CVE-2015-1122

2015-04-1000:00:00

ubuntu.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.3%

JSON

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple
Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote
attackers to execute arbitrary code or cause a denial of service (memory
corruption and application crash) via a crafted web site, a different
vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1,
APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.

Notes

Author	Note
jdstrand	webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchwebkitgtk< 2.4.10-0ubuntu0.14.04.1UNKNOWN
ubuntu15.10noarchwebkitgtk< 2.4.10-0ubuntu0.15.10.1UNKNOWN
ubuntu16.04noarchwebkitgtk< 2.4.10-0ubuntu1UNKNOWN
ubuntu16.10noarchwebkitgtk< 2.4.10-0ubuntu1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	14.04	noarch	webkitgtk	< 2.4.10-0ubuntu0.14.04.1	UNKNOWN
ubuntu	15.10	noarch	webkitgtk	< 2.4.10-0ubuntu0.15.10.1	UNKNOWN
ubuntu	16.04	noarch	webkitgtk	< 2.4.10-0ubuntu1	UNKNOWN
ubuntu	16.10	noarch	webkitgtk	< 2.4.10-0ubuntu1	UNKNOWN