014-1743\", \"CVE-2014-1744\", \"CVE-2014-1745\", \"CVE-2014-1746\", \"CVE-2014-1747\", \"CVE-2014-1748\", \"CVE-2014-1749\", \"CVE-2014-3154\", \"CVE-2014-3155\", \"CVE-2014-3156\", \"CVE-2014-3157\", \"CVE-2014-3160\", \"CVE-2014-3162\", \"CVE-2014-3165\", \"CVE-2014-3166\", \"CVE-2014-3167\", \"CVE-2014-3168\", \"CVE-2014-3169\", \"CVE-2014-3170\", \"CVE-2014-3171\", \"CVE-2014-3172\", \"CVE-2014-3173\", \"CVE-2014-3174\", \"CVE-2014-3175\", \"CVE-2014-3176\", \"CVE-2014-3177\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201408-16\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/chromium\", unaffected: make_list(\"ge 37.0.2062.94\"), vulnerable: make_list(\"lt 37.0.2062.94\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "The webkit package has been updated to version 2.4.10, fixing several security issues and other bugs. \n", "cvss3": {}, "published": "2016-03-25T06:38:37", "type": "mageia", "title": "Updated webkit packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2016-03-25T06:38:37", "id": "MGASA-2016-0120", "href": "https://advisories.mageia.org/MGASA-2016-0120.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T11:19:34", "description": "The webkit2 package has been updated to version 2.10.9, fixing several security issues and other bugs. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-03-25T06:38:37", "type": "mageia", "title": "Updated webkit2 packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1068", "CVE-2015-1069", "CVE-2015-1070", "CVE-2015-1071", "CVE-2015-1072", "CVE-2015-1073", "CVE-2015-1075", "CVE-2015-1076", "CVE-2015-1077", "CVE-2015-1081", "CVE-2015-1082", "CVE-2015-1119", "CVE-2015-1120", "CVE-2015-1121", "CVE-2015-1122", "CVE-2015-1124", "CVE-2015-1126", "CVE-2015-1127", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1154", "CVE-2015-1155", "CVE-2015-1156", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3660", "CVE-2015-3727", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3752", "CVE-2015-3753", "CVE-2015-3754", "CVE-2015-3755", "CVE-2015-5788", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5797", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5825", "CVE-2015-5827", "CVE-2015-5828", "CVE-2015-5928", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931", "CVE-2015-7002", "CVE-2015-7012", "CVE-2015-7013", "CVE-2015-7014", "CVE-2015-7048", "CVE-2015-7095", "CVE-2015-7096", "CVE-2015-7097", "CVE-2015-7098", "CVE-2015-7099", "CVE-2015-7100", "CVE-2015-7102", "CVE-2015-7103", "CVE-2015-7104", "CVE-2016-1723", "CVE-2016-1724", "CVE-2016-1725", "CVE-2016-1726", "CVE-2016-1727", "CVE-2016-1728"], "modified": "2016-03-25T06:38:37", "id": "MGASA-2016-0116", "href": "https://advisories.mageia.org/MGASA-2016-0116.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. ", "cvss3": {}, "published": "2016-03-21T01:53:49", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: webkitgtk3-2.4.10-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2016-03-21T01:53:49", "id": "FEDORA:568856077DDB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NNCJREXWBYTQB3MSNSDWCNSGJUJH3FVD/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. ", "cvss3": {}, "published": "2016-03-22T19:55:11", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: webkitgtk-2.4.10-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2016-03-22T19:55:11", "id": "FEDORA:EBF24604237F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4GPMV6PPDDKFQF7WUMWRXF3KMO2RWPZI/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. ", "cvss3": {}, "published": "2016-03-27T00:38:11", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: webkitgtk-2.4.10-1.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2016-03-27T00:38:11", "id": "FEDORA:E319A6098B3F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GYHY4HBRVWQOADZTIDKDDYQFDBPAVGTG/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. ", "cvss3": {}, "published": "2016-03-29T19:23:05", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: webkitgtk-2.4.10-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1748", "CVE-2015-1071", "CVE-2015-1076", "CVE-2015-1081", "CVE-2015-1083", "CVE-2015-1120", "CVE-2015-1122", "CVE-2015-1127", "CVE-2015-1153", "CVE-2015-1155", "CVE-2015-3658", "CVE-2015-3659", "CVE-2015-3727", "CVE-2015-3731", "CVE-2015-3741", "CVE-2015-3743", "CVE-2015-3745", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3752", "CVE-2015-5788", "CVE-2015-5794", "CVE-2015-5801", "CVE-2015-5809", "CVE-2015-5822", "CVE-2015-5928"], "modified": "2016-03-29T19:23:05", "id": "FEDORA:333BF6016168", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BTS3HSSJ2VCTM63ICX3VRXJJ2ZR2SEOG/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. ", "cvss3": {}, "published": "2016-02-01T06:38:54", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: webkitgtk4-2.10.4-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1122", "CVE-2015-1152", "CVE-2015-1155", "CVE-2015-3660", "CVE-2015-3730", "CVE-2015-3738", "CVE-2015-3740", "CVE-2015-3742", "CVE-2015-3744", "CVE-2015-3746", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3754", "CVE-2015-3755", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5807", "CVE-2015-5810", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5825", "CVE-2015-5827", "CVE-2015-5828", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931", "CVE-2015-7002", "CVE-2015-7013", "CVE-2015-7014", "CVE-2015-7048", "CVE-2015-7095", "CVE-2015-7097", "CVE-2015-7099", "CVE-2015-7100", "CVE-2015-7102", "CVE-2015-7103", "CVE-2015-7104"], "modified": "2016-02-01T06:38:54", "id": "FEDORA:3FFBD608DDB3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HJ4JBPMYF6DW5F22S5RPC6HQHVZ4JY35/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:59", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\nAPPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7\r\n\r\nSafari 8.0.7, Safari 7.1.7, and Safari 6.2.7 are now available and\r\naddress the following:\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.3\r\nImpact: A maliciously crafted website can access the WebSQL\r\ndatabases of other websites\r\nDescription: An issue existed in the authorization checks for\r\nrenaming WebSQL tables. This could have allowed a maliciously crafted\r\nwebsite to access databases belonging to other websites. The issue\r\nwas addressed with improved authorization checks.\r\nCVE-ID\r\nCVE-2015-3727 : Peter Rutenbar working with HP's Zero Day Initiative\r\n\r\nWebKit Page Loading\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.3\r\nImpact: Visiting a maliciously crafted website may lead to account\r\naccount takeover\r\nDescription: An issue existed where Safari would preserve the Origin\r\nrequest header for cross-origin redirects, allowing malicious\r\nwebsites to circumvent CSRF protections. This issue was addressed\r\nthrough improved handling of redirects.\r\nCVE-ID\r\nCVE-2015-3658 : Brad Hill of Facebook\r\n\r\nWebKit PDF\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.3\r\nImpact: Clicking a maliciously crafted link in a PDF embedded in a\r\nwebpage may lead to cookie theft or user information leakage\r\nDescription: An issue existed with PDF-embedded links which could\r\nexecute JavaScript in a hosting webpage's context. This issue was\r\naddressed by restricting the support for JavaScript links.\r\nCVE-ID\r\nCVE-2015-3660 : Apple\r\n\r\nWebKit Storage\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.3\r\nImpact: Visiting a maliciously crafted webpage may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An insufficient comparison issue existed in SQLite\r\nauthorizer which allowed invocation of arbitrary SQL functions. This\r\nissue was addressed with improved authorization checks.\r\nCVE-ID\r\nCVE-2015-3659 : Peter Rutenbar working with HP's Zero Day Initiative\r\n\r\n\r\nSafari 8.0.7, Safari 7.1.7, and Safari 6.2.7 may be obtained from\r\nthe Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBCAAGBQJVke9DAAoJEBcWfLTuOo7tE7oP/0PWt+3zpRGevnWaTR1cdCSR\r\nixlIqZ+OrwfGluIpnQIrMx8Lw2F954/Afcv68QW5pDwU02UYIiHXFiryFG2YYu6k\r\n+n1mnqY/5n3uo3+V18Tfi7q8WFoEfi607PbXUt/Q3FCu+NuQBl3nrVWo53f+a44v\r\nPb08QVMyj+g0KWNoMudA7T/G9yXsnZFm6rBKkl1D+2Cwyx/DB2i4guHleJNawM/m\r\n8vCgIc4FReFOz03EqW3Vzqp3qWd4AovRLX8iG+62mUU8AgAVVurJdhxPNjqzmoAi\r\nZg1MDM2un4Op6QvLpJzG9zwW5/s+H8GVLPIYnK+uASu5UR0EU3yqb0UOCHbyG6iI\r\nDFaRDyHXaNBWglFxRdl/Lvbz/ZQyAdc3MJMaHOSHchvu7CX3x2szTKkPr1nd/7bS\r\nRB5JWTBKjz9G0zOp4d44u49oW4/43yV/kcjs7isBKyzPpO67dzukMDjjeKlkYAVE\r\ngOoYtQMcorh2PrMEAW7MN2jB9R0f7gEOr2txRLgy0NakI/W+WVK8wysbDNvsjEE4\r\n9UynLpQHqmlEL68ZyXGPrbn7Q4dO3qdL3fYsCp/57o7wDkIfASBehTet4Va3yobr\r\nZikiQkMU9QnYYWiN0whHzgtq+ONFg8B3hroD9XgfpG8kldjXyI6cOj6QY9e276m4\r\nU31+XzCwLCTXylgolNOw\r\n=9Wfv\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-07-05T00:00:00", "title": "APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-3660", "CVE-2015-3727", "CVE-2015-3658", "CVE-2015-3659"], "modified": "2015-07-05T00:00:00", "id": "SECURITYVULNS:DOC:32262", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32262", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:11:44", "description": "Multiple memory corruptions.", "edition": 2, "cvss3": {}, "published": "2015-07-05T00:00:00", "title": "Apple Safari / Webkit multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-3660", "CVE-2015-3727", "CVE-2015-3658", "CVE-2015-3659"], "modified": "2015-07-05T00:00:00", "id": "SECURITYVULNS:VULN:14559", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14559", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:00", "description": "\r\n\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\nAPPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8\r\n\r\nSafari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and\r\naddresses the following:\r\n\r\nSafari Application\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.4\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: A malicious website could open another site and prompt\r\nfor user input without a way for the user to tell where the prompt\r\ncame from. The issue was addressed by displaying the prompt origin to\r\nthe user.\r\nCVE-ID\r\nCVE-2015-3729 : Code Audit Labs of VulnHunt.com\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.4\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3730 : Apple\r\nCVE-2015-3731 : Apple\r\nCVE-2015-3732 : Apple\r\nCVE-2015-3733 : Apple\r\nCVE-2015-3734 : Apple\r\nCVE-2015-3735 : Apple\r\nCVE-2015-3736 : Apple\r\nCVE-2015-3737 : Apple\r\nCVE-2015-3738 : Apple\r\nCVE-2015-3739 : Apple\r\nCVE-2015-3740 : Apple\r\nCVE-2015-3741 : Apple\r\nCVE-2015-3742 : Apple\r\nCVE-2015-3743 : Apple\r\nCVE-2015-3744 : Apple\r\nCVE-2015-3745 : Apple\r\nCVE-2015-3746 : Apple\r\nCVE-2015-3747 : Apple\r\nCVE-2015-3748 : Apple\r\nCVE-2015-3749 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.4\r\nImpact: A malicious website may trigger plaintext requests to an\r\norigin under HTTP Strict Transport Security\r\nDescription: An issue existed where Content Security Policy report\r\nrequests would not honor HTTP Strict Transport Security. This issue\r\nwas addressed through improved HTTP Strict Transport Security\r\nenforcement.\r\nCVE-ID\r\nCVE-2015-3750 : Muneaki Nishimura (nishimunea)\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.4\r\nImpact: Image loading may violate a website's Content Security\r\nPolicy directive\r\nDescription: An issue existed where websites with video controls\r\nwould load images nested in object elements in violation of the\r\nwebsite's Content Security Policy directive. This issue was addressed\r\nthrough improved Content Security Policy enforcement.\r\nCVE-ID\r\nCVE-2015-3751 : Muneaki Nishimura (nishimunea)\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.4\r\nImpact: Content Security Policy report requests may leak cookies\r\nDescription: Two issues existed in how cookies were added to Content\r\nSecurity Policy report requests. Cookies were sent in cross-origin\r\nreport requests in violation of the standard. Cookies set during\r\nregular browsing were sent in private browsing. These issues were\r\naddressed through improved cookie handling.\r\nCVE-ID\r\nCVE-2015-3752 : Muneaki Nishimura (nishimunea)\r\n\r\nWebKit Canvas\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.4\r\nImpact: A malicious website may exfiltrate image data cross-origin\r\nDescription: Images fetched through URLs that redirected to a\r\ndata:image resource could have been exfiltrated cross-origin. This\r\nissue was addressed through improved canvas taint tracking.\r\nCVE-ID\r\nCVE-2015-3753 : Antonio Sanso and Damien Antipa of Adobe\r\n\r\nWebKit Page Loading\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.4\r\nImpact: Cached authentication state may reveal private browsing\r\nhistory\r\nDescription: An issue existed in caching of HTTP authentication.\r\nCredentials entered in private browsing mode were carried over to\r\nregular browsing which would reveal parts of the user's private\r\nbrowsing history. This issue was addressed through improved caching\r\nrestrictions.\r\nCVE-ID\r\nCVE-2015-3754 : Dongsung Kim (@kid1ng)\r\n\r\nWebKit Process Model\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.4\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Navigating to a malformed URL may have allowed a\r\nmalicious website to display an arbitrary URL. This issue was\r\naddressed through improved URL handling.\r\nCVE-ID\r\nCVE-2015-3755 : xisigr of Tencent's Xuanwu Lab\r\n\r\nSafari 8.0.8, Safari 7.1.8, and Safari 6.2.8 may be obtained from\r\nthe Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\n\r\niQIcBAEBCAAGBQJVzM3yAAoJEBcWfLTuOo7tYZcP/1LnHEMuFI+SqUczpBZssu+S\r\nk5VHU4YHg37SVeGXWPYhmWnz1NG+t3h5UZmPKwupqHWgA1JbzRcUAEozBLt6kHoL\r\nV8FQJPdiMNHwuqvgHlE8YK8Z9Ep3bS0bvVr/EyE/QghaJxi9IUXGZPNQt5ikP2LA\r\nZafmMrgQF5GRyYeaWsOw12tEiD/wc9f6ThMwtgsOW8LyjTLwf7qPt084sxj2XLTC\r\nGZym1TPjlu6FodGk2ZCSP1a4WwHljBjXyaUlRGvxmAJi+aEe9frCg7onvMrkFdD8\r\nCBCNBXswpMfAg759ZvPjLvYYYgTkql3CGxFOAiNjs47y3kzo/1kXCrrGtqDhgQ0G\r\nMNzmf23yipHoA63UwbmHuANCjPb1+M98uCQJ+jEW3dqpLcJGTbsZil5w1aPJXb5s\r\nulIu9FGknArxrutsg2Zt3xbd3CPaqShWXq2NDNDaofjQ05KkvdqhhMeDUkdujgbT\r\nVNbewci+OfDA6puc8tplZrHWa+BUiOlk9g4UXiUhwzhcj86sGF2FJIDqAEDlBdIo\r\nrpnVNjrNx6bvDA/5WEj40oUPF+yuFNRVHQhKmu++zhXEE8kjtaGXZr+3YiZoCEWl\r\nHKY9pBlZmEO2Viq+Xn+M1OIS091h3qbVC93Eho2oiF/ttcmLPRL40dJmNwaZKe/4\r\nG892+OR68K28IWb8iUib\r\n=l5e/\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-08-17T00:00:00", "title": "APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-3733", "CVE-2015-3736", "CVE-2015-3754", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-3732", "CVE-2015-3738", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-3730", "CVE-2015-3750", "CVE-2015-3755", "CVE-2015-3753", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-3748", "CVE-2015-3746", "CVE-2015-3741", "CVE-2015-3751", "CVE-2015-3745", "CVE-2015-3735", "CVE-2015-3737", "CVE-2015-3729"], "modified": "2015-08-17T00:00:00", "id": "SECURITYVULNS:DOC:32389", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32389", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:11:43", "description": "Interface spoofing, memory corruption, restrictions bypass.", "edition": 2, "cvss3": {}, "published": "2015-08-17T00:00:00", "title": "Apple Safari / Webkit multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-3733", "CVE-2015-3736", "CVE-2015-3754", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-3731", "CVE-2015-3752", "CVE-2015-3732", "CVE-2015-3738", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-3730", "CVE-2015-3750", "CVE-2015-3755", "CVE-2015-3753", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-3748", "CVE-2015-3746", "CVE-2015-3741", "CVE-2015-3751", "CVE-2015-3745", "CVE-2015-3735", "CVE-2015-3737", "CVE-2015-3729"], "modified": "2015-08-17T00:00:00", "id": "SECURITYVULNS:VULN:14629", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14629", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6\r\n\r\nSafari 8.0.6, Safari 7.1.6, and Safari 6.2.6 are now available and\r\naddress the following:\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.3\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1152 : Apple\r\nCVE-2015-1153 : Apple\r\nCVE-2015-1154 : Apple\r\n\r\nWebKit History\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.3\r\nImpact: Visiting a maliciously crafted website may compromise user\r\ninformation on the filesystem\r\nDescription: A state management issue existed in Safari that allowed\r\nunprivileged origins to access contents on the filesystem. This issue\r\nwas addressed through improved state management.\r\nCVE-ID\r\nCVE-2015-1155 : Joe Vennix of Rapid7 Inc. working with HP's Zero Day\r\nInitiative\r\n\r\nWebKit Page Loading\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.3\r\nImpact: Visiting a malicious website by clicking a link may lead to\r\nuser interface spoofing\r\nDescription: An issue existed in the handling of the rel attribute\r\nin anchor elements. Target objects could get unauthorized access to\r\nlink objects. This issue was addressed through improved link type\r\nadherence.\r\nCVE-ID\r\nCVE-2015-1156 : Zachary Durber of Moodle\r\n\r\nSafari 8.0.6, Safari 7.1.6, and Safari 6.2.6 may be obtained from\r\nthe Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJVSmEJAAoJEBcWfLTuOo7tixsP/1BA4ipZ+MJwPqMEkVmYHyCc\r\n4RtNYjWB6gX7yRLA9x3FdSXo1XG9C+1mtnWV3Acp2sP/mtmhH9yjUrayqYANsBoe\r\nQrunfhhhx19DLYJ4989Y2HzWa8TJCYf/48Sh8PS5Jaf0FXdEUsqy/vBv/XGZLLrD\r\nk60uzyLswMp12OVC14c9Ueq7dMWXscebl7CGkKxuBAfvYpcZdhbmDWg/kkRGruZJ\r\nEzh6m4YAzBSaeuoibKKZbAVbHlH+xW8wThw3GHfnwfBvX03ZsgH5mdw2UWPgT+gG\r\n/wrllHKG/qpaPeS0WZDVbI8NxmQP/YK+Fall2yqAUwDX7xj9VDZAKVElst9CWl6U\r\nY+jn8+MxTPLqAAnmvl/0zcsU5qR/DzsbqT6MVCDH0PqPspdzHfyT6d7sT/fBN2Ri\r\nti3uw7YmQCCQzi16vcGZnFjlIMDHB+hp5slp7hiVvAjixclYmRE62WME9VT/lZBW\r\nKqs+OE6ZQ4jsHX1uhGNdQzGgQbwHtoNkh8rge+VvMQZwMV/IMW9hnTzKStEOPpmz\r\nEZuJRsVA7ZNaVd+y22Vfb8jyrY7BLiALKGpPaZNkmkF/hRgQHsXiXwC69np/6Jcg\r\n2fy1uEt7eWKNPzQo1oUMtJ1jLzBMIBZoH4UpbpFZaHfHx/KYl8Pi8IahK7PT/r96\r\nd2NeGKt3ZU8rm9473KsB\r\n=EyH2\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-05-10T00:00:00", "title": "APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1156", "CVE-2015-1154", "CVE-2015-1155", "CVE-2015-1152", "CVE-2015-1153"], "modified": "2015-05-10T00:00:00", "id": "SECURITYVULNS:DOC:32012", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32012", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:11:44", "description": "Multiple memory corruptions, files access, interface spoofing.", "edition": 2, "cvss3": {}, "published": "2015-05-10T00:00:00", "title": "Apple Safari / Webkit multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1156", "CVE-2015-1154", "CVE-2015-1155", "CVE-2015-1152", "CVE-2015-1153"], "modified": "2015-05-10T00:00:00", "id": "SECURITYVULNS:VULN:14452", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14452", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5\r\n\r\nSafari 8.0.5, Safari 7.1.5, and Safari 6.2.5 are now available and\r\naddress the following:\r\n\r\nSafari\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.2\r\nImpact: Users may be tracked by malicious websites using client\r\ncertificates\r\nDescription: An issue existed in Safari's client certificate\r\nmatching for SSL authentication. This issue was addressed by improved\r\nmatching of valid client certificates.