ID CVE-2015-1152
Summary WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.
References
Vulnerable Configurations
  • Apple iPhone OS 8.3
    cpe:2.3:o:apple:iphone_os:8.3
  • Apple iTunes 12.2
    cpe:2.3:a:apple:itunes:12.2
  • Apple Safari 6.2.5
    cpe:2.3:a:apple:safari:6.2.5
  • Apple Safari 7.0
    cpe:2.3:a:apple:safari:7.0
  • Apple Safari 7.0.1
    cpe:2.3:a:apple:safari:7.0.1
  • Apple Safari 7.0.2
    cpe:2.3:a:apple:safari:7.0.2
  • Apple Safari 7.0.3
    cpe:2.3:a:apple:safari:7.0.3
  • Apple Safari 7.0.4
    cpe:2.3:a:apple:safari:7.0.4
  • Apple Safari 7.0.5
    cpe:2.3:a:apple:safari:7.0.5
  • cpe:2.3:a:apple:safari:7.0.6
    cpe:2.3:a:apple:safari:7.0.6
  • cpe:2.3:a:apple:safari:7.1.0
    cpe:2.3:a:apple:safari:7.1.0
  • Apple Safari 7.1.1
    cpe:2.3:a:apple:safari:7.1.1
  • cpe:2.3:a:apple:safari:7.1.2
    cpe:2.3:a:apple:safari:7.1.2
  • cpe:2.3:a:apple:safari:7.1.3
    cpe:2.3:a:apple:safari:7.1.3
  • Apple Safari 7.1.4
    cpe:2.3:a:apple:safari:7.1.4
  • Apple Safari 7.1.5
    cpe:2.3:a:apple:safari:7.1.5
  • cpe:2.3:a:apple:safari:8.0.0
    cpe:2.3:a:apple:safari:8.0.0
  • Apple Safari 8.0.1
    cpe:2.3:a:apple:safari:8.0.1
  • cpe:2.3:a:apple:safari:8.0.2
    cpe:2.3:a:apple:safari:8.0.2
  • cpe:2.3:a:apple:safari:8.0.3
    cpe:2.3:a:apple:safari:8.0.3
  • Apple Safari 8.0.4
    cpe:2.3:a:apple:safari:8.0.4
  • Apple Safari 8.0.5
    cpe:2.3:a:apple:safari:8.0.5
CVSS
Base: 6.8 (as of 29-09-2015 - 13:45)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SAFARI8_0_6.NASL
    description The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.6 / 7.1.6 / 8.0.6. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues in WebKit due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to cause a denial of service condition or to execute arbitrary code. (CVE-2015-1152, CVE-2015-1153, and CVE-2015-1154) - An information disclosure vulnerability in WebKit History exists due to a state management flaw and improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to disclose sensitive information from the file system. (CVE-2015-1155) - A flaw exists in WebKit Page Loading due to improper handling of rel attributes in anchor elements that allows target objects to get unauthorized access to link objects. A remote attacker can exploit this, via a specially crafted web page, to spoof the user interface. (CVE-2015-1156)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 83291
    published 2015-05-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83291
    title Mac OS X : Apple Safari < 6.2.6 / 7.1.6 / 8.0.6 Multiple Vulnerabilities
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_12_3_0_BANNER.NASL
    description The version of Apple iTunes running on the remote host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the WebKit, CoreText, and ICU components, and in the bundled version of the Microsoft Visual Studio C++ Redistributable Package. An attacker can exploit these vulnerabilities to cause a denial of service, execute arbitrary code, or gain access to encrypted SMB credentials. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 86601
    published 2015-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86601
    title Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)
  • NASL family Windows
    NASL id ITUNES_12_2_0.NASL
    description The version of Apple iTunes installed on the remote Windows host is prior to 12.2. It is, therefore, affected by multiple vulnerabilities in the bundled version of WebKit, including denial of service and arbitrary code execution vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 84504
    published 2015-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84504
    title Apple iTunes < 12.2 Multiple Vulnerabilities (credentialed check)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-340.NASL
