cvelistv5 - cve-2015-1152

CVE-2015-1152 (GCVE-0-2015-1152)

Vulnerability from cvelistv5 – Published: 2015-05-08 00:00 – Updated: 2024-08-06 04:33

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	https://support.apple.com/HT205221	x_refsource_CONFIRM
	https://support.apple.com/HT204826	x_refsource_CONFIRM
	http://support.apple.com/kb/HT204941	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.securityfocus.com/bid/74525	vdb-entryx_refsource_BID
	http://lists.opensuse.org/opensuse-updates/2016-0…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id/1032270	vdb-entryx_refsource_SECTRACK
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	https://support.apple.com/kb/HT204949	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:33:20.671Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205221"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT204826"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT204941"
          },
          {
            "name": "APPLE-SA-2015-06-30-6",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
          },
          {
            "name": "74525",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74525"
          },
          {
            "name": "openSUSE-SU-2016:0761",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
          },
          {
            "name": "1032270",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032270"
          },
          {
            "name": "APPLE-SA-2015-09-16-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT204949"
          },
          {
            "name": "APPLE-SA-2015-06-30-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
          },
          {
            "name": "APPLE-SA-2015-05-06-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T16:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205221"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT204826"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT204941"
        },
        {
          "name": "APPLE-SA-2015-06-30-6",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
        },
        {
          "name": "74525",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74525"
        },
        {
          "name": "openSUSE-SU-2016:0761",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
        },
        {
          "name": "1032270",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032270"
        },
        {
          "name": "APPLE-SA-2015-09-16-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT204949"
        },
        {
          "name": "APPLE-SA-2015-06-30-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
        },
        {
          "name": "APPLE-SA-2015-05-06-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2015-1152",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.apple.com/HT205221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT205221"
            },
            {
              "name": "https://support.apple.com/HT204826",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT204826"
            },
            {
              "name": "http://support.apple.com/kb/HT204941",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT204941"
            },
            {
              "name": "APPLE-SA-2015-06-30-6",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
            },
            {
              "name": "74525",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74525"
            },
            {
              "name": "openSUSE-SU-2016:0761",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
            },
            {
              "name": "1032270",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032270"
            },
            {
              "name": "APPLE-SA-2015-09-16-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
            },
            {
              "name": "https://support.apple.com/kb/HT204949",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT204949"
            },
            {
              "name": "APPLE-SA-2015-06-30-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
            },
            {
              "name": "APPLE-SA-2015-05-06-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2015-1152",
    "datePublished": "2015-05-08T00:00:00",
    "dateReserved": "2015-01-16T00:00:00",
    "dateUpdated": "2024-08-06T04:33:20.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.3\", \"matchCriteriaId\": \"EB31BE7C-CB6D-447E-AFF8-618998950FC5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.2\", \"matchCriteriaId\": \"C417D4CD-EC8C-4572-A017-F571CD6A2F78\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.2.5\", \"matchCriteriaId\": \"C2354C83-9358-405A-9336-38D43BA143AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"391B4255-4434-4EB3-929B-3E593D9CD249\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40B87D10-55B3-42E7-8FF6-93EDF003337D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49457917-495E-4D17-A0AB-D2A163D4721D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"223B13DA-9328-46C2-8426-3182D55E6669\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD636DF3-E590-4603-9D18-CC2375A97750\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0F8336F-D0F8-4337-9DF6-51B60F8A2E9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79C2EF49-A9F0-4612-903A-A3A95805277E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E1934F2-5917-4C15-8869-82C557BF430D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"845A67F0-7BE6-482C-AE49-D8E9B272BA6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB1C61F7-BAF4-4061-8B1A-D7F8D597F2D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A5C7D83-EA9E-4E26-910D-8471252723EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE29EE2D-9EA8-4486-BC3F-B0CCF9C396F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FDB5E2A-F3BD-4500-922E-A191C45DE93C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E55F641-AC7F-41AD-BB6A-F69831DAD49E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.\"}, {\"lang\": \"es\", \"value\": \"WebKit, utilizado en Apple Safari anterior a 6.2.6, 7.x anterior a 7.1.6, y 8.x anterior a 8.0.6, permite a atacantes remotos ejecutar c\\u00f3digo arbitrario o causar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de memoria y ca\\u00edda de aplicaci\\u00f3n) a trav\\u00e9s de un sitio web manipulado, una vulnerabilidad diferente a CVE-2015-1153 y CVE-2015-1154.\"}]",
      "id": "CVE-2015-1152",
      "lastModified": "2024-11-21T02:24:47.150",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2015-05-08T00:59:00.077",
      "references": "[{\"url\": \"http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/May/msg00000.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\", \"source\": \"product-security@apple.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://support.apple.com/kb/HT204941\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/74525\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://www.securitytracker.com/id/1032270\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://support.apple.com/HT204826\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT205221\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT204949\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/May/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.apple.com/kb/HT204941\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/74525\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1032270\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT204826\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT205221\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT204949\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "product-security@apple.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-1152\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2015-05-08T00:59:00.077\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.\"},{\"lang\":\"es\",\"value\":\"WebKit, utilizado en Apple Safari anterior a 6.2.6, 7.x anterior a 7.1.6, y 8.x anterior a 8.0.6, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado, una vulnerabilidad diferente a CVE-2015-1153 y CVE-2015-1154.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.3\",\"matchCriteriaId\":\"EB31BE7C-CB6D-447E-AFF8-618998950FC5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.2\",\"matchCriteriaId\":\"C417D4CD-EC8C-4572-A017-F571CD6A2F78\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.2.5\",\"matchCriteriaId\":\"C2354C83-9358-405A-9336-38D43BA143AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"391B4255-4434-4EB3-929B-3E593D9CD249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40B87D10-55B3-42E7-8FF6-93EDF003337D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49457917-495E-4D17-A0AB-D2A163D4721D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"223B13DA-9328-46C2-8426-3182D55E6669\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD636DF3-E590-4603-9D18-CC2375A97750\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0F8336F-D0F8-4337-9DF6-51B60F8A2E9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79C2EF49-A9F0-4612-903A-A3A95805277E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E1934F2-5917-4C15-8869-82C557BF430D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"845A67F0-7BE6-482C-AE49-D8E9B272BA6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB1C61F7-BAF4-4061-8B1A-D7F8D597F2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A5C7D83-EA9E-4E26-910D-8471252723EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE29EE2D-9EA8-4486-BC3F-B0CCF9C396F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FDB5E2A-F3BD-4500-922E-A191C45DE93C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E55F641-AC7F-41AD-BB6A-F69831DAD49E\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/May/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT204941\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/74525\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securitytracker.com/id/1032270\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/HT204826\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT205221\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT204949\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/May/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT204941\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/74525\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032270\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT204826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT205221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT204949\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2015-AVI-206

