Lucene search
Ubuntu.comUB:CVE-2015-3754HistoryAug 16, 2015 - 12:00 a.m.
CVE-2015-3754
2015-08-1600:00:00
ubuntu.com
ubuntu.com
8
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
60.7%
The private-browsing implementation in WebKit in Apple Safari before 6.2.8,
7.x before 7.1.8, and 8.x before 8.0.8 does not prevent caching of HTTP
authentication credentials, which makes it easier for remote attackers to
track users via a crafted web site.
Notes
| Author | Note |
|---|---|
| jdstrand | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8 |
Related
prion
prion
Authentication flaw
2015-08-16 23:59:00
cve
cve
CVE-2015-3754
2015-08-16 23:59:00
securityvulns
securityvulns
Apple Safari / Webkit multiple security vulnerabilities
2015-08-17 00:00:00
APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
2015-08-17 00:00:00
nessus
nessus
Safari < 6.2.8 / 7.1.8 / 8.0.8 Multiple Vulnerabilities
2015-10-01 00:00:00
Mac OS X : Apple Safari < 6.2.8 / 7.1.8 / 8.0.8 Multiple Vulnerabilities
2015-08-17 00:00:00
openSUSE Security Update : webkit2gtk3 (openSUSE-2016-340)
2016-03-16 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities-01 (Sep 2015) - Mac OS X
2015-09-01 00:00:00
Mageia: Security Advisory (MGASA-2016-0116)
2016-03-31 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: webkitgtk4-2.10.4-1.fc22
2016-02-01 06:38:54
mageia
mageia
Updated webkit2 packages fix security vulnerability
2016-03-25 09:38:37
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
60.7%
Related for UB:CVE-2015-3754