    description This update for webkit2gtk3 fixes the following issues : - Update to version 2.10.7 : + Fix the build with GTK+ < 3.16. - Changes from version 2.10.6 : + Fix a deadlock in the Web Process when JavaScript garbage collector was running for a web worker thread that made google maps to hang. + Fix media controls displaying without controls attribute. + Fix a Web Process crash when quickly attempting many DnD operations. - Changes from version 2.10.5 : + Disable DNS prefetch when a proxy is configured. + Reduce the maximum simultaneous network connections to match other browsers. + Make WebKitWebView always propagate motion-notify-event signal. + Add a way to force accelerating compositing mode at runtime using an environment variable. + Fix input elements and scrollbars rendering with GTK+ 3.19. + Fix rendering of lines when using solid colors. + Fix UI process crashes related to not having a main resource response when the load is committed for pages restored from the history cache. + Fix a WebProcess crash when loading large contents with custom URI schemes API. + Fix a crash in the UI process when the WebView is destroyed while the screensaver DBus proxy is being created. + Fix WebProcess crashes due to BadDrawable X errors in accelerated compositing mode. + Fix crashes on PPC64 due to mprotect() on address not aligned to the page size. + Fix std::bad_function_call exception raised in dispatchDecidePolicyForNavigationAction. + Fix downloads of data URLs. + Fix runtime critical warnings when closing a page containing windowed plugins. + Fix several crashes and rendering issues. + Translation updates: French, German, Italian, Turkish. + Security fixes: CVE-2015-7096, CVE-2015-7098. - Update to version 2.10.4, notable changes : + New HTTP disk cache for the Network Process. + New Web Inspector UI. + Automatic ScreenServer inhibition when playing fullscreen videos. + Initial Editor API. + Performance improvements. - This update addresses the following security issues: CVE-2015-1122, CVE-2015-1152, CVE-2015-1155, CVE-2015-3660, CVE-2015-3730, CVE-2015-3738, CVE-2015-3740, CVE-2015-3742, CVE-2015-3744, CVE-2015-3746, CVE-2015-3750, CVE-2015-3751, CVE-2015-3754, CVE-2015-3755, CVE-2015-5804, CVE-2015-5805, CVE-2015-5807, CVE-2015-5810, CVE-2015-5813, CVE-2015-5814, CVE-2015-5815, CVE-2015-5817, CVE-2015-5818, CVE-2015-5825, CVE-2015-5827, CVE-2015-5828, CVE-2015-5929, CVE-2015-5930, CVE-2015-5931, CVE-2015-7002, CVE-2015-7013, CVE-2015-7014, CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7102, CVE-2015-7103, CVE-2015-7104 - Add BuildRequires: hyphen-devel to pick up hyphenation support. Note this is broken upstream. - Build with -DENABLE_DATABASE_PROCESS=OFF and -DENABLE_INDEXED_DATABASE=OFF to avoid an issue with GCC 4.8.
    last seen 2019-02-21
    modified 2016-03-16
    plugin id 89950
    published 2016-03-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89950
    title openSUSE Security Update : webkit2gtk3 (openSUSE-2016-340)
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_12_2_0_BANNER.NASL
    description The version of Apple iTunes running on the remote host is prior to 12.2. It is, therefore, affected by multiple vulnerabilities due to memory corruption issues in the WebKit component. An attacker can exploit these to cause a denial of service or execute arbitrary code. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 86600
    published 2015-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86600
    title Apple iTunes < 12.2 Multiple Vulnerabilities (uncredentialed check)
  • NASL family Windows
    NASL id ITUNES_12_3_0.NASL
    description The version of Apple iTunes installed on the remote Windows host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the bundled versions of WebKit, CoreText, the Microsoft Visual Studio C++ Redistributable Package, and ICU. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 86001
    published 2015-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86001
    title Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)
refmap via4
apple
  • APPLE-SA-2015-05-06-1
  • APPLE-SA-2015-06-30-1
  • APPLE-SA-2015-06-30-6
  • APPLE-SA-2015-09-16-3
bid 74525
confirm
sectrack 1032270
suse openSUSE-SU-2016:0761
Last major update 02-12-2016 - 22:03
Published 07-05-2015 - 20:59
Back to Top