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple Safari. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	Safari	Safari 6.2.6
Apple	Safari	Safari 7.1.6
Apple	Safari	Safari 8.0.6

References

Title

Publication Time

Tags

Bulletin de sécurité Apple du 04 mai 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Safari 6.2.6",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari 7.1.6",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari 8.0.6",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-1156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1156"
    },
    {
      "name": "CVE-2015-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1152"
    },
    {
      "name": "CVE-2015-1154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1154"
    },
    {
      "name": "CVE-2015-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1153"
    },
    {
      "name": "CVE-2015-1155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1155"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-206",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-05-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple Safari\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0\nun attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 04 mai 2015",
      "url": "https://support.apple.com/fr-fr/HT204826"
    }
  ]
}

CERTFR-2015-AVI-272

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple iOS. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple du 30 juin 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003e\u003c/p\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-3687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3687"
    },
    {
      "name": "CVE-2015-3658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3658"
    },
    {
      "name": "CVE-2015-3686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3686"
    },
    {
      "name": "CVE-2013-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1741"
    },
    {
      "name": "CVE-2015-1156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1156"
    },
    {
      "name": "CVE-2015-3685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3685"
    },
    {
      "name": "CVE-2014-8130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8130"
    },
    {
      "name": "CVE-2015-3690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3690"
    },
    {
      "name": "CVE-2014-8129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8129"
    },
    {
      "name": "CVE-2015-3724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3724"
    },
    {
      "name": "CVE-2015-3725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3725"
    },
    {
      "name": "CVE-2015-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1152"
    },
    {
      "name": "CVE-2015-3689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3689"
    },
    {
      "name": "CVE-2015-3710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3710"
    },
    {
      "name": "CVE-2015-4000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4000"
    },
    {
      "name": "CVE-2015-3694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3694"
    },
    {
      "name": "CVE-2014-8128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8128"
    },
    {
      "name": "CVE-2015-3719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3719"
    },
    {
      "name": "CVE-2015-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1153"
    },
    {
      "name": "CVE-2015-3721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3721"
    },
    {
      "name": "CVE-2015-3684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3684"
    },
    {
      "name": "CVE-2015-3723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3723"
    },
    {
      "name": "CVE-2015-3659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3659"
    },
    {
      "name": "CVE-2015-3688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3688"
    },
    {
      "name": "CVE-2015-3717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3717"
    },
    {
      "name": "CVE-2015-3722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3722"
    },
    {
      "name": "CVE-2015-1155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1155"
    },
    {
      "name": "CVE-2015-1157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1157"
    },
    {
      "name": "CVE-2015-3726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3726"
    },
    {
      "name": "CVE-2014-8127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8127"
    },
    {
      "name": "CVE-2015-3703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3703"
    },
    {
      "name": "CVE-2015-3727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3727"
    },
    {
      "name": "CVE-2015-3728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3728"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-272",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-07-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple iOS\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 30 juin 2015",
      "url": "https://support.apple.com/en-us/HT204941"
    }
  ]
}

CERTFR-2015-AVI-398

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple iTunes. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iTunes version antérieure à 12.3

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT205221 du 16 septembre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple iTunes version ant\u00e9rieure \u00e0 12.3\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-3687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3687"
    },
    {
      "name": "CVE-2015-3686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3686"
    },
    {
      "name": "CVE-2015-5817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5817"
    },
    {
      "name": "CVE-2015-3743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3743"
    },
    {
      "name": "CVE-2015-5793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5793"
    },
    {
      "name": "CVE-2015-3734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3734"
    },
    {
      "name": "CVE-2015-5816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5816"