\r\nCVE-ID\r\nCVE-2015-1129 : Stefan Kraus of fluid Operations AG, Sylvain Munaut\r\nof Whatever s.a.\r\n\r\nSafari\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.2\r\nImpact: Notifications preferences may reveal users' browsing history\r\nin private browsing mode\r\nDescription: Responding to push notification requests in private\r\nbrowsing mode revealed users' browsing history. This issue was\r\naddressed by disabling push notification prompts in private browsing\r\nmode.\r\nCVE-ID\r\nCVE-2015-1128 : Joseph Winn of Credit Union Geek\r\n\r\nSafari\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.2\r\nImpact: Users' browsing history may not be completely purged\r\nDescription: A state management issue existed in Safari that\r\nresulted in users' browsing history not being purged from\r\nhistory.plist. This issue was addressed by improved state management.\r\nCVE-ID\r\nCVE-2015-1112 : William Breuer, The Netherlands\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1119 : Renata Hodovan of University of Szeged / Samsung\r\nElectronics\r\nCVE-2015-1120 : Apple\r\nCVE-2015-1121 : Apple\r\nCVE-2015-1122 : Apple\r\nCVE-2015-1124 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.2\r\nImpact: Users' browsing history in private mode may be indexed\r\nDescription: A state management issue existed in Safari that\r\ninadvertently indexed users' browsing history when in private\r\nbrowsing mode. This issue was addressed by improved state management.\r\nCVE-ID\r\nCVE-2015-1127 : Tyler C\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nand OS X Yosemite v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to resources\r\nof another origin being accessed\r\nDescription: An issue existed in WebKit's credential handling for\r\nFTP URLs. This issue was addressed by improved URL decoding.\r\nCVE-ID\r\nCVE-2015-1126 : Jouko Pynnonen of Klikki Oy\r\n\r\nSafari 8.0.5, Safari 7.1.5, and Safari 6.2.5 may be obtained from\r\nthe Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJVJG6MAAoJEBcWfLTuOo7tL3cP/RVZlw3sp/ze1r1hSxcezN/Z\r\nw/uAPiqzud607Aqqwsg1YI4WzqCoIVLEb6N40eNGn7aTFkgOrBlYhsxTNHNnx2cM\r\n3/HkDKMZo0bhO/fIqa9YfyG/KbgFKQMM0/eECNccEkQp6/DLHLJIwS0+QW0oBZ9q\r\nm9bBNTHFQxvJA9or3cn/eFV1zWVvr5RjpwR595tzWpYLIbIqTX901VAbBMOKvqtl\r\n8b5NMmLNoEmfKGWWRqa5RmguFNnnANi3m+6PgU6fNU82dm8mif+ONDhDeyC43MH0\r\ncxeeKZcWBGdYel9C/ctSF9SsnKhqAukIMoMppYLLL8AFHBPd504w1oXoS6UiE/go\r\nGrCXwzyxOklGQriyeMS/nsSn+AryJzQP3hXgWjAd8HuSIKCff9iaZBk5OxjK1Cwi\r\nk0zSx0qDJAHo1nlUhawYjQVhD7QEtkV7QO6hb4W22h5r/0MJGNuPsh9Mw2u6gIW6\r\nl+p2x3D64xjfh+EclWerMhN+tqBR3RokkdkvNxhStdsz6dkA21ynaHMiaYN3lff7\r\nDDINEP6dDiLi8AGP9P9pjYl3wMVgVTyFgMGL7cUMx8GIrm4pp8YAkhj2yWOM/ns0\r\nMycgrf+h0tFZYTvvojWlyo4rqx9J8te7dEiHjmg8l0OrOHXzmqQhDwOIWbH8fIGO\r\nCfE7FxlOHEHgzh+bzKvG\r\n=Df4l\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-04-08T00:00:00", "title": "APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1127", "CVE-2015-1112", "CVE-2015-1122", "CVE-2015-1126", "CVE-2015-1124", "CVE-2015-1129", "CVE-2015-1120", "CVE-2015-1128", "CVE-2015-1121", "CVE-2015-1119"], "modified": "2015-04-08T00:00:00", "id": "SECURITYVULNS:DOC:31882", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31882", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:11:43", "description": "Invalid SSL validation, information leakage, crossite access, memory corruptions.", "edition": 2, "cvss3": {}, "published": "2015-04-19T00:00:00", "title": "Apple Safari / Webkit multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1127", "CVE-2015-1112", "CVE-2015-1122", "CVE-2015-1126", "CVE-2015-1124", "CVE-2015-1129", "CVE-2015-1120", "CVE-2015-1128", "CVE-2015-1121", "CVE-2015-1119"], "modified": "2015-04-19T00:00:00", "id": "SECURITYVULNS:VULN:14356", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14356", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4\r\n\r\nSafari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and\r\naddress the following:\r\n\r\nWebKit\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1068 : Apple\r\nCVE-2015-1069 : Apple\r\nCVE-2015-1070 : Apple\r\nCVE-2015-1071 : Apple\r\nCVE-2015-1072\r\nCVE-2015-1073 : Apple\r\nCVE-2015-1074 : Apple\r\nCVE-2015-1075 : Google Chrome Security team\r\nCVE-2015-1076\r\nCVE-2015-1077 : Apple\r\nCVE-2015-1078 : Apple\r\nCVE-2015-1079 : Apple\r\nCVE-2015-1080 : Apple\r\nCVE-2015-1081 : Apple\r\nCVE-2015-1082 : Apple\r\nCVE-2015-1083 : Apple\r\n\r\nWebKit\r\nImpact: Inconsistent user interface may prevent users from\r\ndiscerning a phishing attack\r\nDescription: A user interface inconsistency existed in Safari that\r\nallowed an attacker to misrepresent the URL. This issue was addressed\r\nthrough improved user interface consistency checks.\r\nCVE-ID\r\nCVE-2015-1084 : Apple\r\n\r\nSafari 8.0.4, Safari 7.1.4, and Safari 6.2.4 may be obtained from\r\nthe Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\n\r\niQIcBAEBAgAGBQJVCHNfAAoJEBcWfLTuOo7twwcQAJw+o6wILW0ZLtMEV3DugttG\r\n5agZqzvO1CdpmtqlUlyEJhQ1r9SrzBnqaTqgXUzMZv/ZFRR0FrgKnEcqJXH82K6y\r\nwAVOIwDWKazKbzvYMOOREYQ1JCCRHJnA/I4+8/RGkZAqXhrWgIqbGikxDND3BGfP\r\nRnM4ae9oQxGIbiZeyGCVWbGi/WEvsXY20tHZLelK0GzUZw+KaYQqPL8K681LOWaT\r\nKB3l85vXl4a6rHFE9oz25dh5dlOUUVlUtXQAjffchS/hyBBCTIxBEpu2iACx6h8L\r\n5UmSs7pilr3bmlA2FQakfHTMWgBfWIiwxYyNY5C/s0UnUx+uMuW9kR/NSjFyrQUB\r\nwvlKPQ+oKM4m5WoorgM57XhSbcL/Rf6YVmN6sYf27TISLDHxvCAy5wK5xyyL8zTo\r\nKWiMJCmDzlhRInlC2VfJNFZvdr/1xfogNXOQTWGsFXCbKAzs4HT5dPhg5QjyJ/fq\r\ntJH5gtXo/MklMke9zJYhdLhdCGI26h2kmnV7ugelNxdxYS99UyKsS9vnIEkc4C4t\r\npAdB6PH1V0KMvXMoUerDWkJyPy4vvaAXPsaGVjbaNRfK+BwEDtjrsY7UbNsrPIrc\r\nef+hjfnkTEnFWnpBW4A+YVpLQz/uMLDcsePMkwR2tKq1LEBHyKhqbKiAXt1HVd6H\r\nB5CGJrtHUaXWG0BwUmnn\r\n=d/wD\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-03-18T00:00:00", "title": "APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1072", "CVE-2015-1078", "CVE-2015-1073", "CVE-2015-1079", "CVE-2015-1071", "CVE-2015-1074", "CVE-2015-1068", "CVE-2015-1076", "CVE-2015-1070", "CVE-2015-1077", "CVE-2015-1084", "CVE-2015-1083", "CVE-2015-1082", "CVE-2015-1081", "CVE-2015-1069", "CVE-2015-1075", "CVE-2015-1080"], "modified": "2015-03-18T00:00:00", "id": "SECURITYVULNS:DOC:31803", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31803", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:11:44", "description": "Multiple memory corruptions, spoofing.", "edition": 2, "cvss3": {}, "published": "2015-03-18T00:00:00", "title": "Apple Safari / Webkit multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1072", "CVE-2015-1078", "CVE-2015-1073", "CVE-2015-1079", "CVE-2015-1071", "CVE-2015-1074", "CVE-2015-1068", "CVE-2015-1076", "CVE-2015-1070", "CVE-2015-1077", "CVE-2015-1084", "CVE-2015-1083", "CVE-2015-1082", "CVE-2015-1081", "CVE-2015-1069", "CVE-2015-1075", "CVE-2015-1080"], "modified": "2015-03-18T00:00:00", "id": "SECURITYVULNS:VULN:14326", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14326", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:01", "description": "\r\n\r\nAPPLE-SA-2015-09-16-3 iTunes 12.3\r\n\r\niTunes 12.3 is now available and addresses the following:\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Applications that use CoreText may be vulnerable to\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of text files. These issues were addressed through\r\nimproved memory handling.\r\nCVE-ID\r\nCVE-2015-1157 : Apple\r\nCVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Applications that use ICU may be vulnerable to unexpected\r\napplication termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of unicode strings. These issues were addressed by\r\nupdating ICU to version 55.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2015-1205\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Opening a media file may lead to arbitrary code execution\r\nDescription: A security issue existed in Microsoft Foundation\r\nClass's handling of library loading. This issue was addressed by\r\nupdating to the latest version of the Microsoft Visual C++\r\nRedistributable Package.\r\nCVE-ID\r\nCVE-2010-3190 : Stefan Kanthak\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may result in unexpected application termination or\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1152 : Apple\r\nCVE-2015-1153 : Apple\r\nCVE-2015-3730 : Apple\r\nCVE-2015-3731 : Apple\r\nCVE-2015-3733 : Apple\r\nCVE-2015-3734 : Apple\r\nCVE-2015-3735 : Apple\r\nCVE-2015-3736 : Apple\r\nCVE-2015-3737 : Apple\r\nCVE-2015-3738 : Apple\r\nCVE-2015-3739 : Apple\r\nCVE-2015-3740 : Apple\r\nCVE-2015-3741 : Apple\r\nCVE-2015-3742 : Apple\r\nCVE-2015-3743 : Apple\r\nCVE-2015-3744 : Apple\r\nCVE-2015-3745 : Apple\r\nCVE-2015-3746 : Apple\r\nCVE-2015-3747 : Apple\r\nCVE-2015-3748 : Apple\r\nCVE-2015-3749 : Apple\r\nCVE-2015-5789 : Apple\r\nCVE-2015-5790 : Apple\r\nCVE-2015-5791 : Apple\r\nCVE-2015-5792 : Apple\r\nCVE-2015-5793 : Apple\r\nCVE-2015-5794 : Apple\r\nCVE-2015-5795 : Apple\r\nCVE-2015-5796 : Apple\r\nCVE-2015-5797 : Apple\r\nCVE-2015-5798 : Apple\r\nCVE-2015-5799 : Apple\r\nCVE-2015-5800 : Apple\r\nCVE-2015-5801 : Apple\r\nCVE-2015-5802 : Apple\r\nCVE-2015-5803 : Apple\r\nCVE-2015-5804 : Apple\r\nCVE-2015-5805\r\nCVE-2015-5806 : Apple\r\nCVE-2015-5807 : Apple\r\nCVE-2015-5808 : Joe Vennix\r\nCVE-2015-5809 : Apple\r\nCVE-2015-5810 : Apple\r\nCVE-2015-5811 : Apple\r\nCVE-2015-5812 : Apple\r\nCVE-2015-5813 : Apple\r\nCVE-2015-5814 : Apple\r\nCVE-2015-5815 : Apple\r\nCVE-2015-5816 : Apple\r\nCVE-2015-5817 : Apple\r\nCVE-2015-5818 : Apple\r\nCVE-2015-5819 : Apple\r\nCVE-2015-5821 : Apple\r\nCVE-2015-5822 : Mark S. Miller of Google\r\nCVE-2015-5823 : Apple\r\n\r\nSoftware Update\r\nImpact: An attacker in a privileged network position may be able to\r\nobtain encrypted SMB credentials\r\nDescription: A redirection issue existed in the handling of certain\r\nnetwork connections. This issue was addressed through improved\r\nresource validation.\r\nCVE-ID\r\nCVE-2015-5920 : Cylance\r\n\r\n\r\niTunes 12.3 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nYou may also update to the latest version of iTunes via Apple\r\nSoftware Update, which can be found in the Start menu.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-10-05T00:00:00", "title": "APPLE-SA-2015-09-16-3 iTunes 12.3", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-3733", "CVE-2015-1157", "CVE-2015-3736", "CVE-2015-3686", "CVE-2015-5798", "CVE-2015-3688", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-5796", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-3731", "CVE-2015-3687", "CVE-2015-5805", "CVE-2015-3738", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-3730", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5789", "CVE-2015-5761", "CVE-2015-5813", "CVE-2015-5821", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-3748", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-5815", "CVE-2015-3746", "CVE-2015-5920", "CVE-2015-5755", "CVE-2015-5810", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5823", "CVE-2015-3735", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-3737", "CVE-2010-3190"], "modified": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32517", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32517", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:18:15", "description": "Multiple memory corruptions, DLL injections, multiple WebKit vulnerabilities, information disclosure.", "edition": 2, "cvss3": {}, "published": "2015-10-25T00:00:00", "title": "Apple iTunes multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-3733", "CVE-2015-5930", "CVE-2015-7013", "CVE-2015-1157", "CVE-2015-3736", "CVE-2015-3686", "CVE-2015-6975", "CVE-2015-7002", "CVE-2015-5798", "CVE-2015-3688", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-5796", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-7014", "CVE-2015-3731", "CVE-2015-3687", "CVE-2015-6992", "CVE-2015-5805", "CVE-2015-3738", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-3740", "CVE-2015-3739", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-3743", "CVE-2015-3747", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-3730", "CVE-2015-5802", "CVE-2015-5931", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5929", "CVE-2015-5789", "CVE-2015-5761", "CVE-2015-5813", "CVE-2015-5821", "CVE-2015-3749", "CVE-2015-3742", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-3748", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-5815", "CVE-2015-3746", "CVE-2015-5920", "CVE-2015-5755", "CVE-2015-7012", "CVE-2015-5810", "CVE-2015-3741", "CVE-2015-3745", "CVE-2015-1153", "CVE-2015-5823", "CVE-2015-5928", "CVE-2015-3735", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-7017", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-3737", "CVE-2010-3190", "CVE-2015-7011"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14698", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14698", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:59", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\nAPPLE-SA-2015-06-30-6 iTunes 12.2\r\n\r\niTunes 12.2 is now available and addresses the following:\r\n\r\nWebKit\r\nAvailable for: Windows 8 and Windows 7\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may lead to an unexpected application termination or\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2014-3192 : cloudfuzzer\r\nCVE-2014-4452\r\nCVE-2014-4459\r\nCVE-2014-4466 : Apple\r\nCVE-2014-4468 : Apple\r\nCVE-2014-4469 : Apple\r\nCVE-2014-4470 : Apple\r\nCVE-2014-4471 : Apple\r\nCVE-2014-4472 : Apple\r\nCVE-2014-4473 : Apple\r\nCVE-2014-4474 : Apple\r\nCVE-2014-4475 : Apple\r\nCVE-2014-4476 : Apple\r\nCVE-2014-4477 : lokihardt@ASRT working with HP's Zero Day Initiative\r\nCVE-2014-4479 : Apple\r\nCVE-2015-1068 : Apple\r\nCVE-2015-1069 : Apple\r\nCVE-2015-1070 : Apple\r\nCVE-2015-1071 : Apple\r\nCVE-2015-1072\r\nCVE-2015-1073 : Apple\r\nCVE-2015-1074 : Apple\r\nCVE-2015-1075 : Google Chrome Security team\r\nCVE-2015-1076\r\nCVE-2015-1077 : Apple\r\nCVE-2015-1078 : Apple\r\nCVE-2015-1079 : Apple\r\nCVE-2015-1080 : Apple\r\nCVE-2015-1081 : Apple\r\nCVE-2015-1082 : Apple\r\nCVE-2015-1083 : Apple\r\nCVE-2015-1119 : Renata Hodovan of University of Szeged / Samsung\r\nElectronics\r\nCVE-2015-1120 : Apple\r\nCVE-2015-1121 : Apple\r\nCVE-2015-1122 : Apple\r\nCVE-2015-1124 : Apple\r\nCVE-2015-1152\r\nCVE-2015-1153\r\nCVE-2015-1154\r\n\r\n\r\niTunes 12.2 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\n\r\niQIcBAEBCAAGBQJVkxn8AAoJEBcWfLTuOo7tYPoP/3l/dw+rYzo6GHoE0xZM/4nc\r\n0kq2Wx+f8blymEOs6cHM7hvR4YTRc+O/QnNZXrVVxa7SqFG2dnE203sxOFyTfl6t\r\nyzN2ueA9IGC0W6c3YBo3ej1Fifi9ey25P66AParFU+7jI3Pj3mkKb1ClrFb6gCzc\r\nU743HOcnmmqSpnnXfxZPt+y2oDasweNt0guCpYYG8mcG2hzyQfSmA8EEh/Dzplv9\r\nNl2NGAqyG3Cj8ZDOoPIZcHYZ8h2DHl+YyczVyryo6YwadRPq54pDKDOjsDmVUkl9\r\nYFZu99gdDK/QVudRolmj9ZjvdAi5fpJJZ0hHl7giNzo5wKCVIaTVgzjVRjXWWvRZ\r\nJwTt07sky25py+rQne62/heKfIhPwv2pNyZmSLSpQsb8+yYVKw0mX5nLmko91+yS\r\nkPOMRF5f/Ek2aYoRJ9DruVpMFs1kHIC3ynh5WQrAWkono1fU/U1Wxz2yGPuU+Jhm\r\ndghvFEjH8uHaayaeNilTKqAfxGBOpd9jKzUe3bQ8gbGNtruun0QxIUsa9DE98giu\r\ne1OtNo70kt1EznEPeAoLwhVb/jQE29OlZyhN912tvTGVjExCmIxcZQdw537yWj7C\r\nae2Kjb4l8ni4T4ta0i1mxC/bbsHa8u/gs8DcMGGcjnbWUAJx6oOAAzY6x9SIfZqa\r\nszGbF5r4TZ5KFgMW9I6o\r\n=Vyyo\r\n-----END PGP SIGNATURE-----\r\n\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-07-05T00:00:00", "title": "APPLE-SA-2015-06-30-6 iTunes 12.2", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-4469", "CVE-2015-1072", "CVE-2015-1078", "CVE-2014-3192", "CVE-2014-4479", "CVE-2014-4474", "CVE-2015-1073", "CVE-2015-1122", "CVE-2014-4477", "CVE-2015-1079", "CVE-2014-4475", "CVE-2014-4466", "CVE-2015-1071", "CVE-2015-1074", "CVE-2015-1068", "CVE-2015-1076", "CVE-2015-1154", "CVE-2015-1124", "CVE-2014-4470", "CVE-2014-4452", "CVE-2015-1120", "CVE-2015-1070", "CVE-2015-1077", "CVE-2014-4472", "CVE-2015-1152", "CVE-2014-4468", "CVE-2015-1083", "CVE-2015-1121", "CVE-2015-1082", "CVE-2014-4473", "CVE-2015-1153", "CVE-2014-4471", "CVE-2015-1081", "CVE-2015-1119", "CVE-2015-1069", "CVE-2015-1075", "CVE-2014-4476", "CVE-2015-1080", "CVE-2014-4459"], "modified": "2015-07-05T00:00:00", "id": "SECURITYVULNS:DOC:32263", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32263", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:59", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\nAPPLE-SA-2015-06-30-1 iOS 8.4\r\n\r\niOS 8.4 is now available and addresses the following:\r\n\r\nApplication Store\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious universal provisioning profile app may prevent\r\napps from launching\r\nDescription: An issue existed in the install logic for universal\r\nprovisioning profile apps, which allowed a collision to occur with\r\nexisting bundle IDs. This issue was addressed through improved\r\ncollision checking.\r\nCVE-ID\r\nCVE-2015-3722 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from\r\nFireEye, Inc.\r\n\r\nCertificate Trust Policy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may be able\r\nto intercept network traffic\r\nDescription: An intermediate certificate was incorrectly issued by\r\nthe certificate authority CNNIC. This issue was addressed through the\r\naddition of a mechanism to trust only a subset of certificates issued\r\nprior to the mis-issuance of the intermediate. Further details are\r\navailable at https://support.apple.com/en-us/HT204938\r\n\r\nCertificate Trust Policy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT204132\r\n\r\nCFNetwork HTTPAuthentication\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Following a maliciously crafted URL may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in handling of\r\ncertain URL credentials. This issue was addressed with improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2015-3684 : Apple\r\n\r\nCoreGraphics\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Opening a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of ICC profiles. These issues were addressed through\r\nimproved memory handling.\r\nCVE-ID\r\nCVE-2015-3723 : chaithanya (SegFault) working with HP's Zero Day\r\nInitiative\r\nCVE-2015-3724 : WanderingGlitch of HP's Zero Day Initiative\r\n\r\nCoreText\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted text file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of text files. