CVE-2015-1127

2015-04-1000:00:00

ubuntu.com

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

The private-browsing implementation in WebKit in Apple Safari before 6.2.5,
7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an
index, which might allow local users to obtain sensitive information by
reading index entries.

Notes

Author	Note
jdstrand	webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchwebkitgtk< 2.4.10-0ubuntu0.14.04.1UNKNOWN
ubuntu15.10noarchwebkitgtk< 2.4.10-0ubuntu0.15.10.1UNKNOWN
ubuntu16.04noarchwebkitgtk< 2.4.10-0ubuntu1UNKNOWN
ubuntu16.10noarchwebkitgtk< 2.4.10-0ubuntu1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	14.04	noarch	webkitgtk	< 2.4.10-0ubuntu0.14.04.1	UNKNOWN
ubuntu	15.10	noarch	webkitgtk	< 2.4.10-0ubuntu0.15.10.1	UNKNOWN
ubuntu	16.04	noarch	webkitgtk	< 2.4.10-0ubuntu1	UNKNOWN
ubuntu	16.10	noarch	webkitgtk	< 2.4.10-0ubuntu1	UNKNOWN