    },
    {
      "name": "CVE-2015-5797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5797"
    },
    {
      "name": "CVE-2015-5815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5815"
    },
    {
      "name": "CVE-2015-3733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3733"
    },
    {
      "name": "CVE-2015-5792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5792"
    },
    {
      "name": "CVE-2015-5798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5798"
    },
    {
      "name": "CVE-2015-3744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3744"
    },
    {
      "name": "CVE-2015-5808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5808"
    },
    {
      "name": "CVE-2015-5822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5822"
    },
    {
      "name": "CVE-2015-3749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3749"
    },
    {
      "name": "CVE-2015-3731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3731"
    },
    {
      "name": "CVE-2015-3745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3745"
    },
    {
      "name": "CVE-2015-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1152"
    },
    {
      "name": "CVE-2015-3746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3746"
    },
    {
      "name": "CVE-2015-5874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5874"
    },
    {
      "name": "CVE-2015-5789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5789"
    },
    {
      "name": "CVE-2015-3730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3730"
    },
    {
      "name": "CVE-2015-5806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5806"
    },
    {
      "name": "CVE-2015-3738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3738"
    },
    {
      "name": "CVE-2015-5805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5805"
    },
    {
      "name": "CVE-2015-5811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5811"
    },
    {
      "name": "CVE-2015-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1153"
    },
    {
      "name": "CVE-2015-3747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3747"
    },
    {
      "name": "CVE-2015-3740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3740"
    },
    {
      "name": "CVE-2015-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1205"
    },
    {
      "name": "CVE-2010-3190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3190"
    },
    {
      "name": "CVE-2015-5819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5819"
    },
    {
      "name": "CVE-2015-5810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5810"
    },
    {
      "name": "CVE-2015-5804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5804"
    },
    {
      "name": "CVE-2015-5761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5761"
    },
    {
      "name": "CVE-2015-5818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5818"
    },
    {
      "name": "CVE-2015-5807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5807"
    },
    {
      "name": "CVE-2015-5802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5802"
    },
    {
      "name": "CVE-2015-5814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5814"
    },
    {
      "name": "CVE-2015-3688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3688"
    },
    {
      "name": "CVE-2015-3739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3739"
    },
    {
      "name": "CVE-2015-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3736"
    },
    {
      "name": "CVE-2015-5920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5920"
    },
    {
      "name": "CVE-2015-5803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5803"
    },
    {
      "name": "CVE-2015-5812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5812"
    },
    {
      "name": "CVE-2015-5791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5791"
    },
    {
      "name": "CVE-2015-5755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5755"
    },
    {
      "name": "CVE-2015-5823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5823"
    },
    {
      "name": "CVE-2015-1157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1157"
    },
    {
      "name": "CVE-2015-5801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5801"
    },
    {
      "name": "CVE-2015-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3737"
    },
    {
      "name": "CVE-2015-5800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5800"
    },
    {
      "name": "CVE-2015-5813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5813"
    },
    {
      "name": "CVE-2015-5795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5795"
    },
    {
      "name": "CVE-2015-5799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5799"
    },
    {
      "name": "CVE-2015-5794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5794"
    },
    {
      "name": "CVE-2015-5790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5790"
    },
    {
      "name": "CVE-2015-5809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5809"
    },
    {
      "name": "CVE-2015-5796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5796"
    },
    {
      "name": "CVE-2015-5821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5821"
    },
    {
      "name": "CVE-2015-3748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3748"
    },
    {
      "name": "CVE-2014-8146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8146"
    },
    {
      "name": "CVE-2015-3741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3741"
    },
    {
      "name": "CVE-2015-3735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3735"
    },
    {
      "name": "CVE-2015-3742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3742"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-398",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-09-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple iTunes\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT205221 du 16 septembre 2015",
      "url": "https://support.apple.com/fr-fr/HT205221"
    }
  ]
}