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1157\r\nCVE-2015-3685 : Apple\r\nCVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3689 : Apple\r\n\r\ncoreTLS\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may intercept\r\nSSL/TLS connections\r\nDescription: coreTLS accepted short ephemeral Diffie-Hellman (DH)\r\nkeys, as used in export-strength ephemeral DH cipher suites. This\r\nissue, also known as Logjam, allowed an attacker with a privileged\r\nnetwork position to downgrade security to 512-bit DH if the server\r\nsupported an export-strength ephemeral DH cipher suite. The issue was\r\naddressed by increasing the default minimum size allowed for DH\r\nephemeral keys to 768 bits.\r\nCVE-ID\r\nCVE-2015-4000 : The weakdh team at weakdh.org, Hanno Boeck\r\n\r\nDiskImages\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An information disclosure issue existed in the\r\nprocessing of disk images. This issue was addressed through improved\r\nmemory management.\r\nCVE-ID\r\nCVE-2015-3690 : Peter Rutenbar working with HP's Zero Day Initiative\r\n\r\nFontParser\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of font files. These issues were addressed through\r\nimproved input validation.\r\nCVE-ID\r\nCVE-2015-3694 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-3719 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nImageIO\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted .tiff file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\n.tiff files. This issue was addressed with improved bounds checking.\r\nCVE-ID\r\nCVE-2015-3703 : Apple\r\n\r\nImageIO\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities exist in libtiff, the most serious\r\nof which may lead to arbitrary code execution\r\nDescription: Multiple vulnerabilities existed in libtiff versions\r\nprior to 4.0.4. They were addressed by updating libtiff to version\r\n4.0.4.\r\nCVE-ID\r\nCVE-2014-8127\r\nCVE-2014-8128\r\nCVE-2014-8129\r\nCVE-2014-8130\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: A memory management issue existed in the handling of\r\nHFS parameters which could have led to the disclosure of kernel\r\nmemory layout. This issue was addressed through improved memory\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-3721 : Ian Beer of Google Project Zero\r\n\r\nMail\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A maliciously crafted email can replace the message content\r\nwith an arbitrary webpage when the message is viewed\r\nDescription: An issue existed in the support for HTML email which\r\nallowed message content to be refreshed with an arbitrary webpage.\r\nThe issue was addressed through restricted support for HTML content.\r\nCVE-ID\r\nCVE-2015-3710 : Aaron Sigel of vtty.com, Jan Soucek\r\n\r\nMobileInstallation\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious universal provisioning profile app can prevent a\r\nWatch app from launching\r\nDescription: An issue existed in the install logic for universal\r\nprovisioning profile apps on the Watch which allowed a collision to\r\noccur with existing bundle IDs. This issue was addressed through\r\nimproved collision checking.\r\nCVE-ID\r\nCVE-2015-3725 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from\r\nFireEye, Inc.\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may compromise user\r\ninformation on the filesystem\r\nDescription: A state management issue existed in Safari that allowed\r\nunprivileged origins to access contents on the filesystem. This issue\r\nwas addressed through improved state management.\r\nCVE-ID\r\nCVE-2015-1155 : Joe Vennix of Rapid7 Inc. working with HP's Zero Day\r\nInitiative\r\n\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to account\r\ntakeover\r\nDescription: An issue existed where Safari would preserve the Origin\r\nrequest header for cross-origin redirects, allowing malicious\r\nwebsites to circumvent CSRF protections. The issue was addressed\r\nthrough improved handling of redirects.\r\nCVE-ID\r\nCVE-2015-3658 : Brad Hill of Facebook\r\n\r\nSecurity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A remote attacker may cause an unexpected application\r\ntermination or arbitrary code execution\r\nDescription: An integer overflow existed in the Security framework\r\ncode for parsing S/MIME e-mail and some other signed or encrypted\r\nobjects. This issue was addressed through improved validity checking.\r\nCVE-ID\r\nCVE-2013-1741\r\n\r\nSQLite\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A remote attacker may cause an unexpected application\r\ntermination or arbitrary code execution\r\nDescription: Multiple buffer overflows existed in SQLite's printf\r\nimplementation. These issues were addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-3717 : Peter Rutenbar working with HP's Zero Day Initiative\r\n\r\nTelephony\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Maliciously crafted SIM cards may lead to arbitrary code\r\nexecution\r\nDescription: Multiple input validation issues existed in the parsing\r\nof SIM/UIM payloads. These issues were addressed through improved\r\npayload validation.\r\nCVE-ID\r\nCVE-2015-3726 : Matt Spisak of Endgame\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website by clicking a link may lead to\r\nuser interface spoofing\r\nDescription: An issue existed in the handling of the rel attribute\r\nin anchor elements. Target objects could get unauthorized access to\r\nlink objects. This issue was addressed through improved link type\r\nadherence.\r\nCVE-ID\r\nCVE-2015-1156 : Zachary Durber of Moodle\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1152 : Apple\r\nCVE-2015-1153 : Apple\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted webpage may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An insufficient comparison issue existed in SQLite\r\nauthorizer which allowed invocation of arbitrary SQL functions. This\r\nissue was addressed with improved authorization checks.\r\nCVE-ID\r\nCVE-2015-3659 : Peter Rutenbar working with HP's Zero Day Initiative\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A maliciously crafted website can access the WebSQL\r\ndatabases of other websites\r\nDescription: An issue existed in the authorization checks for\r\nrenaming WebSQL tables which could have allowed a maliciously crafted\r\nwebsite to access databases belonging to other websites. This was\r\naddressed through improved authorization checks.\r\nCVE-ID\r\nCVE-2015-3727 : Peter Rutenbar working with HP's Zero Day Initiative\r\n\r\nWiFi Connectivity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: iOS devices may auto-associate with untrusted access points\r\nadvertising a known ESSID but with a downgraded security type\r\nDescription: An insufficient comparison issue existed in WiFi\r\nmanager's evaluation of known access point advertisements. This issue\r\nwas addressed through improved matching of security parameters.\r\nCVE-ID\r\nCVE-2015-3728 : Brian W. Gray of Carnegie Mellon University, Craig\r\nYoung from TripWire\r\n\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "8.4".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBCAAGBQJVkr+6AAoJEBcWfLTuOo7tfDwP/1db2KLgQP+Pyb6av5awgS4m\r\nhQul1ihU0JO8jAI2ww345v6jMFq7MIAs82DobbRwqtI97aTep5bieqr5qUautlFz\r\nNtC4VQ5PsAyEoTo0cOSpvFOV3av6BdwFeNTI4w39n+bvKn6YUSJD0zswknUtI/G7\r\nlpFx/KxvKBkXBhWWCg3cyVlo3Jap88svlyh9MZ+C0BYFyjZ+ZjYMlDZ6FdzRyBxI\r\n4RHaXUFrtMQk3JAeIadSbevOH2mUwlCB9vDmFOC5BFTrMYV8nd3gyXMy924wLQli\r\nl3gtx+Kgq3+i71Zay7HGmshv06vZop8X82fC/lNZmTQFfNABLLug0ve0tLH9+IRm\r\n516Yb4UxUZ51Pnhbv1wvwqATGoJpK4oFXHsTx0rCVpkcxGMLmeYRyaxQYBUzh+ns\r\n+9tcuqIBsvVudY8LGAF4yUxkmt2K5N6mqu9x+KqVmiI9M7DbBoc+AUNVJpoiEGmt\r\nqB/eqkpGYKvHal3UEV6P3sSM3gBrzb5aFYNa8R31/cE8U+INeKTwd99KNoixJa9y\r\n/rNOSnuwKsuD33NFUpOJo/MW70ts3BrjN8eIvtnZ7/GHVljkQde7LCCJ2k2iQWTW\r\nlp+C5jWsR/2qXoCkG1p2oipBP/2OKo9wRzklkOo+1LJiWY18r/FlRMWqfkFUyMrK\r\n+NEpxWhe8ytzIFIkrXDt\r\n=iv++\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-07-05T00:00:00", "title": "APPLE-SA-2015-06-30-1 iOS 8.4", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-3723", "CVE-2015-1157", "CVE-2015-3686", "CVE-2015-3717", "CVE-2015-3722", "CVE-2015-3688", "CVE-2014-8127", "CVE-2015-3694", "CVE-2015-3687", "CVE-2015-3721", "CVE-2015-3689", "CVE-2015-1156", "CVE-2013-1741", "CVE-2015-3725", "CVE-2015-3726", "CVE-2015-3690", "CVE-2014-8130", "CVE-2015-3727", "CVE-2015-3703", "CVE-2015-1155", "CVE-2015-1152", "CVE-2015-3728", "CVE-2015-3658", "CVE-2015-3719", "CVE-2014-8128", "CVE-2014-8129", "CVE-2015-3724", "CVE-2015-1153", "CVE-2015-3659", "CVE-2015-3710", "CVE-2015-3685", "CVE-2015-3684"], "modified": "2015-07-05T00:00:00", "id": "SECURITYVULNS:DOC:32265", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32265", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:18:13", "description": "DoS, certificate trust vulnerabilities, multiple memory corruptions, information disclosure, weak cyphers, code execution.", "edition": 2, "cvss3": {}, "published": "2015-07-05T00:00:00", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-3723", "CVE-2015-1157", "CVE-2015-3686", "CVE-2015-3717", "CVE-2015-3722", "CVE-2015-3688", "CVE-2014-8127", "CVE-2015-3694", "CVE-2015-3687", "CVE-2015-3721", "CVE-2015-3689", "CVE-2015-1156", "CVE-2013-1741", "CVE-2015-3725", "CVE-2015-3726", "CVE-2015-3690", "CVE-2014-8130", "CVE-2015-3727", "CVE-2015-3703", "CVE-2015-1155", "CVE-2015-1152", "CVE-2015-3728", "CVE-2015-3658", "CVE-2015-3719", "CVE-2014-8128", "CVE-2014-8129", "CVE-2015-3724", "CVE-2015-1153", "CVE-2015-3659", "CVE-2015-3710", "CVE-2015-3685", "CVE-2015-3684"], "modified": "2015-07-05T00:00:00", "id": "SECURITYVULNS:VULN:14561", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14561", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:47:14", "description": "Nearly 40 different vulnerabilities, including code execution.", "edition": 2, "cvss3": {}, "published": "2015-04-09T00:00:00", "title": "Apple TV multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1072", "CVE-2015-1078", "CVE-2015-1117", "CVE-2015-1102", "CVE-2015-1096", "CVE-2015-1094", "CVE-2015-1114", "CVE-2015-1092", "CVE-2015-1073", "CVE-2015-1122", "CVE-2015-1079", "CVE-2015-1071", "CVE-2015-1074", "CVE-2015-1068", "CVE-2015-1076", "CVE-2015-1124", "CVE-2015-1110", "CVE-2015-1120", "CVE-2015-1070", "CVE-2015-1077", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1118", "CVE-2015-1097", "CVE-2015-1101", "CVE-2015-1083", "CVE-2015-1103", "CVE-2015-1104", "CVE-2015-1121", "CVE-2015-1082", "CVE-2015-1086", "CVE-2015-1081", "CVE-2015-1119", "CVE-2015-1069", "CVE-2015-1123", "CVE-2015-1095", "CVE-2015-1100", "CVE-2015-1080"], "modified": "2015-04-09T00:00:00", "id": "SECURITYVULNS:VULN:14367", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14367", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\nAPPLE-SA-2015-04-08-4 Apple TV 7.2\r\n\r\nApple TV 7.2 is now available and addresses the following:\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A validation issue existed in IOKit objects used by an\r\naudio driver. This issue was addressed through improved validation of\r\nmetadata.\r\nCVE-ID\r\nCVE-2015-1086\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: An application using NSXMLParser may be misused to disclose\r\ninformation\r\nDescription: An XML External Entity issue existed in NSXMLParser's\r\nhandling of XML. This issue was addressed by not loading external\r\nentities across origins.\r\nCVE-ID\r\nCVE-2015-1092 : Ikuya Fukumoto\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in IOAcceleratorFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed by\r\nremoving unneeded code.\r\nCVE-ID\r\nCVE-2015-1094 : Cererdlong of Alibaba Mobile Security Team\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious HID device may be able to cause arbitrary code\r\nexecution\r\nDescription: A memory corruption issue existed in an IOHIDFamily\r\nAPI. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1095 : Andrew Church\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in IOHIDFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1096 : Ilja van Sprundel of IOActive\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in MobileFrameBuffer that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1097 : Barak Gabai of the IBM X-Force Application Security\r\nResearch Team\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious application may be able to cause a system denial\r\nof service\r\nDescription: A race condition existed in the kernel's setreuid\r\nsystem call. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1099 : Mark Mentovai of Google Inc.\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious application may escalate privileges using a\r\ncompromised service intended to run with reduced privileges\r\nDescription: setreuid and setregid system calls failed to drop\r\nprivileges permanently. This issue was addressed by correctly\r\ndropping privileges.\r\nCVE-ID\r\nCVE-2015-1117 : Mark Mentovai of Google Inc.\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious application may be able to cause unexpected\r\nsystem termination or read kernel memory\r\nDescription: A out of bounds memory access issue existed in the\r\nkernel. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1100 : Maxime Villard of m00nbsd\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1101 : lokihardt@ASRT working with HP's Zero Day Initiative\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: An attacker with a privileged network position may be able\r\nto cause a denial of service\r\nDescription: A state inconsistency existed in the processing of TCP\r\nheaders. This issue was addressed through improved state handling.\r\nCVE-ID\r\nCVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: An attacker with a privileged network position may be able\r\nto redirect user traffic to arbitrary hosts\r\nDescription: ICMP redirects were enabled by default on iOS. This\r\nissue was addressed by disabling ICMP redirects.\r\nCVE-ID\r\nCVE-2015-1103 : Zimperium Mobile Security Labs\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A remote attacker may be able to bypass network filters\r\nDescription: The system would treat some IPv6 packets from remote\r\nnetwork interfaces as local packets. The issue was addressed by\r\nrejecting these packets.\r\nCVE-ID\r\nCVE-2015-1104 : Stephen Roettger of the Google Security Team\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: A remote attacker may be able to cause a denial of service\r\nDescription: A state inconsistency issue existed in the handling of\r\nTCP out of band data. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1105 : Kenton Varda of Sandstorm.io\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: Processing a maliciously crafted configuration profile may\r\nlead to unexpected application termination\r\nDescription: A memory corruption issue existed in the handling of\r\nconfiguration profiles. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-1118 : Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of\r\nFireEye, Inc.\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: Unnecessary information may be sent to external servers when\r\ndownloading podcast assets\r\nDescription: When downloading assets for podcast a user was\r\nsubscribed to, unique identifiers were sent to external servers. This\r\nissue was resolved by removing these identifiers.\r\nCVE-ID\r\nCVE-2015-1110 : Alex Selivanov\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: Hardware identifiers may be accessible by third-party apps\r\nDescription: An information disclosure issue existed in the third-\r\nparty app sandbox. This issue was addressed by improving the sandbox\r\nprofile.\r\nCVE-ID\r\nCVE-2015-1114\r\n\r\nApple TV\r\nAvailable for: Apple TV 3rd generation and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1068 : Apple\r\nCVE-2015-1069 : lokihardt@ASRT working with HP's Zero Day Initiative\r\nCVE-2015-1070 : Apple\r\nCVE-2015-1071 : Apple\r\nCVE-2015-1072\r\nCVE-2015-1073 : Apple\r\nCVE-2015-1074 : Apple\r\nCVE-2015-1076\r\nCVE-2015-1077 : Apple\r\nCVE-2015-1078 : Apple\r\nCVE-2015-1079 : Apple\r\nCVE-2015-1080 : Apple\r\nCVE-2015-1081 : Apple\r\nCVE-2015-1082 : Apple\r\nCVE-2015-1083 : Apple\r\nCVE-2015-1119 : Renata Hodovan of University of Szeged / Samsung\r\nElectronics\r\nCVE-2015-1120 : Apple\r\nCVE-2015-1121 : Apple\r\nCVE-2015-1122 : Apple\r\nCVE-2015-1123 : Randy Luecke and Anoop Menon of Google Inc.\r\nCVE-2015-1124 : Apple\r\n\r\nInstallation note:\r\n\r\nApple TV will periodically check for software updates. Alternatively,\r\nyou may manually check for software updates by selecting\r\n"Settings -> General -> Update Software".\r\n\r\nTo check the current version of software, select\r\n"Settings -> General -> About".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT1222\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - https://gpgtools.org\r\n\r\niQIcBAEBCgAGBQJVJHMgAAoJEBcWfLTuOo7tjVUP/3e7Bo8L4f4+EFs7jkhKVzP5\r\n6LxAuhAtXu+476K1iDKOwa0gyLu8ftp95Af0rgUHjqmNGgsrAYZPgG8Q3HzS/RpK\r\n1JyShFHNIF87sqVGYfVpRthO10yRAQxNmJ/6zGTRU/Djwb/FBZyrMcbG0SMZ47KX\r\nCerNerPwiI7dzKWWNHgvmj9ydJU9bSyI5bgweQ565BLKs0Lar8aqj6A/iV1Ekltn\r\nA33LSrgMTgK+pjUl1CwQLZ05x9YPpCGXsA55u3MApfL2ZdoOk0VBpi/e56JrSq1J\r\nBioCyTJn+DwDY+FjGg5vCjeGJGq4zQ/2SsLQwKLiK6Fje68LutNtrqPtNApWabh3\r\nj876IiLpih2ZMV4KgqvCrkkMI2fkXlVOMLKUhI+UHJ4aWJTNprRwLbaJ7boQ9TCy\r\nMJ9B39iPJtyZWtorXBUc0RC2N1HLj5ONZut6FtRkIoiMTaGe6ejbvM39BWC+1sgW\r\nPsAYkvrEKzTcSdC6yY1RI2bufBD9SgtMD8f6y/q912uHf55poPSR9SV1iV5Tzftz\r\nUPvxGTLlmcXzU52nlSZNYEp4U9Nh02ltUYhs6MptoVvHf4MZW9TaIj9YpBNdVMvb\r\nvjB3UoPyAAb4GUqqVK6l5c6wlCyoCRg6Z86a99bW7PKBUP5C0LEzqwbZIMCkrX3i\r\niPMObURhCq+xIYRUTKXE\r\n=ktgN\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-04-09T00:00:00", "title": "APPLE-SA-2015-04-08-4 Apple TV 7.2", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1072", "CVE-2015-1078", "CVE-2015-1117", "CVE-2015-1102", "CVE-2015-1096", "CVE-2015-1094", "CVE-2015-1114", "CVE-2015-1092", "CVE-2015-1073", "CVE-2015-1122", "CVE-2015-1079", "CVE-2015-1071", "CVE-2015-1074", "CVE-2015-1068", "CVE-2015-1076", "CVE-2015-1124", "CVE-2015-1110", "CVE-2015-1120", "CVE-2015-1070", "CVE-2015-1077", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1118", "CVE-2015-1097", "CVE-2015-1101", "CVE-2015-1083", "CVE-2015-1103", "CVE-2015-1104", "CVE-2015-1121", "CVE-2015-1082", "CVE-2015-1086", "CVE-2015-1081", "CVE-2015-1119", "CVE-2015-1069", "CVE-2015-1123", "CVE-2015-1095", "CVE-2015-1100", "CVE-2015-1080"], "modified": "2015-04-09T00:00:00", "id": "SECURITYVULNS:DOC:31891", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31891", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:11:44", "description": "Information spoofing, information disclosure, restriction bypass, race conditions, memory corruptions.", "edition": 2, "cvss3": {}, "published": "2015-10-25T00:00:00", "title": "Apple Safari / Webkit multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-5930", "CVE-2015-7013", "CVE-2015-5825", "CVE-2015-7002", "CVE-2015-5798", "CVE-2015-5796", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-7014", "CVE-2015-5788", "CVE-2015-5805", "CVE-2015-5828", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-5912", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-5802", "CVE-2015-5931", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5929", "CVE-2015-5789", "CVE-2015-5765", "CVE-2015-5780", "CVE-2015-5813", "CVE-2015-5764", "CVE-2015-5821", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-5827", "CVE-2015-5826", "CVE-2015-5820", "CVE-2015-5815", "CVE-2015-3801", "CVE-2015-7012", "CVE-2015-5810", "CVE-2015-5823", "CVE-2015-5928", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-7011", "CVE-2015-5767"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14700", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14700", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:00", "description": "\r\n\r\nAPPLE-SA-2015-08-13-3 iOS 8.4.1\r\n\r\niOS 8.4.1 is now available and addresses the following:\r\n\r\nAppleFileConduit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A maliciously crafted afc command may allow access to\r\nprotected parts of the filesystem\r\nDescription: An issue existed in the symbolic linking mechanism of\r\nafc. This issue was addressed by adding additional path checks.