Lucene search

[email protected]NVD:CVE-2015-1155

HistoryMay 08, 2015 - 12:59 a.m.

CVE-2015-1155

2015-05-0800:59:03

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.009

Percentile

82.5%

JSON

The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.

Affected configurations

Nvd

Node

appleiphone_osRange≤8.3

Node

applesafariRange≤6.2.5

applesafariMatch7.0

applesafariMatch7.0.1

applesafariMatch7.0.2

applesafariMatch7.0.3

applesafariMatch7.0.4

applesafariMatch7.0.5

applesafariMatch7.0.6

applesafariMatch7.1.0

applesafariMatch7.1.1

applesafariMatch7.1.2

applesafariMatch7.1.3

applesafariMatch7.1.4

applesafariMatch7.1.5

applesafariMatch8.0.0

applesafariMatch8.0.1

applesafariMatch8.0.2

applesafariMatch8.0.3

applesafariMatch8.0.4

applesafariMatch8.0.5

VendorProductVersionCPE
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
applesafari7.0cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*
applesafari7.0.1cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*
applesafari7.0.2cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*
applesafari7.0.3cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*
applesafari7.0.4cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*
applesafari7.0.5cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*
applesafari7.0.6cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*
applesafari7.1.0cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::
apple	safari	*	cpe:2.3:a:apple:safari::::::::
apple	safari	7.0	cpe:2.3:a:apple:safari:7.0:::::::*
apple	safari	7.0.1	cpe:2.3:a:apple:safari:7.0.1:::::::*
apple	safari	7.0.2	cpe:2.3:a:apple:safari:7.0.2:::::::*
apple	safari	7.0.3	cpe:2.3:a:apple:safari:7.0.3:::::::*
apple	safari	7.0.4	cpe:2.3:a:apple:safari:7.0.4:::::::*
apple	safari	7.0.5	cpe:2.3:a:apple:safari:7.0.5:::::::*
apple	safari	7.0.6	cpe:2.3:a:apple:safari:7.0.6:::::::*
apple	safari	7.1.0	cpe:2.3:a:apple:safari:7.1.0:::::::*