CERTFR-2015-AVI-275

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple iTunes. Elles permettent à un attaquant de provoquer une exécution de code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

iTunes versions antérieures à 12.2

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT204949 du 01 juillet 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eiTunes versions ant\u00e9rieures \u00e0 12.2\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1076"
    },
    {
      "name": "CVE-2015-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1073"
    },
    {
      "name": "CVE-2015-1075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1075"
    },
    {
      "name": "CVE-2014-4452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4452"
    },
    {
      "name": "CVE-2015-1122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1122"
    },
    {
      "name": "CVE-2015-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1078"
    },
    {
      "name": "CVE-2014-4469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4469"
    },
    {
      "name": "CVE-2015-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1074"
    },
    {
      "name": "CVE-2015-1070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1070"
    },
    {
      "name": "CVE-2014-4479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4479"
    },
    {
      "name": "CVE-2015-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1077"
    },
    {
      "name": "CVE-2015-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1152"
    },
    {
      "name": "CVE-2014-4459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4459"
    },
    {
      "name": "CVE-2015-1154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1154"
    },
    {
      "name": "CVE-2014-4470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4470"
    },
    {
      "name": "CVE-2015-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1081"
    },
    {
      "name": "CVE-2015-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1079"
    },
    {
      "name": "CVE-2014-3192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3192"
    },
    {
      "name": "CVE-2015-1068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1068"
    },
    {
      "name": "CVE-2015-1120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1120"
    },
    {
      "name": "CVE-2015-1082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1082"
    },
    {
      "name": "CVE-2015-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1153"
    },
    {
      "name": "CVE-2014-4471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4471"
    },
    {
      "name": "CVE-2015-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1071"
    },
    {
      "name": "CVE-2014-4475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4475"
    },
    {
      "name": "CVE-2015-1072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1072"
    },
    {
      "name": "CVE-2015-1080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1080"
    },
    {
      "name": "CVE-2014-4473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4473"
    },
    {
      "name": "CVE-2014-4468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4468"
    },
    {
      "name": "CVE-2014-4474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4474"
    },
    {
      "name": "CVE-2014-4466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4466"
    },
    {
      "name": "CVE-2014-4472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4472"
    },
    {
      "name": "CVE-2015-1119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1119"
    },
    {
      "name": "CVE-2014-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4476"
    },
    {
      "name": "CVE-2015-1124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1124"
    },
    {
      "name": "CVE-2015-1121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1121"
    },
    {
      "name": "CVE-2014-4477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4477"
    },
    {
      "name": "CVE-2015-1083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1083"
    },
    {
      "name": "CVE-2015-1069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1069"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-275",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-07-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple iTunes\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT204949 du 01 juillet 2015",
      "url": "https://support.apple.com/en-us/HT204949"
    }
  ]
}

CERTFR-2015-AVI-398

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iTunes version antérieure à 12.3