\r\nCVE-ID\r\nCVE-2015-5746 : evad3rs, TaiG Jailbreak Team\r\n\r\nAir Traffic\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: AirTraffic may have allowed access to protected parts of the\r\nfilesystem\r\nDescription: A path traversal issue existed in asset handling. This\r\nwas addressed with improved validation.\r\nCVE-ID\r\nCVE-2015-5766 : TaiG Jailbreak Team\r\n\r\nBackup\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to create symlinks to\r\nprotected regions of the disk\r\nDescription: An issue existed within the path validation logic for\r\nsymlinks. This issue was addressed through improved path\r\nsanitization.\r\nCVE-ID\r\nCVE-2015-5752 : TaiG Jailbreak Team\r\n\r\nbootp\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious Wi-Fi network may be able to determine networks\r\na device has previously accessed\r\nDescription: Upon connecting to a Wi-Fi network, iOS may have\r\nbroadcast MAC addresses of previously accessed networks via the DNAv4\r\nprotocol. This issue was addressed through disabling DNAv4 on\r\nunencrypted Wi-Fi networks.\r\nCVE-ID\r\nCVE-2015-3778 : Piers O'Hanlon of Oxford Internet Institute,\r\nUniversity of Oxford (on the EPSRC Being There project)\r\n\r\nCertificate UI\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may be able\r\nto accept untrusted certificates from the lock screen\r\nDescription: Under certain circumstances, the device may have\r\npresented a certificate trust dialog while in a locked state. This\r\nissue was addressed through improved state management.\r\nCVE-ID\r\nCVE-2015-3756 : Andy Grant of NCC Group\r\n\r\nCloudKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to access the iCloud\r\nuser record of a previously signed in user\r\nDescription: A state inconsistency existed in CloudKit when signing\r\nout users. This issue was addressed through improved state handling.\r\nCVE-ID\r\nCVE-2015-3782 : Deepkanwal Plaha of University of Toronto\r\n\r\nCFPreferences\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious app may be able to read other apps' managed\r\npreferences\r\nDescription: An issue existed in the third-party app sandbox. This\r\nissue was addressed by improving the third-party sandbox profile.\r\nCVE-ID\r\nCVE-2015-3793 : Andreas Weinlein of the Appthority Mobility Threat\r\nTeam\r\n\r\nCode Signing\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute unsigned code\r\nDescription: An issue existed that allowed unsigned code to be\r\nappended to signed code in a specially crafted executable file. This\r\nissue was addressed through improved code signature validation.\r\nCVE-ID\r\nCVE-2015-3806 : TaiG Jailbreak Team\r\n\r\nCode Signing\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A specially crafted executable file could allow unsigned,\r\nmalicious code to execute\r\nDescription: An issue existed in the way multi-architecture\r\nexecutable files were evaluated that could have allowed unsigned code\r\nto be executed. This issue was addressed through improved validation\r\nof executable files.\r\nCVE-ID\r\nCVE-2015-3803 : TaiG Jailbreak Team\r\n\r\nCode Signing\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute unsigned code\r\nDescription: A validation issue existed in the handling of Mach-O\r\nfiles. This was addressed by adding additional checks.\r\nCVE-ID\r\nCVE-2015-3802 : TaiG Jailbreak Team\r\nCVE-2015-3805 : TaiG Jailbreak Team\r\n\r\nCoreMedia Playback\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in CoreMedia\r\nPlayback. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5777 : Apple\r\nCVE-2015-5778 : Apple\r\n\r\nCoreText\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nDiskImages\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted DMG file may lead to an\r\nunexpected application termination or arbitrary code execution with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in parsing of\r\nmalformed DMG images. This issue was addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team\r\n\r\nFontParser\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-3804 : Apple\r\nCVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-5775 : Apple\r\n\r\nImageIO\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted .tiff file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\n.tiff files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5758 : Apple\r\n\r\nImageIO\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may result in the\r\ndisclosure of process memory\r\nDescription: An uninitialized memory access issue existed in\r\nImageIO's handling of PNG images. Visiting a malicious website may\r\nresult in sending data from process memory to the website. This issue\r\nwas addressed through improved memory initialization and additional\r\nvalidation of PNG images.\r\nCVE-ID\r\nCVE-2015-5781 : Michal Zalewski\r\n\r\nImageIO\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may result in the\r\ndisclosure of process memory\r\nDescription: An uninitialized memory access issue existed in\r\nImageIO's handling of TIFF images. Visiting a malicious website may\r\nresult in sending data from process memory to the website. This issue\r\nis addressed through improved memory initialization and additional\r\nvalidation of TIFF images.\r\nCVE-ID\r\nCVE-2015-5782 : Michal Zalewski\r\n\r\nIOKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Parsing a maliciously crafted plist may lead to an\r\nunexpected application termination or arbitrary code execution with\r\nsystem privileges\r\nDescription: A memory corruption existed in processing of malformed\r\nplists. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein\r\n(@jollyjinx) of Jinx Germany\r\n\r\nIOHIDFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A buffer overflow issue existed in IOHIDFamily. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5774 : TaiG Jailbreak Team\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in the mach_port_space_info interface,\r\nwhich could have led to the disclosure of kernel memory layout. This\r\nwas addressed by disabling the mach_port_space_info interface.\r\nCVE-ID\r\nCVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team,\r\n@PanguTeam\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: An integer overflow existed in the handling of IOKit\r\nfunctions. This issue was addressed through improved validation of\r\nIOKit API arguments.\r\nCVE-ID\r\nCVE-2015-3768 : Ilja van Sprundel\r\n\r\nLibc\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted regular expression may lead\r\nto an unexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the TRE library.\r\nThis issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3796 : Ian Beer of Google Project Zero\r\nCVE-2015-3797 : Ian Beer of Google Project Zero\r\nCVE-2015-3798 : Ian Beer of Google Project Zero\r\n\r\nLibinfo\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A remote attacker may be able to cause unexpected\r\napplication termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in handling AF_INET6\r\nsockets. This issue was addressed by improved memory handling.\r\nCVE-ID\r\nCVE-2015-5776 : Apple\r\n\r\nlibpthread\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in handling syscalls.\r\nThis issue was addressed through improved lock state checking.\r\nCVE-ID\r\nCVE-2015-5757 : Lufeng Li of Qihoo 360\r\n\r\nlibxml2\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Parsing a maliciously crafted XML document may lead to\r\ndisclosure of user information\r\nDescription: A memory corruption issue existed in parsing of XML\r\nfiles. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3807 : Michal Zalewski\r\n\r\nlibxml2\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities existed in libxml2 versions prior\r\nto 2.9.2, the most serious of which may allow a remote attacker to\r\ncause a denial of service\r\nDescription: Multiple vulnerabilities existed in libxml2 versions\r\nprior to 2.9.2. These were addressed by updating libxml2 to version\r\n2.9.2.\r\nCVE-ID\r\nCVE-2012-6685 : Felix Groebert of Google\r\nCVE-2014-0191 : Felix Groebert of Google\r\nCVE-2014-3660 : Felix Groebert of Google\r\n\r\nlibxpc\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in handling of\r\nmalformed XPC messages. This issue was improved through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-3795 : Mathew Rowley\r\n\r\nLocation Framework\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to modify protected parts of the\r\nfilesystem\r\nDescription: A symbolic link issue was addressed through improved\r\npath validation.\r\nCVE-ID\r\nCVE-2015-3759 : Cererdlong of Alibaba Mobile Security Team\r\n\r\nMobileInstallation\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious enterprise application may be able to replace\r\nextensions for other apps\r\nDescription: An issue existed in the install logic for universal\r\nprovisioning profile apps, which allowed a collision to occur with\r\nexisting bundle IDs. This issue was addressed through improved bundle\r\nID validation.\r\nCVE-ID\r\nCVE-2015-5770 : FireEye\r\n\r\nMSVDX Driver\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a malicious video may lead to a unexpected system\r\ntermination\r\nDescription: A denial of service issue was addressed through\r\nimproved memory handling.\r\nCVE-ID\r\nCVE-2015-5769 : Proteas of Qihoo 360 Nirvan Team\r\n\r\nOffice Viewer\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Parsing a maliciously crafted XML file may lead to\r\ndisclosure of user information\r\nDescription: An external entity reference issue existed in XML file\r\nparsing. This issue was addressed through improved parsing.\r\nCVE-ID\r\nCVE-2015-3784 : Bruno Morisson of INTEGRITY S.A.\r\n\r\nQL Office\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Parsing a maliciously crafted office document may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in parsing of office\r\ndocuments. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5773 : Apple\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: A malicious website could open another site and prompt\r\nfor user input without a way for the user to tell where the prompt\r\noriginated. The issue was addressed by displaying the prompt's origin\r\nto the user.\r\nCVE-ID\r\nCVE-2015-3729 : Code Audit Labs of VulnHunt.com\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website may trigger an infinite number of alert\r\nmessages\r\nDescription: An issue existed where a malicious or hacked website\r\ncould show infinite alert messages and make users believe their\r\nbrowser was locked. The issue was addressed through throttling of\r\nJavaScript alerts.\r\nCVE-ID\r\nCVE-2015-3763\r\n\r\nSandbox_profiles\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An malicious app may be able to read other apps' managed\r\npreferences\r\nDescription: An issue existed in the third-party app sandbox. This\r\nissue was addressed by improving the third-party sandbox profile.\r\nCVE-ID\r\nCVE-2015-5749 : Andreas Weinlein of the Appthority Mobility Threat\r\nTeam\r\n\r\nUIKit WebView\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to initiate FaceTime\r\ncalls without user authorization\r\nDescription: An issue existed in the parsing of FaceTime URLs within\r\nWebViews. This issue was addressed through improved URL validation.\r\nCVE-ID\r\nCVE-2015-3758 : Brian Simmons of Salesforce, Guillaume Ross\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3730 : Apple\r\nCVE-2015-3731 : Apple\r\nCVE-2015-3732 : Apple\r\nCVE-2015-3733 : Apple\r\nCVE-2015-3734 : Apple\r\nCVE-2015-3735 : Apple\r\nCVE-2015-3736 : Apple\r\nCVE-2015-3737 : Apple\r\nCVE-2015-3738 : Apple\r\nCVE-2015-3739 : Apple\r\nCVE-2015-3740 : Apple\r\nCVE-2015-3741 : Apple\r\nCVE-2015-3742 : Apple\r\nCVE-2015-3743 : Apple\r\nCVE-2015-3744 : Apple\r\nCVE-2015-3745 : Apple\r\nCVE-2015-3746 : Apple\r\nCVE-2015-3747 : Apple\r\nCVE-2015-3748 : Apple\r\nCVE-2015-3749 : Apple\r\n\r\nWeb\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Navigating to a malformed URL may have allowed a\r\nmalicious website to display an arbitrary URL. This issue was\r\naddressed through improved URL handling.\r\nCVE-ID\r\nCVE-2015-3755 : xisigr of Tencent's Xuanwu Lab\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website may exfiltrate image data cross-origin\r\nDescription: Images fetched through URLs that redirected to a\r\ndata:image resource could have been exfiltrated cross-origin. This\r\nissue was addressed through improved canvas taint tracking.\r\nCVE-ID\r\nCVE-2015-3753 : Antonio Sanso and Damien Antipa of Adobe\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website can trigger plaintext requests to an\r\norigin under HTTP Strict Transport Security\r\nDescription: An issue existed where Content Security Policy report\r\nrequests would not honor HTTP Strict Transport Security (HSTS). The\r\nissue was addressed by applying HSTS to CSP.\r\nCVE-ID\r\nCVE-2015-3750 : Muneaki Nishimura (nishimunea)\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website can make a tap event produce a synthetic\r\nclick on another page\r\nDescription: An issue existed in how synthetic clicks are generated\r\nfrom tap events that could cause clicks to target other pages. The\r\nissue was addressed through restricted click propagation.\r\nCVE-ID\r\nCVE-2015-5759 : Phillip Moon and Matt Weston of Sandfield\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Content Security Policy report requests may leak cookies\r\nDescription: Two issues existed in how cookies were added to Content\r\nSecurity Policy report requests. Cookies were sent in cross-origin\r\nreport requests in violation of the standard. Cookies set during\r\nregular browsing were sent in private browsing. These issues were\r\naddressed through improved cookie handling.\r\nCVE-ID\r\nCVE-2015-3752 : Muneaki Nishimura (nishimunea)\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Image loading may violate a website's Content Security\r\nPolicy directive\r\nDescription: An issue existed where websites with video controls\r\nwould load images nested in object elements in violation of the\r\nwebsite's Content Security Policy directive. This issue was addressed\r\nthrough improved Content Security Policy enforcement.\r\nCVE-ID\r\nCVE-2015-3751 : Muneaki Nishimura (nishimunea)\r\n\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "8.4.1".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-08-17T00:00:00", "title": "APPLE-SA-2015-08-13-3 iOS 8.4.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-3758", "CVE-2015-3733", "CVE-2015-3776", "CVE-2015-3736", "CVE-2015-3802", "CVE-2015-3797", "CVE-2014-0191", "CVE-2015-5752", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-3731", "CVE-2015-3778", "CVE-2015-3752", "CVE-2015-3732", "CVE-2015-5776", "CVE-2015-3766", "CVE-2015-3798", "CVE-2015-3738", "CVE-2015-5777", "CVE-2015-5759", "CVE-2015-3740", "CVE-2015-3782", "CVE-2015-3739", "CVE-2015-3784", "CVE-2015-3743", "CVE-2015-3768", "CVE-2015-3747", "CVE-2015-5781", "CVE-2015-5749", "CVE-2015-3805", "CVE-2015-5774", "CVE-2015-3730", "CVE-2015-3803", "CVE-2015-3750", "CVE-2015-3795", "CVE-2015-3755", "CVE-2015-5766", "CVE-2015-5746", "CVE-2015-5761", "CVE-2015-3753", "CVE-2015-5773", "CVE-2015-3800", "CVE-2015-3807", "CVE-2015-5756", "CVE-2014-3660", "CVE-2015-3749", "CVE-2015-3742", "CVE-2012-6685", "CVE-2015-3748", "CVE-2015-5775", "CVE-2015-3759", "CVE-2015-3746", "CVE-2015-5770", "CVE-2015-3793", "CVE-2015-5755", "CVE-2015-3756", "CVE-2015-5758", "CVE-2015-3763", "CVE-2015-3804", "CVE-2015-3741", "CVE-2015-3751", "CVE-2015-5782", "CVE-2015-5778", "CVE-2015-3745", "CVE-2015-3735", "CVE-2015-5757", "CVE-2015-3796", "CVE-2015-3806", "CVE-2015-3737", "CVE-2015-5769", "CVE-2015-3729"], "modified": "2015-08-17T00:00:00", "id": "SECURITYVULNS:DOC:32392", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32392", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:47:15", "description": "Over 70 of different vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2015-08-17T00:00:00", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-3758", "CVE-2015-3733", "CVE-2015-3776", "CVE-2015-3736", "CVE-2015-3802", "CVE-2015-3797", "CVE-2014-0191", "CVE-2015-5752", "CVE-2015-3744", "CVE-2015-3734", "CVE-2015-3731", "CVE-2015-3778", "CVE-2015-3752", "CVE-2015-3732", "CVE-2015-5776", "CVE-2015-3766", "CVE-2015-3798", "CVE-2015-3738", "CVE-2015-5777", "CVE-2015-5759", "CVE-2015-3740", "CVE-2015-3782", "CVE-2015-3739", "CVE-2015-3784", "CVE-2015-3743", "CVE-2015-3768", "CVE-2015-3747", "CVE-2015-5781", "CVE-2015-5749", "CVE-2015-3805", "CVE-2015-5774", "CVE-2015-3730", "CVE-2015-3803", "CVE-2015-3750", "CVE-2015-3795", "CVE-2015-3755", "CVE-2015-5766", "CVE-2015-5746", "CVE-2015-5761", "CVE-2015-3753", "CVE-2015-5773", "CVE-2015-3800", "CVE-2015-3807", "CVE-2015-5756", "CVE-2014-3660", "CVE-2015-3749", "CVE-2015-3742", "CVE-2012-6685", "CVE-2015-3748", "CVE-2015-5775", "CVE-2015-3759", "CVE-2015-3746", "CVE-2015-5770", "CVE-2015-3793", "CVE-2015-5755", "CVE-2015-3756", "CVE-2015-5758", "CVE-2015-3763", "CVE-2015-3804", "CVE-2015-3741", "CVE-2015-3751", "CVE-2015-5782", "CVE-2015-5778", "CVE-2015-3745", "CVE-2015-3735", "CVE-2015-5757", "CVE-2015-3796", "CVE-2015-3806", "CVE-2015-3737", "CVE-2015-5769", "CVE-2015-3729"], "modified": "2015-08-17T00:00:00", "id": "SECURITYVULNS:VULN:14631", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14631", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:01", "description": "\r\n\r\nAPPLE-SA-2015-09-30-2 Safari 9\r\n\r\nSafari 9 is now available and addresses the following:\r\n\r\nSafari\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Multiple user interface inconsistencies may have\r\nallowed a malicious website to display an arbitrary URL. These issues\r\nwere addressed through improved URL display logic.