CVE-2015-1121

Sažetak

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.

Reference

http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html
http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html
http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html
http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html
http://www.securityfocus.com/bid/73972
http://www.securitytracker.com/id/1032047
https://support.apple.com/HT204658
https://support.apple.com/HT204661
https://support.apple.com/HT204662
https://support.apple.com/kb/HT204949

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-03-2019 - 16:06

Objavljeno

10-04-2015 - 14:59