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT205221 du 16 septembre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple iTunes version ant\u00e9rieure \u00e0 12.3\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-3687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3687"
    },
    {
      "name": "CVE-2015-3686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3686"
    },
    {
      "name": "CVE-2015-5817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5817"
    },
    {
      "name": "CVE-2015-3743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3743"
    },
    {
      "name": "CVE-2015-5793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5793"
    },
    {
      "name": "CVE-2015-3734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3734"
    },
    {
      "name": "CVE-2015-5816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5816"
    },
    {
      "name": "CVE-2015-5797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5797"
    },
    {
      "name": "CVE-2015-5815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5815"
    },
    {
      "name": "CVE-2015-3733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3733"
    },
    {
      "name": "CVE-2015-5792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5792"
    },
    {
      "name": "CVE-2015-5798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5798"
    },
    {
      "name": "CVE-2015-3744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3744"
    },
    {
      "name": "CVE-2015-5808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5808"
    },
    {
      "name": "CVE-2015-5822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5822"
    },
    {
      "name": "CVE-2015-3749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3749"
    },
    {
      "name": "CVE-2015-3731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3731"
    },
    {
      "name": "CVE-2015-3745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3745"
    },
    {
      "name": "CVE-2015-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1152"
    },
    {
      "name": "CVE-2015-3746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3746"
    },
    {
      "name": "CVE-2015-5874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5874"
    },
    {
      "name": "CVE-2015-5789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5789"
    },
    {
      "name": "CVE-2015-3730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3730"
    },
    {
      "name": "CVE-2015-5806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5806"
    },
    {
      "name": "CVE-2015-3738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3738"
    },
    {
      "name": "CVE-2015-5805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5805"
    },
    {
      "name": "CVE-2015-5811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5811"
    },
    {
      "name": "CVE-2015-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1153"
    },
    {
      "name": "CVE-2015-3747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3747"
    },
    {
      "name": "CVE-2015-3740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3740"
    },
    {
      "name": "CVE-2015-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1205"
    },
    {
      "name": "CVE-2010-3190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3190"
    },
    {
      "name": "CVE-2015-5819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5819"
    },
    {
      "name": "CVE-2015-5810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5810"
    },
    {
      "name": "CVE-2015-5804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5804"
    },
    {
      "name": "CVE-2015-5761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5761"
    },
    {
      "name": "CVE-2015-5818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5818"
    },
    {
      "name": "CVE-2015-5807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5807"
    },
    {
      "name": "CVE-2015-5802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5802"
    },
    {
      "name": "CVE-2015-5814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5814"
    },
    {
      "name": "CVE-2015-3688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3688"
    },
    {
      "name": "CVE-2015-3739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3739"
    },
    {
      "name": "CVE-2015-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3736"
    },
    {
      "name": "CVE-2015-5920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5920"
    },
    {
      "name": "CVE-2015-5803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5803"
    },
    {
      "name": "CVE-2015-5812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5812"
    },
    {
      "name": "CVE-2015-5791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5791"
    },
    {
      "name": "CVE-2015-5755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5755"
    },
    {
      "name": "CVE-2015-5823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5823"
    },
    {
      "name": "CVE-2015-1157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1157"
    },
    {
      "name": "CVE-2015-5801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5801"
    },
    {
      "name": "CVE-2015-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3737"
    },
    {
      "name": "CVE-2015-5800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5800"
    },
    {
      "name": "CVE-2015-5813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5813"
    },
    {
      "name": "CVE-2015-5795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5795"
    },
    {
      "name": "CVE-2015-5799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5799"
    },
    {
      "name": "CVE-2015-5794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5794"
    },
    {
      "name": "CVE-2015-5790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5790"
    },
    {
      "name": "CVE-2015-5809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5809"
    },
    {
      "name": "CVE-2015-5796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5796"
    },
    {
      "name": "CVE-2015-5821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5821"
    },
    {
      "name": "CVE-2015-3748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3748"
    },
    {
      "name": "CVE-2014-8146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8146"
    },
    {
      "name": "CVE-2015-3741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3741"
    },
    {
      "name": "CVE-2015-3735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3735"
    },
    {
      "name": "CVE-2015-3742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3742"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-398",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-09-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple iTunes\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT205221 du 16 septembre 2015",
      "url": "https://support.apple.com/fr-fr/HT205221"
    }
  ]
}