\r\nCVE-ID\r\nCVE-2015-5764 : Antonio Sanso (@asanso) of Adobe\r\nCVE-2015-5765 : Ron Masas\r\nCVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa\r\n\r\nSafari Downloads\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: LaunchServices' quarantine history may reveal browsing\r\nhistory\r\nDescription: Access to LaunchServices' quarantine history may have\r\nrevealed browsing history based on file downloads. This issue was\r\naddressed through improved deletion of quarantine history.\r\n\r\nSafari Extensions\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Local communication between Safari extensions and companion\r\napps may be compromised\r\nDescription: The local communication between Safari extensions such\r\nas password managers and their native companion apps could be\r\ncomprised by another native app. This issue was addressed through a\r\nnew, authenticated communications channel between Safari extensions\r\nand companion apps.\r\n\r\nSafari Extensions\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Safari extensions may be replaced on disk\r\nDescription: A validated, user-installed Safari extension could be\r\nreplaced on disk without prompting the user. This issue was addressed\r\nby improved validation of extensions.\r\nCVE-ID\r\nCVE-2015-5780 : Ben Toms of macmule.com\r\n\r\nSafari Safe Browsing\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Navigating to the IP address of a known malicious website\r\nmay not trigger a security warning\r\nDescription: Safari's Safe Browsing feature did not warn users when\r\nvisiting known malicious websites by their IP addresses. The issue\r\nwas addressed through improved malicious site detection.\r\nRahul M (@rahulmfg) of TagsDock\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Partially loaded images may exfiltrate data across origins\r\nDescription: A race condition existed in validation of image\r\norigins. This issue was addressed by improved validation of resource\r\norigins.\r\nCVE-ID\r\nCVE-2015-5788 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5789 : Apple\r\nCVE-2015-5790 : Apple\r\nCVE-2015-5791 : Apple\r\nCVE-2015-5792 : Apple\r\nCVE-2015-5793 : Apple\r\nCVE-2015-5794 : Apple\r\nCVE-2015-5795 : Apple\r\nCVE-2015-5796 : Apple\r\nCVE-2015-5797 : Apple\r\nCVE-2015-5798 : Apple\r\nCVE-2015-5799 : Apple\r\nCVE-2015-5800 : Apple\r\nCVE-2015-5801 : Apple\r\nCVE-2015-5802 : Apple\r\nCVE-2015-5803 : Apple\r\nCVE-2015-5804 : Apple\r\nCVE-2015-5805\r\nCVE-2015-5806 : Apple\r\nCVE-2015-5807 : Apple\r\nCVE-2015-5808 : Joe Vennix\r\nCVE-2015-5809 : Apple\r\nCVE-2015-5810 : Apple\r\nCVE-2015-5811 : Apple\r\nCVE-2015-5812 : Apple\r\nCVE-2015-5813 : Apple\r\nCVE-2015-5814 : Apple\r\nCVE-2015-5815 : Apple\r\nCVE-2015-5816 : Apple\r\nCVE-2015-5817 : Apple\r\nCVE-2015-5818 : Apple\r\nCVE-2015-5819 : Apple\r\nCVE-2015-5821 : Apple\r\nCVE-2015-5822 : Mark S. Miller of Google\r\nCVE-2015-5823 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: An attacker may be able to create unintended cookies for a\r\nwebsite\r\nDescription: WebKit would accept multiple cookies to be set in the\r\ndocument.cookie API. This issue was addressed through improved\r\nparsing.\r\nCVE-ID\r\nCVE-2015-3801 : Erling Ellingsen of Facebook\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: The Performance API may allow a malicious website to leak\r\nbrowsing history, network activity, and mouse movements\r\nDescription: WebKit's Performance API could have allowed a malicious\r\nwebsite to leak browsing history, network activity, and mouse\r\nmovements by measuring time. This issue was addressed by limiting\r\ntime resolution.\r\nCVE-ID\r\nCVE-2015-5825 : Yossi Oren et al. of Columbia University's Network\r\nSecurity Lab\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Visiting a malicious website may lead to unintended dialing\r\nDescription: An issue existed in handling of tel://, facetime://,\r\nand facetime-audio:// URLs. This issue was addressed through improved\r\nURL handling.\r\nCVE-ID\r\nCVE-2015-5820 : Guillaume Ross, Andrei Neculaesei\r\n\r\nWebKit CSS\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: A malicious website may exfiltrate data cross-origin\r\nDescription: Safari allowed cross-origin stylesheets to be loaded\r\nwith non-CSS MIME types which could be used for cross-origin data\r\nexfiltration. This issue was addressed by limiting MIME types for\r\ncross-origin stylesheets.\r\nCVE-ID\r\nCVE-2015-5826 : filedescriptior, Chris Evans\r\n\r\nWebKit JavaScript Bindings\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Object references may be leaked between isolated origins on\r\ncustom events, message events and pop state events\r\nDescription: An object leak issue broke the isolation boundary\r\nbetween origins. This issue was addressed through improved isolation\r\nbetween origins.\r\nCVE-ID\r\nCVE-2015-5827 : Gildas\r\n\r\nWebKit Page Loading\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: WebSockets may bypass mixed content policy enforcement\r\nDescription: An insufficient policy enforcement issue allowed\r\nWebSockets to load mixed content. This issue was addressed by\r\nextending mixed content policy enforcement to WebSockets.\r\nKevin G Jones of Higher Logic\r\n\r\nWebKit Plug-ins\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.5 and OS X El Capitan v10.11\r\nImpact: Safari plugins may send an HTTP request without knowing the\r\nrequest was redirected\r\nDescription: The Safari plugins API did not communicate to plugins\r\nthat a server-side redirect had happened. This could lead to\r\nunauthorized requests. This issue was addressed through improved API\r\nsupport.\r\nCVE-ID\r\nCVE-2015-5828 : Lorenzo Fontana\r\n\r\nSafari 9 may be obtained from the Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-10-05T00:00:00", "title": "APPLE-SA-2015-09-30-2 Safari 9", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-5825", "CVE-2015-5798", "CVE-2015-5796", "CVE-2015-5808", "CVE-2015-5812", "CVE-2015-5788", "CVE-2015-5805", "CVE-2015-5828", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-5807", "CVE-2015-5801", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5789", "CVE-2015-5765", "CVE-2015-5780", "CVE-2015-5813", "CVE-2015-5764", "CVE-2015-5821", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-5827", "CVE-2015-5826", "CVE-2015-5820", "CVE-2015-5815", "CVE-2015-3801", "CVE-2015-5810", "CVE-2015-5823", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-5767"], "modified": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32519", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32519", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:47:16", "description": "Restrictions bypass, privilege escalation, headers spoofing, XXE, memory corruptions, information disclosure, DoS, traffic hijacking.", "edition": 2, "cvss3": {}, "published": "2015-04-17T00:00:00", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1106", "CVE-2015-1072", "CVE-2015-1078", "CVE-2015-1117", "CVE-2015-1102", "CVE-2015-1096", "CVE-2015-1111", "CVE-2015-1085", "CVE-2015-1094", "CVE-2015-1108", "CVE-2015-1112", "CVE-2015-1114", "CVE-2015-1092", "CVE-2015-1073", "CVE-2015-1122", "CVE-2015-1126", "CVE-2015-1091", "CVE-2015-1079", "CVE-2015-1071", "CVE-2015-1087", "CVE-2015-1113", "CVE-2015-1074", "CVE-2015-1068", "CVE-2015-1076", "CVE-2015-1124", "CVE-2015-1093", "CVE-2015-1125", "CVE-2015-1090", "CVE-2015-1110", "CVE-2015-1120", "CVE-2015-1070", "CVE-2015-1116", "CVE-2015-1077", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1107", "CVE-2015-1118", "CVE-2015-1097", "CVE-2015-1101", "CVE-2015-1084", "CVE-2015-1083", "CVE-2015-1103", "CVE-2015-1104", "CVE-2015-1089", "CVE-2015-1121", "CVE-2015-1082", "CVE-2015-1086", "CVE-2015-1081", "CVE-2015-1119", "CVE-2015-1109", "CVE-2015-1088", "CVE-2015-1069", "CVE-2015-1123", "CVE-2015-1115", "CVE-2015-1095", "CVE-2015-1098", "CVE-2015-1100", "CVE-2015-1080"], "modified": "2015-04-17T00:00:00", "id": "SECURITYVULNS:VULN:14402", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14402", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2015-04-08-3 iOS 8.3\r\n\r\niOS 8.3 is now available and addresses the following:\r\n\r\nAppleKeyStore\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to guess the user's\r\npasscode\r\nDescription: iOS allowed access to an interface which allowed\r\nattempts to confirm the user's passcode. This issue was addressed\r\nwith improved entitlement checking.\r\nCVE-ID\r\nCVE-2015-1085\r\n\r\nAudio Drivers\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A validation issue existed in IOKit objects used by an\r\naudio driver. This issue was addressed through improved validation of\r\nmetadata.\r\nCVE-ID\r\nCVE-2015-1086\r\n\r\nBackup\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to use the backup system to access\r\nrestricted areas of the file system\r\nDescription: An issue existed in the relative path evaluation logic\r\nof the backup system. This issues was addressed through improved path\r\nevaluation.\r\nCVE-ID\r\nCVE-2015-1087 : TaiG Jailbreak Team\r\n\r\nCertificate Trust Policy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT204132\r\n\r\nCFNetwork\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Cookies belonging to one origin may be sent to another\r\norigin\r\nDescription: A cross-domain cookie issue existed in redirect\r\nhandling. Cookies set in a redirect response could be passed on to a\r\nredirect target belonging to another origin. The issue was address\r\nthrough improved handling of redirects.\r\nCVE-ID\r\nCVE-2015-1089 : Niklas Keller\r\n\r\nCFNetwork\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A user may be unable to fully delete browsing history\r\nDescription: Clearing Safari's history did not clear saved HTTP\r\nStrict Transport Security state. The issue was addressed through\r\nimproved data deletion.\r\nCVE-ID\r\nCVE-2015-1090\r\n\r\nCFNetwork Session\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Authentication credentials may be sent to a server on\r\nanother origin\r\nDescription: A cross-domain HTTP request headers issue existed in\r\nredirect handling. HTTP request headers sent in a redirect response\r\ncould be passed on to another origin. The issue was addressed through\r\nimproved handling of redirects.\r\nCVE-ID\r\nCVE-2015-1091 : Diego Torres (http://dtorres.me)\r\n\r\nCFURL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: An input validation issue existed within URL\r\nprocessing. This issue was addressed through improved URL validation.\r\nCVE-ID\r\nCVE-2015-1088\r\n\r\nFoundation\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An application using NSXMLParser may be misused to disclose\r\ninformation\r\nDescription: An XML External Entity issue existed in NSXMLParser's\r\nhandling of XML. This issue was addressed by not loading external\r\nentities across origins.\r\nCVE-ID\r\nCVE-2015-1092 : Ikuya Fukumoto\r\n\r\nFontParser\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of font files. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1093 : Marc Schoenefeld\r\n\r\nIOAcceleratorFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in IOAcceleratorFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed by\r\nremoving unneeded code.\r\nCVE-ID\r\nCVE-2015-1094 : Cererdlong of Alibaba Mobile Security Team\r\n\r\nIOHIDFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious HID device may be able to cause arbitrary code\r\nexecution\r\nDescription: A memory corruption issue existed in an IOHIDFamily\r\nAPI. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1095 : Andrew Church\r\n\r\nIOHIDFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in IOHIDFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1096 : Ilja van Sprundel of IOActive\r\n\r\nIOMobileFramebuffer\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in MobileFrameBuffer that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1097 : Barak Gabai of the IBM X-Force Application Security\r\nResearch Team\r\n\r\niWork Viewer\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Opening a maliciously crafted iWork file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\niWork files. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-1098 : Christopher Hickstein\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to cause a system denial\r\nof service\r\nDescription: A race condition existed in the kernel's setreuid\r\nsystem call. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1099 : Mark Mentovai of Google Inc.\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may escalate privileges using a\r\ncompromised service intended to run with reduced privileges\r\nDescription: setreuid and setregid system calls failed to drop\r\nprivileges permanently. This issue was addressed by correctly\r\ndropping privileges.\r\nCVE-ID\r\nCVE-2015-1117 : Mark Mentovai of Google Inc.\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to cause unexpected\r\nsystem termination or read kernel memory\r\nDescription: A out of bounds memory access issue existed in the\r\nkernel. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1100 : Maxime Villard of m00nbsd\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1101 : lokihardt@ASRT working with HP's Zero Day Initiative\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may be able\r\nto cause a denial of service\r\nDescription: A state inconsistency existed in the processing of TCP\r\nheaders. This issue was addressed through improved state handling.\r\nCVE-ID\r\nCVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may be able\r\nto redirect user traffic to arbitrary hosts\r\nDescription: ICMP redirects were enabled by default on iOS. This\r\nissue was addressed by disabling ICMP redirects.\r\nCVE-ID\r\nCVE-2015-1103 : Zimperium Mobile Security Labs\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A remote attacker may be able to bypass network filters\r\nDescription: The system would treat some IPv6 packets from remote\r\nnetwork interfaces as local packets. The issue was addressed by\r\nrejecting these packets.\r\nCVE-ID\r\nCVE-2015-1104 : Stephen Roettger of the Google Security Team\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A remote attacker may be able to cause a denial of service\r\nDescription: A state inconsistency issue existed in the handling of\r\nTCP out of band data. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1105 : Kenton Varda of Sandstorm.io\r\n\r\nKeyboards\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: QuickType could learn users' passcodes\r\nDescription: When using Bluetooth keyboards, QuickType could learn\r\nusers' passcodes. This issue was addressed by preventing QuickType\r\nfrom being displayed on the lockscreen.\r\nCVE-ID\r\nCVE-2015-1106 : Jarrod Dwenger, Steve Favorito, Paul Reedy of\r\nConocoPhillips, Pedro Tavares of Molecular Biophysics at\r\nUCIBIO/FCT/UNL, De Paul Sunny, Christian Still of Evolve Media,\r\nCanada\r\n\r\nlibnetcore\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted configuration profile may\r\nlead to unexpected application termination\r\nDescription: A memory corruption issue existed in the handling of\r\nconfiguration profiles. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-1118 : Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of\r\nFireEye, Inc.\r\n\r\nLock Screen\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in possession of a device may prevent erasing\r\nthe device after failed passcode attempts\r\nDescription: In some circumstances, a device might not erase itself\r\nafter failed passcode attempts. This issue was addressed through\r\nadditional enforcement of erasure.\r\nCVE-ID\r\nCVE-2015-1107 : Brent Erickson, Stuart Ryan of University of\r\nTechnology, Sydney\r\n\r\nLock Screen\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in possession of a device may exceed the maximum\r\nnumber of failed passcode attempts\r\nDescription: In some circumstances, the failed passcode attempt\r\nlimit was not enforced. This issue was addressed through additional\r\nenforcement of this limit.\r\nCVE-ID\r\nCVE-2015-1108\r\n\r\nNetworkExtension\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in possession of a device may be able to recover\r\nVPN credentials\r\nDescription: An issue existed in the handling of VPN configuration\r\nlogs. This issue was addressed by removing logging of credentials.\r\nCVE-ID\r\nCVE-2015-1109 : Josh Tway of IPVanish\r\n\r\nPodcasts\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Unnecessary information may be sent to external servers when\r\ndownloading podcast assets\r\nDescription: When downloading assets for podcast a user was\r\nsubscribed to, unique identifiers were sent to external servers. This\r\nissue was resolved by removing these identifiers.\r\nCVE-ID\r\nCVE-2015-1110 : Alex Selivanov\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A user may be unable to fully delete browsing history\r\nDescription: Clearing Safari's history did not clear "Recently\r\nclosed tabs". The issue was addressed through improved data deletion.\r\nCVE-ID\r\nCVE-2015-1111 : Frode Moe of LastFriday.no\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Users' browsing history may not be completely purged\r\nDescription: A state management issue existed in Safari that\r\nresulted in users' browsing history not being purged from\r\nhistory.plist. This issue was addressed by improved state management.\r\nCVE-ID\r\nCVE-2015-1112 : William Breuer, The Netherlands\r\n\r\nSandbox Profiles\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to access phone numbers\r\nor email addresses of recent contacts\r\nDescription: An information disclosure issue existed in the third-\r\nparty app sandbox. This issue was addressed by improving the sandbox\r\nprofile.\r\nCVE-ID\r\nCVE-2015-1113 : Andreas Kurtz of NESO Security Labs, Markus TroBbach\r\nof Heilbronn University\r\n\r\nSandbox Profiles\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Hardware identifiers may be accessible by third-party apps\r\nDescription: An information disclosure issue existed in the third-\r\nparty app sandbox. This issue was addressed by improving the sandbox\r\nprofile.