Lucene search

PRIOn knowledge basePRION:CVE-2015-3751

HistoryAug 16, 2015 - 11:59 p.m.

Design/Logic Flaw

2015-08-1623:59:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

72.6%

JSON

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element.

CPENameOperatorVersion
iphone_oslt8.4.1
safarige6.0
safarilt6.2.8
safarige7.0
safarilt7.1.8
safarige8.0
safarilt8.0.8

Name	Operator	Version
iphone_os	lt	8.4.1
safari	ge	6.0
safari	lt	6.2.8
safari	ge	7.0
safari	lt	7.1.8
safari	ge	8.0
safari	lt	8.0.8

References

lists.apple.com/archives/security-announce/2015/Aug/msg00000.html

lists.apple.com/archives/security-announce/2015/Aug/msg00002.html

lists.opensuse.org/opensuse-updates/2016-03/msg00054.html

www.securityfocus.com/bid/76341

www.securitytracker.com/id/1033274

support.apple.com/kb/HT205030

support.apple.com/kb/HT205033

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

72.6%

JSON

Related for PRION:CVE-2015-3751