CERTFR-2015-AVI-272

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple du 30 juin 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003e\u003c/p\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-3687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3687"
    },
    {
      "name": "CVE-2015-3658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3658"
    },
    {
      "name": "CVE-2015-3686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3686"
    },
    {
      "name": "CVE-2013-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1741"
    },
    {
      "name": "CVE-2015-1156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1156"
    },
    {
      "name": "CVE-2015-3685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3685"
    },
    {
      "name": "CVE-2014-8130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8130"
    },
    {
      "name": "CVE-2015-3690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3690"
    },
    {
      "name": "CVE-2014-8129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8129"
    },
    {
      "name": "CVE-2015-3724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3724"
    },
    {
      "name": "CVE-2015-3725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3725"
    },
    {
      "name": "CVE-2015-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1152"
    },
    {
      "name": "CVE-2015-3689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3689"
    },
    {
      "name": "CVE-2015-3710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3710"
    },
    {
      "name": "CVE-2015-4000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4000"
    },
    {
      "name": "CVE-2015-3694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3694"
    },
    {
      "name": "CVE-2014-8128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8128"
    },
    {
      "name": "CVE-2015-3719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3719"
    },
    {
      "name": "CVE-2015-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1153"
    },
    {
      "name": "CVE-2015-3721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3721"
    },
    {
      "name": "CVE-2015-3684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3684"
    },
    {
      "name": "CVE-2015-3723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3723"
    },
    {
      "name": "CVE-2015-3659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3659"
    },
    {
      "name": "CVE-2015-3688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3688"
    },
    {
      "name": "CVE-2015-3717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3717"
    },
    {
      "name": "CVE-2015-3722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3722"
    },
    {
      "name": "CVE-2015-1155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1155"
    },
    {
      "name": "CVE-2015-1157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1157"
    },
    {
      "name": "CVE-2015-3726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3726"
    },
    {
      "name": "CVE-2014-8127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8127"
    },
    {
      "name": "CVE-2015-3703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3703"
    },
    {
      "name": "CVE-2015-3727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3727"
    },
    {
      "name": "CVE-2015-3728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3728"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-272",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-07-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple iOS\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 30 juin 2015",
      "url": "https://support.apple.com/en-us/HT204941"
    }
  ]
}

CERTFR-2015-AVI-275

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple iTunes. Elles permettent à un attaquant de provoquer une exécution de code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

iTunes versions antérieures à 12.2

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT204949 du 01 juillet 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eiTunes versions ant\u00e9rieures \u00e0 12.2\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1076"
    },
    {
      "name": "CVE-2015-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1073"
    },
    {
      "name": "CVE-2015-1075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1075"
    },
    {
      "name": "CVE-2014-4452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4452"
    },
    {
      "name": "CVE-2015-1122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1122"
    },
    {
      "name": "CVE-2015-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1078"
    },
    {
      "name": "CVE-2014-4469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4469"
    },
    {
      "name": "CVE-2015-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1074"
    },
    {
      "name": "CVE-2015-1070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1070"
    },
    {
      "name": "CVE-2014-4479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4479"
    },
    {
      "name": "CVE-2015-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1077"
    },
    {
      "name": "CVE-2015-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1152"
    },
    {
      "name": "CVE-2014-4459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4459"
    },
    {
      "name": "CVE-2015-1154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1154"
    },
    {
      "name": "CVE-2014-4470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4470"
    },
    {
      "name": "CVE-2015-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1081"
    },
    {
      "name": "CVE-2015-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1079"
    },
    {
      "name": "CVE-2014-3192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3192"
    },
    {
      "name": "CVE-2015-1068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1068"
    },
    {
      "name": "CVE-2015-1120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1120"
    },
    {
      "name": "CVE-2015-1082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1082"
    },
    {
      "name": "CVE-2015-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1153"
    },
    {
      "name": "CVE-2014-4471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4471"
    },
    {
      "name": "CVE-2015-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1071"
    },
    {
      "name": "CVE-2014-4475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4475"
    },
    {
      "name": "CVE-2015-1072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1072"
    },
    {
      "name": "CVE-2015-1080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1080"
    },
    {
      "name": "CVE-2014-4473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4473"
    },
    {
      "name": "CVE-2014-4468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4468"
    },
    {
      "name": "CVE-2014-4474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4474"
    },
    {
      "name": "CVE-2014-4466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4466"
    },
    {
      "name": "CVE-2014-4472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4472"
    },
    {
      "name": "CVE-2015-1119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1119"
    },
    {
      "name": "CVE-2014-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4476"
    },
    {
      "name": "CVE-2015-1124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1124"
    },
    {
      "name": "CVE-2015-1121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1121"
    },
    {
      "name": "CVE-2014-4477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4477"
    },
    {
      "name": "CVE-2015-1083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1083"
    },
    {
      "name": "CVE-2015-1069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1069"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-275",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-07-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple iTunes\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT204949 du 01 juillet 2015",
      "url": "https://support.apple.com/en-us/HT204949"
    }
  ]
}