\r\nCVE-ID\r\nCVE-2015-1114\r\n\r\nTelephony\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to access restricted\r\ntelephony functions\r\nDescription: An access control issue existed in the telephony\r\nsubsystem. Sandboxed apps could access restricted telephony\r\nfunctions. This issue was addressed with improved entitlement\r\nchecking.\r\nCVE-ID\r\nCVE-2015-1115 : Andreas Kurtz of NESO Security Labs, Markus TroBbach\r\nof Heilbronn University\r\n\r\nUIKit View\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Sensitive data may be exposed in application snapshots\r\npresented in the Task Switcher\r\nDescription: An issue existed in UIKit, which did not blur\r\napplication snapshots containing sensitive data in the Task Switcher.\r\nThis issue was addressed by correctly blurring the snapshot.\r\nCVE-ID\r\nCVE-2015-1116 : The mobile app team at HP Security Voltage, Aaron\r\nRogers of Mint.com, David Edwards of Tech4Tomorrow, David Zhang of\r\nDropbox\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Inconsistent user interface may prevent users from\r\ndiscerning a phishing attack\r\nDescription: A user interface inconsistency existed in Safari that\r\nallowed an attacker to misrepresent the URL. This issue was addressed\r\nthrough improved user interface consistency checks.\r\nCVE-ID\r\nCVE-2015-1084 : Apple\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1068 : Apple\r\nCVE-2015-1069 : lokihardt@ASRT working with HP's Zero Day Initiative\r\nCVE-2015-1070 : Apple\r\nCVE-2015-1071 : Apple\r\nCVE-2015-1072\r\nCVE-2015-1073 : Apple\r\nCVE-2015-1074 : Apple\r\nCVE-2015-1076\r\nCVE-2015-1077 : Apple\r\nCVE-2015-1078 : Apple\r\nCVE-2015-1079 : Apple\r\nCVE-2015-1080 : Apple\r\nCVE-2015-1081 : Apple\r\nCVE-2015-1082 : Apple\r\nCVE-2015-1083 : Apple\r\nCVE-2015-1119 : Renata Hodovan of University of Szeged / Samsung\r\nElectronics\r\nCVE-2015-1120 : Apple\r\nCVE-2015-1121 : Apple\r\nCVE-2015-1122 : Apple\r\nCVE-2015-1123 : Randy Luecke and Anoop Menon of Google Inc.\r\nCVE-2015-1124 : Apple\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to a user\r\ninvoking a click on another website\r\nDescription: An issue existed when handling touch events. A tap\r\ncould propagate to another website. The issue was addressed through\r\nimproved event handling.\r\nCVE-ID\r\nCVE-2015-1125 : Phillip Moon and Matt Weston of www.sandfield.co.nz\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to resources\r\nof another origin being accessed\r\nDescription: An issue existed in WebKit when handling credentials in\r\nFTP URLs. This issue was address through improved decoding.\r\nCVE-ID\r\nCVE-2015-1126 : Jouko Pynnonen of Klikki Oy\r\n\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "8.3".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJVJKl9AAoJEBcWfLTuOo7tJSQQAISlSqHZbMZOKrc6qCQ3E+Yn\r\nROyg7duvjIiaOHEiromwOpXjINbRTlhV5I6cseJrZOa7oLhgtIFes7wCo2rj/IjK\r\npTv3GMc84r7gPY38JE6//rU6Ni9YCuSKt69iOpF2RmKCLrrhjyP/igY/IKro3ujS\r\nYyDgEEtmBtekU/QbUcZb8qfQ+/E0O6ZwZqvmzlmbcmeqM0/xy/lb8MmPcPwSTCTc\r\noQUj3xF+2OBIyudzQX6PmTFIDQjKYUg2dXEapYhzUhVkaZkdhRsJDaNJR7rlOYhK\r\nZea99fN+wnRr6F6IklXRTUdf4Lwegjs+kBA0HqrsxTX/LORQu98LWWXJ5vcl7OvE\r\nmoZRu46Jw7+AEwC2V3t7Bl6HbeHf3/jtQTV8q7ALdRhOcwgJdQUubRyMl1ZIG0NE\r\nN3M6lxSxlkn5CuPggQcONc1SwkCfplIntxJ8ECDTW/mVc/GrmSN5BH19Lzd3gWFR\r\nvRD5soYzZrTfWaULp+VzepiWz0FpJsJPn/sDQxvZfOzSzIsFKCX3OO671lXC7fV+\r\nQgl5vPXleUGxgScn0jQEDPrXAj6U85xqfXc+aZn8jKpfMthfukKXM8Tazlz2Ywyj\r\ng2EaerJBFCavTPpQpuq0MOL6RYo2PhlC6tkwT25NaG01v/wEfzs75Dgc2Z15QtaH\r\nceXrdFVQDQ9LSl38/qPo\r\n=ifj1\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-04-17T00:00:00", "title": "APPLE-SA-2015-04-08-3 iOS 8.3", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1106", "CVE-2015-1072", "CVE-2015-1078", "CVE-2015-1117", "CVE-2015-1102", "CVE-2015-1096", "CVE-2015-1111", "CVE-2015-1085", "CVE-2015-1094", "CVE-2015-1108", "CVE-2015-1112", "CVE-2015-1114", "CVE-2015-1092", "CVE-2015-1073", "CVE-2015-1122", "CVE-2015-1126", "CVE-2015-1091", "CVE-2015-1079", "CVE-2015-1071", "CVE-2015-1087", "CVE-2015-1113", "CVE-2015-1074", "CVE-2015-1068", "CVE-2015-1076", "CVE-2015-1124", "CVE-2015-1093", "CVE-2015-1125", "CVE-2015-1090", "CVE-2015-1110", "CVE-2015-1120", "CVE-2015-1070", "CVE-2015-1116", "CVE-2015-1077", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1107", "CVE-2015-1118", "CVE-2015-1097", "CVE-2015-1101", "CVE-2015-1084", "CVE-2015-1083", "CVE-2015-1103", "CVE-2015-1104", "CVE-2015-1089", "CVE-2015-1121", "CVE-2015-1082", "CVE-2015-1086", "CVE-2015-1081", "CVE-2015-1119", "CVE-2015-1109", "CVE-2015-1088", "CVE-2015-1069", "CVE-2015-1123", "CVE-2015-1115", "CVE-2015-1095", "CVE-2015-1098", "CVE-2015-1100", "CVE-2015-1080"], "modified": "2015-04-17T00:00:00", "id": "SECURITYVULNS:DOC:31930", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31930", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:02", "description": "\r\n\r\nAPPLE-SA-2015-10-21-3 Safari 9.0.1\r\n\r\nSafari 9.0.1 is now available and addresses the following:\r\n\r\nWebKit\r\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\r\nand OS X El Capitan v10.11\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5928 : Apple\r\nCVE-2015-5929 : Apple\r\nCVE-2015-5930 : Apple\r\nCVE-2015-5931\r\nCVE-2015-7002 : Apple\r\nCVE-2015-7011 : Apple\r\nCVE-2015-7012 : Apple\r\nCVE-2015-7013 : Apple\r\nCVE-2015-7014\r\n\r\nInstallation note:\r\n\r\nSafari 9.0.1 may be obtained from the Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-10-25T00:00:00", "title": "APPLE-SA-2015-10-21-3 Safari 9.0.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-5930", "CVE-2015-7013", "CVE-2015-7002", "CVE-2015-7014", "CVE-2015-5931", "CVE-2015-5929", "CVE-2015-7012", "CVE-2015-5928", "CVE-2015-7011"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:DOC:32565", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32565", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:52", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2939-1 security@debian.org\r\nhttp://www.debian.org/security/ Michael Gilbert\r\nMay 31, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : chromium-browser\r\nCVE ID : CVE-2014-1743 CVE-2014-1744 CVE-2014-1745 CVE-2014-1746 \r\n CVE-2014-1747 CVE-2014-1748 CVE-2014-1749 CVE-2014-3152\r\n\r\nSeveral vulnerabilities were discovered in the chromium web browser.\r\n\r\nCVE-2014-1743\r\n\r\n cloudfuzzer discovered a use-after-free issue in the Blink/Webkit\r\n document object model implementation.\r\n\r\nCVE-2014-1744\r\n\r\n Aaron Staple discovered an integer overflow issue in audio input\r\n handling.\r\n\r\nCVE-2014-1745\r\n\r\n Atte Kettunen discovered a use-after-free issue in the Blink/Webkit\r\n scalable vector graphics implementation. \r\n\r\nCVE-2014-1746\r\n\r\n Holger Fuhrmannek discovered an out-of-bounds read issue in the URL\r\n protocol implementation for handling media.\r\n\r\nCVE-2014-1747\r\n\r\n packagesu discovered a cross-site scripting issue involving\r\n malformed MHTML files.\r\n\r\nCVE-2014-1748\r\n\r\n Jordan Milne discovered a user interface spoofing issue.\r\n\r\nCVE-2014-1749\r\n\r\n The Google Chrome development team discovered and fixed multiple\r\n issues with potential security impact.\r\n\r\nCVE-2014-3152\r\n\r\n An integer underflow issue was discovered in the v8 javascript\r\n library.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 35.0.1916.114-1~deb7u2.\r\n\r\nFor the testing distribution (jessie), these problems will be fixed soon.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 35.0.1916.114-1.\r\n\r\nWe recommend that you upgrade your chromium-browser packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQQcBAEBCgAGBQJTiYO1AAoJELjWss0C1vRz2cMf/ixDiv7EKNOdYllZu0pGCtPu\r\nwQ2G+zBv3EIV4vsmXzhp4sQS2hK2U4FLtCJz8lR3tSjOYkVca4sEAdKIp7kpsVMM\r\nOONydls7xoiJGgUT5DU38SFHXtJ9svhx54ENY+1MY7+DZerfRqTWt7Hl87G2Tw0M\r\nVctpPkY6z93qlREF2RQTnuMYiBzpK5cuwqRbvbgZHODYDoDb1PnIsV+g9kIha4I+\r\nXE4zC2GAsQnf3StxEZXY+SQ/Xoqr+LDaMo1xq2mJ/8X+SERlMPEWOZXtFn4OMO51\r\nC7WO3jwSvZcHqpj/85milzUafkYb/C8URpXb6QdOape5Sga7zTVHHxP06VAcG5Rs\r\n9ZndOqPb6D8dchCBOGdM7cNZ/8vWyn01kT6XgWwySq1EsF1hA6oX9FWtteijpOpX\r\n9SxtDhQTcb/oUKjWYoc7czudBl85y9ZBUVEmh7AoOrsiMbM/TT3p71+z0zAPILV9\r\nksbn5eLgzMY4dXr2CO4FjnCztx6Nq1QSP2sWa7x/bnHHc3KFI7UirlGRpa6Ke417\r\nq0Mj2BnlQCli684dffV66jYUrr/6OamzJr8LzR1iM4/UWRkN5rmm6diSqm0CXPTn\r\nMfo/7Qe8g2gr6jKibb9ZOBy/pmwvLgnslvWpkk8LbvgrNVrizbl6zoWc7B/Gh/Z2\r\nxBXkVEwptEltAeShDBvroAnLFbBlEV6TqncF1+evJKA4c8vcbBkjQMHVJ720V4jE\r\nc9YbQGQnegOLwODHQujYYoQpu4xhBZir/Kzl3dcBLDTLTrb/+MqyGaHyNMl9XU83\r\ndYJGh05pTnvwwsOZzJz7G78ZTWkw5ocpuj6a/lQGTK6nW5XD+UScgV5c1qCxLOw7\r\nfqmYripUx7uFPf7Fz85XZNGVO+GU7rKV7M4np2MzvsGOavo3VJKBnx//vJd3CDsu\r\nR88G0rGFPzKCKjYMMkHjC+A5tls2SHH+nzUm7ZV8gknMGJX7YgvDIg4Tg8qsKLQj\r\nuktm9VDUa3whrT3AdCSjw/Fjr70S/J96ZF59s4qfZmqqNEQ0xs3gYX9is9ufNI+8\r\nfPUHv0bogLmngZjulfulmrsX/Ai5bpnSph2gG6uIks5d82iQrco9cS87/rd1hovK\r\nZNV7jJlQE6t1bB2A8JH/UZn3l+yy/guanKdGwiJOZT4UMqY/hurfZDfFKHIBejZl\r\n03D3Gxd7oGi31nO7EvXGRjLm0xw0dNN+CBzRsxrRu2WPbbWh2OWwr9UrcEF3jdqR\r\n7dBA/UVCEKloOEZuu2H3vrko1mhewy4C7aAvQS2ZWBzUp8weQ9NZl9bR8KimcsSH\r\nxM6qzuZhfH1xY+sYfROnuoyuQK4edf5rssE4jowL3CzHAiFLw8fL9//xlbZRqTw=\r\n=Tlbj\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-06-09T00:00:00", "title": "[SECURITY] [DSA 2939-1] chromium-browser security update", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-1747", "CVE-2014-3152", "CVE-2014-1744", "CVE-2014-1743", "CVE-2014-1746", "CVE-2014-1749", "CVE-2014-1745", "CVE-2014-1748"], "modified": "2014-06-09T00:00:00", "id": "SECURITYVULNS:DOC:30793", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30793", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:02", "description": "\r\n\r\nAPPLE-SA-2015-10-21-5 iTunes 12.3.1\r\n\r\niTunes 12.3.1 is now available and addresses the following:\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may result in unexpected application termination or\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5928 : Apple\r\nCVE-2015-5929 : Apple\r\nCVE-2015-5930 : Apple\r\nCVE-2015-5931\r\nCVE-2015-7002 : Apple\r\nCVE-2015-7011 : Apple\r\nCVE-2015-7012 : Apple\r\nCVE-2015-7013 : Apple\r\nCVE-2015-7014\r\n\r\niTunes\r\nAvailable for: Windows 7 and later\r\nImpact: Applications that use CoreText may be vulnerable to\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of text files. These issues were addressed through\r\nimproved memory handling.\r\nCVE-ID\r\nCVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nInstallation note:\r\n\r\niTunes 12.3.1 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nYou may also update to the latest version of iTunes via Apple\r\nSoftware Update, which can be found in the Start menu.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-10-25T00:00:00", "title": "APPLE-SA-2015-10-21-5 iTunes 12.3.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-5930", "CVE-2015-7013", "CVE-2015-6975", "CVE-2015-7002", "CVE-2015-7014", "CVE-2015-6992", "CVE-2015-5931", "CVE-2015-5929", "CVE-2015-7012", "CVE-2015-5928", "CVE-2015-7017", "CVE-2015-7011"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:DOC:32567", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32567", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:11:44", "description": "Multiple memory corruptions.", "edition": 2, "cvss3": {}, "published": "2014-12-21T00:00:00", "title": "Apple Safari / Webkit multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-4469", "CVE-2014-4474", "CVE-2014-4475", "CVE-2014-4466", "CVE-2014-4470", "CVE-2014-4452", "CVE-2014-4472", "CVE-2014-4468", "CVE-2014-4473", "CVE-2014-4471", "CVE-2014-4465", "CVE-2014-1748", "CVE-2014-4459"], "modified": "2014-12-21T00:00:00", "id": "SECURITYVULNS:VULN:14148", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14148", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:56", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\nAPPLE-SA-2014-12-3-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 \r\n\r\nSafari 8.0.1, Safari 7.1.1, and Safari 6.2.1 is now available and\r\naddresses the following:\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.1\r\nImpact: Style sheets are loaded cross-origin which may allow for\r\ndata exfiltration\r\nDescription: An SVG loaded in an img element could load a CSS file\r\ncross-origin. This issue was addressed through enhanced blocking of\r\nexternal CSS references in SVGs.\r\nCVE-ID\r\nCVE-2014-4465 : Rennie deGraaf of iSEC Partners\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.1\r\nImpact: Visiting a website that frames malicious content may lead to\r\nUI spoofing\r\nDescription: A UI spoofing issue existed in the handling of\r\nscrollbar boundaries. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2014-1748 : Jordan Milne\r\n\r\nWebKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10.1\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2014-4452\r\nCVE-2014-4459\r\nCVE-2014-4466 : Apple\r\nCVE-2014-4468 : Apple\r\nCVE-2014-4469 : Apple\r\nCVE-2014-4470 : Apple\r\nCVE-2014-4471 : Apple\r\nCVE-2014-4472 : Apple\r\nCVE-2014-4473 : Apple\r\nCVE-2014-4474 : Apple\r\nCVE-2014-4475 : Apple\r\n\r\n\r\nSafari 8.0.1, Safari 7.1.1, and Safari 6.2.1 may be obtained from the Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - https://gpgtools.org\r\n\r\niQIcBAEBCgAGBQJUfjjSAAoJEBcWfLTuOo7t1PsP/j0H8iRJiPtYVwRly6mxyDrv\r\n4Ji7sopCSNa96qcqn9jILbFTkthqaXE/vew2UdJgO5CSXqxcF50I9bUkPJyJBq4j\r\nqGEu8a54pMteNSCtox1mwzZu8tcOArc//oQhMPhqSRkEvjVv2bsJdQ9bmc1QqHhP\r\nHkJBN/HO8w5RvZ6o5PiitnOOwVOu2sEX80mI7eYKmRjl7AWMzVE6sER1boL+EyCW\r\n4F5s9610J7KjpWh2QewhhefYPootah9JCKoybTrrba+hBESYtHuRwTTkay7cgMkd\r\nJ+a4xdjngl/ySFqOH7IhnnUD8Cs5UelHk7HlwqoGTxsaRjKnWlZ+1PqtE5buN7v+\r\nSeZeYqeWwSJEeDis55dMIHuKmYl3XsAHU7405A8AW27YLh+ABrnZNctebHub3bJ8\r\nBayfF1h1AHh1UohXnz7u6o9LKavmKzy1VoUiTBKbon+4mBILuj9MlJVXxCIq/8Sl\r\nkmxKlE969d1Ij/6LeNKb/BZ9SYoEOdkgZdqO5BNNtsBgE17xm5yGuJeZyour5hSM\r\n8a9FwRf9QjKD/xodIP0VtB/c53eUe1DRJNgwXkmC4K+7nslBexmzDOxs2bG2LXOU\r\nz0aExXx0goTI5K14PRFE+hLVDOw0jNjp7K2EQAKSK9oKF1sR/tk2nqO/AduSArbe\r\nbftlUMkfPwAuqhtNajQZ\r\n=S2wI\r\n-----END PGP SIGNATURE\u2014\u2014\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-12-11T00:00:00", "title": "APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-4469", "CVE-2014-4474", "CVE-2014-4475", "CVE-2014-4466", "CVE-2014-4470", "CVE-2014-4452", "CVE-2014-4472", "CVE-2014-4468", "CVE-2014-4473", "CVE-2014-4471", "CVE-2014-4465", "CVE-2014-1748", "CVE-2014-4459"], "modified": "2014-12-11T00:00:00", "id": "SECURITYVULNS:DOC:31492", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31492", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:01", "description": "\r\n\r\nAPPLE-SA-2015-09-16-1 iOS 9\r\n\r\niOS 9 is now available and addresses the following:\r\n\r\nApple Pay\r\nAvailable for: iPhone 6, iPad mini 3, and iPad Air 2\r\nImpact: Some cards may allow a terminal to retrieve limited recent\r\ntransaction information when making a payment\r\nDescription: The transaction log functionality was enabled in\r\ncertain configurations. This issue was addressed by removing the\r\ntransaction log functionality.\r\nCVE-ID\r\nCVE-2015-5916\r\n\r\nAppleKeyStore\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to reset failed passcode\r\nattempts with an iOS backup\r\nDescription: An issue existed in resetting failed passcode attempts\r\nwith a backup of the iOS device. This was addressed through improved\r\npasscode failure logic.\r\nCVE-ID\r\nCVE-2015-5850 : an anonymous researcher\r\n\r\nApplication Store\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Clicking a malicious ITMS link may lead to a denial of\r\nservice in an enterprise-signed application\r\nDescription: An issue existed with installation through ITMS links.\r\nThis was addressed through additional installation verification.\r\nCVE-ID\r\nCVE-2015-5856 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\r\nFireEye, Inc.\r\n\r\nAudio\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Playing a malicious audio file may lead to an unexpected\r\napplication termination\r\nDescription: A memory corruption issue existed in the handling of\r\naudio files. This issue issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\r\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\r\n\r\nCertificate Trust Policy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT204132.\r\n\r\nCFNetwork\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device may read\r\ncache data from Apple apps\r\nDescription: Cache data was encrypted with a key protected only by\r\nthe hardware UID. This issue was addressed by encrypting the cache\r\ndata with a key protected by the hardware UID and the user's\r\npasscode.\r\nCVE-ID\r\nCVE-2015-5898 : Andreas Kurtz of NESO Security Labs\r\n\r\nCFNetwork Cookies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position can track a\r\nuser's activity\r\nDescription: A cross-domain cookie issue existed in the handling of\r\ntop level domains. The issue was address through improved\r\nrestrictions of cookie creation.\r\nCVE-ID\r\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork Cookies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to create unintended cookies for a\r\nwebsite\r\nDescription: WebKit would accept multiple cookies to be set in the\r\ndocument.cookie API. This issue was addressed through improved\r\nparsing.\r\nCVE-ID\r\nCVE-2015-3801 : Erling Ellingsen of Facebook\r\n\r\nCFNetwork FTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Malicious FTP servers may be able to cause the client to\r\nperform reconnaissance on other hosts\r\nDescription: An issue existed in FTP packet handling if clients were\r\nusing an FTP proxy.\r\nCVE-ID\r\nCVE-2015-5912 : Amit Klein\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A maliciously crafted URL may be able to bypass HTTP Strict\r\nTransport Security (HSTS) and leak sensitive data\r\nDescription: A URL parsing vulnerability existed in HSTS handling.\r\nThis issue was addressed through improved URL parsing.\r\nCVE-ID\r\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website may be able to track users in Safari\r\nprivate browsing mode\r\nDescription: An issue existed in the handling of HSTS state in\r\nSafari private browsing mode. This issue was addressed through\r\nimproved state handling.\r\nCVE-ID\r\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\r\n\r\nCFNetwork Proxies\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Connecting to a malicious web proxy may set malicious\r\ncookies for a website\r\nDescription: An issue existed in the handling of proxy connect\r\nresponses. This issue was addressed by removing the set-cookie header\r\nwhile parsing the connect response.