9 matches found
SUSE CVE-2015-1126
WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors...
CVE-2015-1126
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/applesafariftpurlcookietheft.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:36+00:00|...
Mageia: Security Advisory (MGASA-2016-0116)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Safari URL Handling Cross-Origin Security Bypass (CVE-2015-1126)
A cross-origin security bypass vulnerability exists in Apple Safari. The vulnerability is due to improper decoding of URLs. A remote unauthenticated attacker could exploit this vulnerability by enticing a user into opening a specially crafted page...
Apple Safari Multiple Vulnerabilities -01 (Apr 2015) - Mac OS X
Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...
Apple Fixes Cookie Access Vulnerability in Safari on Billions of Devices
When Apple pushed out its most recent round of patches last week it fixed a cookie vulnerability that existed in all versions of Safari, including those that run on iOS, OS X, and Windows. According to researchers who dug it up, the number of affected devices may total one billion. The issue –...
CVE-2015-1126
WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors...
CVE-2015-1126
CVE-2015-1126 affects WebKit components used in Apple iOS prior to 8.3 and Apple Safari prior to 6.2.5, 7.x prior to 7.1.5, and 8.x prior to 8.0.5. The vulnerability arises from improper handling of the userinfo field in FTP URLs, enabling remote attackers to trigger incorrect resource access via...
Mac OS X : Apple Safari < 6.2.5 / 7.1.5 / 8.0.5 Multiple Vulnerabilities
The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.5 / 7.1.5 / 8.0.5. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the state management which can result in the user's browser history not being fully purged from 'history.plist'...