Lucene search
Ubuntu.comUB:CVE-2015-3660HistoryJul 03, 2015 - 12:00 a.m.
CVE-2015-3660
2015-07-0300:00:00
ubuntu.com
ubuntu.com
11
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
64.8%
Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit
in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows
remote attackers to inject arbitrary web script or HTML via a crafted URL
in embedded PDF content.
Notes
| Author | Note |
|---|---|
| jdstrand | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8 |
Related
prion
prion
Cross site scripting
2015-07-03 01:59:00
cve
cve
CVE-2015-3660
2015-07-03 01:59:00
nessus
nessus
Safari < 6.2.7 / 7.1.7 / 8.0.7 Multiple Vulnerabilities
2015-10-01 00:00:00
Mac OS X : Apple Safari < 6.2.7 / 7.1.7 / 8.0.7 Multiple Vulnerabilities
2015-07-01 00:00:00
openSUSE Security Update : webkit2gtk3 (openSUSE-2016-340)
2016-03-16 00:00:00
securityvulns
securityvulns
APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7
2015-07-05 00:00:00
Apple Safari / Webkit multiple security vulnerabilities
2015-07-05 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities-01 (Jul 2015) - Mac OS X
2015-07-08 00:00:00
Mageia: Security Advisory (MGASA-2016-0116)
2016-03-31 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: webkitgtk4-2.10.4-1.fc22
2016-02-01 06:38:54
mageia
mageia
Updated webkit2 packages fix security vulnerability
2016-03-25 09:38:37
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
64.8%
Related for UB:CVE-2015-3660