\r\nCVE-ID\r\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\r\nUniversity\r\n\r\nCFNetwork SSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may intercept\r\nSSL/TLS connections\r\nDescription: A certificate validation issue existed in NSURL when a\r\ncertificate changed. This issue was addressed through improved\r\ncertificate validation.\r\nCVE-ID\r\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\r\n\r\nCFNetwork SSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of RC4.\r\nAn attacker could force the use of RC4, even if the server preferred\r\nbetter ciphers, by blocking TLS 1.0 and higher connections until\r\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\r\naddressed by removing the fallback to SSL 3.0.\r\n\r\nCoreAnimation\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to leak sensitive user\r\ninformation\r\nDescription: Applications could access the screen framebuffer while\r\nthey were in the background. This issue was addressed with improved\r\naccess control on IOSurfaces.\r\nCVE-ID\r\nCVE-2015-5880 : Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin\r\nGao, Yingjiu Li of School of Information Systems Singapore Management\r\nUniversity, Feng Bao and Jianying Zhou of Cryptography and Security\r\nDepartment Institute for Infocomm Research\r\n\r\nCoreCrypto\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to determine a private key\r\nDescription: By observing many signing or decryption attempts, an\r\nattacker may have been able to determine the RSA private key. This\r\nissue was addressed using improved encryption algorithms.\r\n\r\nCoreText\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nData Detectors Engine\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted text file may lead to\r\narbitrary code execution\r\nDescription: Memory corruption issues existed in the processing of\r\ntext files. These issues were addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)\r\n\r\nDev Tools\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in dyld. This was\r\naddressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5876 : beist of grayhash\r\n\r\ndyld\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An application may be able to bypass code signing\r\nDescription: An issue existed with validation of the code signature\r\nof executables. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team\r\n\r\nDisk Images\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in DiskImages. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\r\n\r\nGame Center\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious Game Center application may be able to access a\r\nplayer's email address\r\nDescription: An issue existed in Game Center in the handling of a\r\nplayer's email. This issue was addressed through improved access\r\nrestrictions.\r\nCVE-ID\r\nCVE-2015-5855 : Nasser Alnasser\r\n\r\nICU\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in ICU\r\nDescription: Multiple vulnerabilities existed in ICU versions prior\r\nto 53.1.0. These issues were addressed by updating ICU to version\r\n55.1.\r\nCVE-ID\r\nCVE-2014-8146\r\nCVE-2015-1205\r\n\r\nIOAcceleratorFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed that led to the disclosure of kernel\r\nmemory content. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team\r\n\r\nIOAcceleratorFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOAcceleratorFamily. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5848 : Filippo Bigarella\r\n\r\nIOHIDFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in IOHIDFamily. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5867 : moony li of Trend Micro\r\n\r\nIOKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5844 : Filippo Bigarella\r\nCVE-2015-5845 : Filippo Bigarella\r\nCVE-2015-5846 : Filippo Bigarella\r\n\r\nIOMobileFrameBuffer\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOMobileFrameBuffer. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5843 : Filippo Bigarella\r\n\r\nIOStorageFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to read kernel memory\r\nDescription: A memory initialization issue existed in the kernel.\r\nThis issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5863 : Ilja van Sprundel of IOActive\r\n\r\niTunes Store\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: AppleID credentials may persist in the keychain after sign\r\nout\r\nDescription: An issue existed in keychain deletion. This issue was\r\naddressed through improved account cleanup.\r\nCVE-ID\r\nCVE-2015-5832 : Kasif Dekel from Check Point Software Technologies\r\n\r\nJavaScriptCore\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Memory corruption issues existed in WebKit. These\r\nissues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5791 : Apple\r\nCVE-2015-5793 : Apple\r\nCVE-2015-5814 : Apple\r\nCVE-2015-5816 : Apple\r\nCVE-2015-5822 : Mark S. Miller of Google\r\nCVE-2015-5823 : Apple\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\r\nCVE-2015-5896 : Maxime Villard of m00nbsd\r\nCVE-2015-5903 : CESG\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may control the value of stack cookies\r\nDescription: Multiple weaknesses existed in the generation of user\r\nspace stack cookies. This was addressed through improved generation\r\nof stack cookies.\r\nCVE-ID\r\nCVE-2013-3951 : Stefan Esser\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local process can modify other processes without\r\nentitlement checks\r\nDescription: An issue existed where root processes using the\r\nprocessor_set_tasks API were allowed to retrieve the task ports of\r\nother processes. This issue was addressed through added entitlement\r\nchecks.\r\nCVE-ID\r\nCVE-2015-5882 : Pedro Vilaca, working from original research by Ming-\r\nchieh Pan and Sung-ting Tsai; Jonathan Levin\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to launch denial of service attacks\r\non targeted TCP connections without knowing the correct sequence\r\nnumber\r\nDescription: An issue existed in xnu's validation of TCP packet\r\nheaders. This issues was addressed through improved TCP packet header\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5879 : Jonathan Looney\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a local LAN segment may disable IPv6 routing\r\nDescription: An insufficient validation issue existed in handling of\r\nIPv6 router advertisements that allowed an attacker to set the hop\r\nlimit to an arbitrary value. This issue was addressed by enforcing a\r\nminimum hop limit.\r\nCVE-ID\r\nCVE-2015-5869 : Dennis Spindel Ljungmark\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in XNU that led to the disclosure of\r\nkernel memory. This was addressed through improved initialization of\r\nkernel memory structures.\r\nCVE-ID\r\nCVE-2015-5842 : beist of grayhash\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: An issue existed in HFS drive mounting. This was\r\naddressed by additional validation checks.\r\nCVE-ID\r\nCVE-2015-5748 : Maxime Villard of m00nbsd\r\n\r\nlibc\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\r\nCorporation\r\n\r\nlibpthread\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\r\n\r\nMail\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker can send an email that appears to come from a\r\ncontact in the recipient's address book\r\nDescription: An issue existed in the handling of the sender's\r\naddress. This issue was addressed through improved validation.\r\nCVE-ID\r\nCVE-2015-5857 : Emre Saglam of salesforce.com\r\n\r\nMultipeer Connectivity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local attacker may be able to observe unprotected\r\nmultipeer data\r\nDescription: An issue existed in convenience initializer handling in\r\nwhich encryption could be actively downgraded to a non-encrypted\r\nsession. This issue was addressed by changing the convenience\r\ninitializer to require encryption.\r\nCVE-ID\r\nCVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem\r\n\r\nNetworkExtension\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An uninitialized memory issue in the kernel led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nmemory initialization.\r\nCVE-ID\r\nCVE-2015-5831 : Maxime Villard of m00nbsd\r\n\r\nOpenSSL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL versions\r\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\r\n0.9.8zg.\r\nCVE-ID\r\nCVE-2015-0286\r\nCVE-2015-0287\r\n\r\nPluginKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious enterprise application can install extensions\r\nbefore the application has been trusted\r\nDescription: An issue existed in the validation of extensions during\r\ninstallation. This was addressed through improved app verification.\r\nCVE-ID\r\nCVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\r\nFireEye, Inc.\r\n\r\nremovefile\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing malicious data may lead to unexpected application\r\ntermination\r\nDescription: An overflow fault existed in the checkint division\r\nroutines. This issue was addressed with improved division routines.\r\nCVE-ID\r\nCVE-2015-5840 : an anonymous researcher\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local user may be able to read Safari bookmarks on a\r\nlocked iOS device without a passcode\r\nDescription: Safari bookmark data was encrypted with a key protected\r\nonly by the hardware UID. This issue was addressed by encrypting the\r\nSafari bookmark data with a key protected by the hardware UID and the\r\nuser's passcode.\r\nCVE-ID\r\nCVE-2015-5903 : Jonathan Zdziarski\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: An issue may have allowed a website to display content\r\nwith a URL from a different website. This issue was addressed through\r\nimproved URL handling.\r\nCVE-ID\r\nCVE-2015-5904 : Erling Ellingsen of Facebook, Lukasz Pilorz\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Navigating to a malicious website with a malformed\r\nwindow opener may have allowed the display of arbitrary URLs. This\r\nissue was addressed through improved handling of window openers.\r\nCVE-ID\r\nCVE-2015-5905 : Keita Haga of keitahaga.com\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Users may be tracked by malicious websites using client\r\ncertificates\r\nDescription: An issue existed in Safari's client certificate\r\nmatching for SSL authentication. This issue was addressed through\r\nimproved matching of valid client certificates.\r\nCVE-ID\r\nCVE-2015-1129 : Stefan Kraus of fluid Operations AG, Sylvain Munaut\r\nof Whatever s.a.\r\n\r\nSafari\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to user interface\r\nspoofing\r\nDescription: Multiple user interface inconsistencies may have\r\nallowed a malicious website to display an arbitrary URL. These issues\r\nwere addressed through improved URL display logic.\r\nCVE-ID\r\nCVE-2015-5764 : Antonio Sanso (@asanso) of Adobe\r\nCVE-2015-5765 : Ron Masas\r\nCVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa\r\n\r\nSafari Safe Browsing\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Navigating to the IP address of a known malicious website\r\nmay not trigger a security warning\r\nDescription: Safari's Safe Browsing feature did not warn users when\r\nvisiting known malicious websites by their IP addresses. The issue\r\nwas addressed through improved malicious site detection.\r\nRahul M of TagsDoc\r\n\r\nSecurity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious app may be able to intercept communication\r\nbetween apps\r\nDescription: An issue existed that allowed a malicious app to\r\nintercept URL scheme communication between apps. This was mitigated\r\nby displaying a dialog when a URL scheme is used for the first time.\r\nCVE-ID\r\nCVE-2015-5835 : Teun van Run of FiftyTwoDegreesNorth B.V.; XiaoFeng\r\nWang of Indiana University, Luyi Xing of Indiana University, Tongxin\r\nLi of Peking University, Tongxin Li of Peking University, Xiaolong\r\nBai of Tsinghua University\r\n\r\nSiri\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device may be able\r\nto use Siri to read notifications of content that is set not to be\r\ndisplayed at the lock screen\r\nDescription: When a request was made to Siri, client side\r\nrestrictions were not being checked by the server. This issue was\r\naddressed through improved restriction checking.\r\nCVE-ID\r\nCVE-2015-5892 : Robert S Mozayeni, Joshua Donvito\r\n\r\nSpringBoard\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to an iOS device can reply to\r\nan audio message from the lock screen when message previews from the\r\nlock screen are disabled\r\nDescription: A lock screen issue allowed users to reply to audio\r\nmessages when message previews were disabled. This issue was\r\naddressed through improved state management.\r\nCVE-ID\r\nCVE-2015-5861 : Daniel Miedema of Meridian Apps\r\n\r\nSpringBoard\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to spoof another\r\napplication's dialog windows\r\nDescription: An access issue existed with privileged API calls. This\r\nissue was addressed through additional restrictions.\r\nCVE-ID\r\nCVE-2015-5838 : Min (Spark) Zheng, Hui Xue, Tao (Lenx) Wei, John C.S.\r\nLui\r\n\r\nSQLite\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Multiple vulnerabilities in SQLite v3.8.5\r\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5.\r\nThese issues were addressed by updating SQLite to version 3.8.10.2.\r\nCVE-ID\r\nCVE-2015-5895\r\n\r\ntidy\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in Tidy. This issues\r\nwas addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\r\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Object references may be leaked between isolated origins on\r\ncustom events, message events and pop state events\r\nDescription: An object leak issue broke the isolation boundary\r\nbetween origins. This issue was addressed through improved isolation\r\nbetween origins.\r\nCVE-ID\r\nCVE-2015-5827 : Gildas\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Memory corruption issues existed in WebKit. These\r\nissues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5789 : Apple\r\nCVE-2015-5790 : Apple\r\nCVE-2015-5792 : Apple\r\nCVE-2015-5794 : Apple\r\nCVE-2015-5795 : Apple\r\nCVE-2015-5796 : Apple\r\nCVE-2015-5797 : Apple\r\nCVE-2015-5799 : Apple\r\nCVE-2015-5800 : Apple\r\nCVE-2015-5801 : Apple\r\nCVE-2015-5802 : Apple\r\nCVE-2015-5803 : Apple\r\nCVE-2015-5804 : Apple\r\nCVE-2015-5805\r\nCVE-2015-5806 : Apple\r\nCVE-2015-5807 : Apple\r\nCVE-2015-5809 : Apple\r\nCVE-2015-5810 : Apple\r\nCVE-2015-5811 : Apple\r\nCVE-2015-5812 : Apple\r\nCVE-2015-5813 : Apple\r\nCVE-2015-5817 : Apple\r\nCVE-2015-5818 : Apple\r\nCVE-2015-5819 : Apple\r\nCVE-2015-5821 : Apple\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to unintended dialing\r\nDescription: An issue existed in handling of tel://, facetime://,\r\nand facetime-audio:// URLs. This issue was addressed through improved\r\nURL handling.\r\nCVE-ID\r\nCVE-2015-5820 : Andrei Neculaesei, Guillaume Ross\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: QuickType may learn the last character of a password in a\r\nfilled-in web form\r\nDescription: An issue existed in WebKit's handling of password input\r\ncontext. This issue was addressed through improved input context\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5906 : Louis Romero of Google Inc.\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position may be able to\r\nredirect to a malicious domain\r\nDescription: An issue existed in the handling of resource caches on\r\nsites with invalid certificates. The issue was addressed by rejecting\r\nthe application cache of domains with invalid certificates.\r\nCVE-ID\r\nCVE-2015-5907 : Yaoqi Jia of National University of Singapore (NUS)\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious website may exfiltrate data cross-origin\r\nDescription: Safari allowed cross-origin stylesheets to be loaded\r\nwith non-CSS MIME types which could be used for cross-origin data\r\nexfiltration. This issue was addressed by limiting MIME types for\r\ncross-origin stylesheets.\r\nCVE-ID\r\nCVE-2015-5826 : filedescriptor, Chris Evans\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: The Performance API may allow a malicious website to leak\r\nbrowsing history, network activity, and mouse movements\r\nDescription: WebKit's Performance API could have allowed a malicious\r\nwebsite to leak browsing history, network activity, and mouse\r\nmovements by measuring time. This issue was addressed by limiting\r\ntime resolution.\r\nCVE-ID\r\nCVE-2015-5825 : Yossi Oren et al. of Columbia University's Network\r\nSecurity Lab\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker in a privileged network position may be able to\r\nleak sensitive user information\r\nDescription: An issue existed with Content-Disposition headers\r\ncontaining type attachment. This issue was addressed by disallowing\r\nsome functionality for type attachment pages.\r\nCVE-ID\r\nCVE-2015-5921 : Mickey Shkatov of the Intel(r) Advanced Threat\r\nResearch Team, Daoyuan Wu of Singapore Management University, Rocky\r\nK. C. Chang of Hong Kong Polytechnic University, Lukasz Pilorz,\r\nsuperhei of www.knownsec.com\r\n\r\nWebKit Canvas\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may disclose image data from\r\nanother website\r\nDescription: A cross-origin issue existed with "canvas" element\r\nimages in WebKit. This was addressed through improved tracking of\r\nsecurity origins.\r\nCVE-ID\r\nCVE-2015-5788 : Apple\r\n\r\nWebKit Page Loading\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: WebSockets may bypass mixed content policy enforcement\r\nDescription: An insufficient policy enforcement issue allowed\r\nWebSockets to load mixed content. This issue was addressed by\r\nextending mixed content policy enforcement to WebSockets.\r\nKevin G Jones of Higher Logic\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "9".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-10-05T00:00:00", "title": "APPLE-SA-2015-09-16-1 iOS 9", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-5880", "CVE-2015-5838", "CVE-2015-5903", "CVE-2015-5861", "CVE-2015-5825", "CVE-2015-5748", "CVE-2015-5847", "CVE-2015-5892", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-5796", "CVE-2015-5829", "CVE-2015-1205", "CVE-2015-5874", "CVE-2015-5860", "CVE-2015-5812", "CVE-2015-5788", "CVE-2015-5895", "CVE-2015-5843", "CVE-2015-5845", "CVE-2015-5905", "CVE-2015-5868", "CVE-2015-5805", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-5846", "CVE-2015-5807", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-5801", "CVE-2015-5912", "CVE-2015-5921", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-5791", "CVE-2015-5841", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5831", "CVE-2015-5855", "CVE-2015-5916", "CVE-2014-8611", "CVE-2015-5789", "CVE-2015-5765", "CVE-2015-5813", "CVE-2015-1129", "CVE-2015-5824", "CVE-2015-5856", "CVE-2015-5764", "CVE-2015-5821", "CVE-2015-5867", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-5827", "CVE-2015-5848", "CVE-2015-5826", "CVE-2014-8146", "CVE-2015-5835", "CVE-2015-5523", "CVE-2015-5820", "CVE-2015-5844", "CVE-2015-5904", "CVE-2015-5885", "CVE-2015-3801", "CVE-2015-5837", "CVE-2013-3951", "CVE-2015-5906", "CVE-2015-5810", "CVE-2015-5898", "CVE-2015-5850", "CVE-2015-0287", "CVE-2015-5823", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5896", "CVE-2015-5863", "CVE-2015-5907", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5857", "CVE-2015-5834", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899", "CVE-2015-5832", "CVE-2015-5767"], "modified": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32514", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32514", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:51:20", "description": "Protection bypass, use-after-free, memory corruptions, integer overflow.", "edition": 2, "cvss3": {}, "published": "2014-06-09T00:00:00", "title": "Google Chrome / Chromium multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-1747", "CVE-2014-1735", "CVE-2014-1742", "CVE-2014-3152", "CVE-2014-1734", "CVE-2014-1733", "CVE-2014-1732", "CVE-2014-1744", "CVE-2014-1736", "CVE-2014-1743", "CVE-2014-1731", "CVE-2014-1740", "CVE-2014-1746", "CVE-2014-1749", "CVE-2014-1745", "CVE-2014-1730", "CVE-2014-1748", "CVE-2014-1741"], "modified": "2014-06-09T00:00:00", "id": "SECURITYVULNS:VULN:13748", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13748", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2021-06-08T18:47:16", "description": "Screen unlock, information disclosure, restrictions bypass, multiple memory corruptions, weak encryption, multiple vulnerabilities in different libraries.", "edition": 2, "cvss3": {}, "published": "2015-10-25T00:00:00", "title": "Apple iOS multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-5880", "CVE-2015-5930", "CVE-2015-5838", "CVE-2015-5903", "CVE-2015-7022", "CVE-2015-6976", "CVE-2015-5861", "CVE-2015-5825", "CVE-2015-5927", "CVE-2015-5748", "CVE-2015-5847", "CVE-2015-7005", "CVE-2015-6975", "CVE-2015-7004", "CVE-2015-7002", "CVE-2015-5892", "CVE-2015-6982", "CVE-2015-5869", "CVE-2015-5879", "CVE-2015-5876", "CVE-2015-5858", "CVE-2015-5924", "CVE-2015-5862", "CVE-2015-0286", "CVE-2015-6979", "CVE-2015-6983", "CVE-2015-5796", "CVE-2015-5829", "CVE-2015-1205", "CVE-2015-5939", "CVE-2015-5874", "CVE-2015-6991", "CVE-2015-5860", "CVE-2015-5812", "CVE-2015-7014", "CVE-2015-6994", "CVE-2015-5788", "CVE-2015-6992", "CVE-2015-5895", "CVE-2015-5843", "CVE-2015-6977", "CVE-2015-5845", "CVE-2015-5905", "CVE-2015-5868", "CVE-2015-5805", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5816", "CVE-2015-5794", "CVE-2015-5940", "CVE-2015-5846", "CVE-2015-5807", "CVE-2015-5882", "CVE-2015-5842", "CVE-2015-6997", "CVE-2015-5801", "CVE-2015-6995", "CVE-2015-6978", "CVE-2015-7018", "CVE-2015-5912", "CVE-2015-5921", "CVE-2015-5935", "CVE-2015-5818", "CVE-2015-5803", "CVE-2015-6986", "CVE-2015-7010", "CVE-2015-5802", "CVE-2015-5792", "CVE-2015-7008", "CVE-2015-5791", "CVE-2015-5841", "CVE-2015-5793", "CVE-2015-5795", "CVE-2015-5929", "CVE-2015-5831", "CVE-2015-5937", "CVE-2015-5855", "CVE-2015-5916", "CVE-2015-7023", "CVE-2014-8611", "CVE-2015-5789", "CVE-2015-6993", "CVE-2015-5765", "CVE-2015-7000", "CVE-2015-5813", "CVE-2015-1129", "CVE-2015-5824", "CVE-2015-5856", "CVE-2015-5764", "CVE-2015-5821", "CVE-2015-5936", "CVE-2015-5867", "CVE-2015-6989", "CVE-2015-5923", "CVE-2015-5942", "CVE-2015-7015", "CVE-2015-6981", "CVE-2015-5819", "CVE-2015-5800", "CVE-2015-5827", "CVE-2015-6999", "CVE-2015-5848", "CVE-2015-5826", "CVE-2014-8146", "CVE-2015-5835", "CVE-2015-6990", "CVE-2015-7009", "CVE-2015-6988", "CVE-2015-5523", "CVE-2015-5820", "CVE-2015-5844", "CVE-2015-5904", "CVE-2015-5885", "CVE-2015-6996", "CVE-2015-3801", "CVE-2015-5837", "CVE-2013-3951", "CVE-2015-7012", "CVE-2015-5906", "CVE-2015-5810", "CVE-2015-5898", "CVE-2015-5925", "CVE-2015-5850", "CVE-2015-0287", "CVE-2015-6974", "CVE-2015-5823", "CVE-2015-5928", "CVE-2015-5822", "CVE-2015-5797", "CVE-2015-5896", "CVE-2015-5863", "CVE-2015-5907", "CVE-2015-5806", "CVE-2015-5809", "CVE-2015-5799", "CVE-2015-5857", "CVE-2015-5834", "CVE-2015-5790", "CVE-2015-5804", "CVE-2015-5814", "CVE-2015-7006", "CVE-2015-7017", "CVE-2015-5817", "CVE-2015-5811", "CVE-2015-5926", "CVE-2015-5522", "CVE-2015-5851", "CVE-2015-5899", "CVE-2015-5832", "CVE-2015-5767"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14696", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14696", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:02", "description": "\r\n\r\nAPPLE-SA-2015-10-21-1 iOS 9.1\r\n\r\niOS 9.1 is now available and addresses the following:\r\n\r\nAccelerate Framework\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in the Accelerate\r\nFramework in multi-threading mode. This issue was addressed through\r\nimproved accessor element validation and improved object locking.\r\nCVE-ID\r\nCVE-2015-5940 : Apple\r\n\r\nBom\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Unpacking a maliciously crafted archive may lead to\r\narbitrary code execution\r\nDescription: A file traversal vulnerability existed in the handling\r\nof CPIO archives. This issue was addressed through improved\r\nvalidation of metadata.\r\nCVE-ID\r\nCVE-2015-7006 : Mark Dowd at Azimuth Security\r\n\r\nCFNetwork\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to cookies\r\nbeing overwritten\r\nDescription: A parsing issue existed when handling cookies with\r\ndifferent letter casing. This issue was addressed through improved\r\nparsing.\r\nCVE-ID\r\nCVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of\r\nTsinghua University, Jian Jiang of University of California,\r\nBerkeley, Haixin Duan of Tsinghua University and International\r\nComputer Science Institute, Shuo Chen of Microsoft Research Redmond,\r\nTao Wan of Huawei Canada, Nicholas Weaver of International Computer\r\nScience Institute and University of California, Berkeley, coordinated\r\nvia CERT/CC\r\n\r\nconfigd\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to elevate privileges\r\nDescription: A heap based buffer overflow issue existed in the DNS\r\nclient library. A malicious application with the ability to spoof\r\nresponses from the local configd service may have been able to cause\r\narbitrary code execution in DNS clients.\r\nCVE-ID\r\nCVE-2015-7015 : PanguTeam\r\n\r\nCoreGraphics\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Multiple memory corruption issues existed in\r\nCoreGraphics. These issues were addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5925 : Apple\r\nCVE-2015-5926 : Apple\r\n\r\nCoreText\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of font files. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nDisk Images\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in the parsing of\r\ndisk images. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-6995 : Ian Beer of Google Project Zero\r\n\r\nFontParser\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of font files. These issues were addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-5927 : Apple\r\nCVE-2015-5942\r\nCVE-2015-6976 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6977 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero\r\nDay Initiative\r\nCVE-2015-6990 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6991 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-6993 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7008 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7009 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7010 : John Villamil (@day6reak), Yahoo Pentest Team\r\nCVE-2015-7018 : John Villamil (@day6reak), Yahoo Pentest Team\r\n\r\nGasGauge\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with kernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-6979 : PanguTeam\r\n\r\nGrand Central Dispatch\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Processing a maliciously crafted package may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed when handling\r\ndispatch calls. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-6989 : Apple\r\n\r\nGraphics Driver\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Executing a malicious application may result in arbitrary\r\ncode execution within the kernel\r\nDescription: A type confusion issue existed in AppleVXD393. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-6986 : Proteas of Qihoo 360 Nirvan Team\r\n\r\nImageIO\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted image file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nparsing of image metadata. These issues was addressed through\r\nimproved metadata validation.\r\nCVE-ID\r\nCVE-2015-5935 : Apple\r\nCVE-2015-5936 : Apple\r\nCVE-2015-5937 : Apple\r\nCVE-2015-5939 : Apple\r\n\r\nIOAcceleratorFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in\r\nIOAcceleratorFamily. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-6996 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with kernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-6974 : Luca Todesco (@qwertyoruiop)\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local application may be able to cause a denial of service\r\nDescription: An input validation issue existed in the kernel. This\r\nissue was addressed through improved input validation.\r\nCVE-ID\r\nCVE-2015-7004 : Sergi Alvarez (pancake) of NowSecure Research Team\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may be able\r\nto execute arbitrary code\r\nDescription: An uninitialized memory issue existed in the kernel.\r\nThis issue was addressed through improved memory initialization.\r\nCVE-ID\r\nCVE-2015-6988 : The Brainy Code Scanner (m00nbsd)\r\n\r\nKernel\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A local application may be able to cause a denial of service\r\nDescription: An issue existed when reusing virtual memory. This\r\nissue was addressed through improved validation.\r\nCVE-ID\r\nCVE-2015-6994 : Mark Mentovai of Google Inc.\r\n\r\nNotification Center\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Phone and Messages notifications may appear on the lock\r\nscreen even when disabled\r\nDescription: When "Show on Lock Screen" was turned off for Phone or\r\nMessages, configuration changes were not immediately applied. This\r\nissue was addressed through improved state management.\r\nCVE-ID\r\nCVE-2015-7000 : William Redwood of Hampton School\r\n\r\nOpenGL\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in OpenGL. This issue\r\nwas addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5924 : Apple\r\n\r\nSecurity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to overwrite arbitrary\r\nfiles\r\nDescription: A double free issue existed in the handling of\r\nAtomicBufferedFile descriptors. This issue was addressed through\r\nimproved validation of AtomicBufferedFile descriptors.\r\nCVE-ID\r\nCVE-2015-6983 : David Benjamin, Greg Kerr, Mark Mentovai and Sergey\r\nUlanov from the Chrome Team\r\n\r\nSecurity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to make a revoked certificate appear\r\nvalid\r\nDescription: A validation issue existed in the OCSP client. This\r\nissue was addressed by checking the OCSP certificate's expiration\r\ntime.\r\nCVE-ID\r\nCVE-2015-6999 : Apple\r\n\r\nSecurity\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A trust evaluation configured to require revocation checking\r\nmay succeed even if revocation checking fails\r\nDescription: The kSecRevocationRequirePositiveResponse flag was\r\nspecified but not implemented. This issue was addressed by\r\nimplementing the flag.\r\nCVE-ID\r\nCVE-2015-6997 : Apple\r\n\r\nTelephony\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious application may be able to leak sensitive user\r\ninformation\r\nDescription: An issue existed in the authorization checks for\r\nquerying phone call status. This issue was addressed through\r\nadditional authorization state queries.\r\nCVE-ID\r\nCVE-2015-7022 : Andreas Kurtz of NESO Security Labs\r\n\r\nWebKit\r\nAvailable for: iPhone 4s and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5928 : Apple\r\nCVE-2015-5929 : Apple\r\nCVE-2015-5930 : Apple\r\nCVE-2015-6981\r\nCVE-2015-6982\r\nCVE-2015-7002 : Apple\r\nCVE-2015-7005 : Apple\r\nCVE-2015-7012 : Apple\r\nCVE-2015-7014\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "9.1".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-10-25T00:00:00", "title": "APPLE-SA-2015-10-21-1 iOS 9.1", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-5930", "CVE-2015-7022", "CVE-2015-6976", "CVE-2015-5927", "CVE-2015-7005", "CVE-2015-6975", "CVE-2015-7004", "CVE-2015-7002", "CVE-2015-6982", "CVE-2015-5924", "CVE-2015-6979", "CVE-2015-6983", "CVE-2015-5939", "CVE-2015-6991", "CVE-2015-7014", "CVE-2015-6994", "CVE-2015-6992", "CVE-2015-6977", "CVE-2015-5940", "CVE-2015-6997", "CVE-2015-6995", "CVE-2015-6978", "CVE-2015-7018", "CVE-2015-5935", "CVE-2015-6986", "CVE-2015-7010", "CVE-2015-7008", "CVE-2015-5929", "CVE-2015-5937", "CVE-2015-7023", "CVE-2015-6993", "CVE-2015-7000", "CVE-2015-5936", "CVE-2015-6989", "CVE-2015-5942", "CVE-2015-7015", "CVE-2015-6981", "CVE-2015-6999", "CVE-2015-6990", "CVE-2015-7009", "CVE-2015-6988", "CVE-2015-6996", "CVE-2015-7012", "CVE-2015-5925", "CVE-2015-6974", "CVE-2015-5928", "CVE-2015-7006", "CVE-2015-7017", "CVE-2015-5926"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:DOC:32563", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32563", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2022-03-23T13:11:07", "description": "WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.", "cvss3": {}, "published": "2015-10-23T21:59:00", "type": "cve", "title": "CVE-2015-5928", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5928"], "modified": "2016-12-24T02:59:00", "cpe": ["cpe:/a:apple:itunes:12.3.0", "cpe:/a:apple:safari:9.0", "cpe:/o:apple:iphone_os:9.0.2"], "id": "CVE-2015-5928", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5928", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:itunes:12.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:07:08", "description": "The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.", "cvss3": {}, "published": "2015-09-18T10:59:00", "type": "cve", "title": "CVE-2015-5788", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5788"], "modified": "2016-12-22T03:00:00", "cpe": ["cpe:/o:apple:iphone_os:8.4.1", "cpe:/a:apple:safari:8.0.8"], "id": "CVE-2015-5788", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5788", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:8.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.8:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:31:28", "description": "WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.", "cvss3": {}, "published": "2015-07-03T02:00:00", "type": "cve", "title": "CVE-2015-3727", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3727"], "modified": "2016-12-28T02:59:00", "cpe": ["cpe:/a:apple:safari:7.1.4", "cpe:/a:apple:safari:7.1.6", "cpe:/a:apple:safari:7.0.2", "cpe:/o:apple:mac_os_x:10.10.3", "cpe:/a:apple:safari:7.1.3", "cpe:/o:apple:iphone_os:8.3", "cpe:/a:apple:safari:7.1.0", "cpe:/a:apple:safari:7.1.5", "cpe:/a:apple:safari:6.2.6", "cpe:/a:apple:safari:8.0.1", "cpe:/a:apple:safari:7.1.1", "cpe:/a:apple:safari:7.0", "cpe:/a:apple:safari:8.0.6", "cpe:/a:apple:safari:7.0.3", "cpe:/a:apple:safari:8.0.5", "cpe:/a:apple:safari:8.0.4", "cpe:/a:apple:safari:8.0", "cpe:/a:apple:safari:7.0.4", "cpe:/a:apple:safari:8.0.2", "cpe:/a:apple:safari:8.0.3", "cpe:/a:apple:safari:7.0.6", "cpe:/a:apple:safari:7.0.5", "cpe:/a:apple:safari:7.0.1", "cpe:/a:apple:safari:7.1.2"], "id": "CVE-2015-3727", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3727", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:08:25", "description": "WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.", "cvss3": {}, "published": "2015-09-18T10:59:00", "type": "cve", "title": "CVE-2015-5822", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5822"], "modified": "2016-12-22T03:00:00", "cpe": ["cpe:/a:apple:itunes:12.2", "cpe:/a:apple:safari:8.0.8", "cpe:/o:apple:iphone_os:8.4.1"], "id": "CVE-2015-5822", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5822", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:itunes:12.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:8.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.8:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:31:38", "description": "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.", "cvss3": {}, "published": "2015-08-16T23:59:00", "type": "cve", "title": "CVE-2015-3741", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3741"], "modified": "2019-02-08T18:08:00", "cpe": ["cpe:/a:apple:itunes:12.2", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "CVE-2015-3741", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3741", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:itunes:12.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T12:31:41", "description": "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.", "cvss3": {}, "published": "2015-08-16T23:59:00", "type": "cve", "title": "CVE-2015-3745", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3745"], "modified": "2019-02-08T18:17:00", "cpe": ["cpe:/a:apple:itunes:12.2", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "CVE-2015-3745", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3745", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:itunes:12.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T13:07:16", "description": "WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.", "cvss3": {}, "published": "2015-09-18T10:59:00", "type": "cve", "title": "CVE-2015-5794", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5794"], "modified": "2016-12-22T03:00:00", "cpe": ["cpe:/a:apple:itunes:12.2", "cpe:/o:apple:iphone_os:8.4.1", "cpe:/a:apple:safari:8.0.8"], "id": "CVE-2015-5794", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5794", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:itunes:12.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:8.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:8.0.8:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:07:33", "description": "WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.", "cvss3": {}, "published": "2015-09-18T10:59:00", "type": "cve", "title": "CVE-2015-5801", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5801"], "modified": "20

[SECURITY] Fedora 24 Update: webkitgtk3-2.4.10-1.fc24

Description

Affected Package

Related