CERTFR-2015-AVI-206

Vulnerability from certfr_avis - Published: - Updated:

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	Safari	Safari 6.2.6
Apple	Safari	Safari 7.1.6
Apple	Safari	Safari 8.0.6

References

Title

Publication Time

Tags

Bulletin de sécurité Apple du 04 mai 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Safari 6.2.6",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari 7.1.6",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari 8.0.6",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-1156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1156"
    },
    {
      "name": "CVE-2015-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1152"
    },
    {
      "name": "CVE-2015-1154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1154"
    },
    {
      "name": "CVE-2015-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1153"
    },
    {
      "name": "CVE-2015-1155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1155"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-206",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-05-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple Safari\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0\nun attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 04 mai 2015",
      "url": "https://support.apple.com/fr-fr/HT204826"
    }
  ]
}

VAR-201505-0081

Vulnerability from variot - Updated: 2023-12-18 11:07

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. The following versions are affected: Apple Safari prior to 6.2.6, 7.x prior to 7.1.6, and 8.x prior to 8.0.6. Miller of Google CVE-2015-5823 : Apple

Software Update Impact: An attacker in a privileged network position may be able to obtain encrypted SMB credentials Description: A redirection issue existed in the handling of certain network connections. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

APPLE-SA-2015-06-30-1 iOS 8.4

iOS 8.4 is now available and addresses the following:

Application Store Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious universal provisioning profile app may prevent apps from launching Description: An issue existed in the install logic for universal provisioning profile apps, which allowed a collision to occur with existing bundle IDs. This issue was addressed through improved collision checking. CVE-ID CVE-2015-3722 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from FireEye, Inc.

Certificate Trust Policy Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to intercept network traffic Description: An intermediate certificate was incorrectly issued by the certificate authority CNNIC. This issue was addressed through the addition of a mechanism to trust only a subset of certificates issued prior to the mis-issuance of the intermediate. Further details are available at https://support.apple.com/en-us/HT204938

Certificate Trust Policy Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT204132

CFNetwork HTTPAuthentication Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Following a maliciously crafted URL may lead to arbitrary code execution Description: A memory corruption issue existed in handling of certain URL credentials. This issue was addressed with improved memory handling. CVE-ID CVE-2015-3684 : Apple

CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of ICC profiles. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3723 : chaithanya (SegFault) working with HP's Zero Day Initiative CVE-2015-3724 : WanderingGlitch of HP's Zero Day Initiative

CoreText Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted text file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-1157 CVE-2015-3685 : Apple CVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3689 : Apple

coreTLS Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: coreTLS accepted short ephemeral Diffie-Hellman (DH) keys, as used in export-strength ephemeral DH cipher suites. This issue, also known as Logjam, allowed an attacker with a privileged network position to downgrade security to 512-bit DH if the server supported an export-strength ephemeral DH cipher suite. The issue was addressed by increasing the default minimum size allowed for DH ephemeral keys to 768 bits. CVE-ID CVE-2015-4000 : The weakdh team at weakdh.org, Hanno Boeck

DiskImages Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue existed in the processing of disk images. This issue was addressed through improved memory management. CVE-ID CVE-2015-3690 : Peter Rutenbar working with HP's Zero Day Initiative

FontParser Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of font files. These issues were addressed through improved input validation. CVE-ID CVE-2015-3694 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3719 : John Villamil (@day6reak), Yahoo Pentest Team

ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted .tiff file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of .tiff files. This issue was addressed with improved bounds checking. CVE-ID CVE-2015-3703 : Apple

ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities exist in libtiff, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in libtiff versions prior to 4.0.4. They were addressed by updating libtiff to version 4.0.4. CVE-ID CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130

Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to determine kernel memory layout Description: A memory management issue existed in the handling of HFS parameters which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management. CVE-ID CVE-2015-3721 : Ian Beer of Google Project Zero

Mail Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted email can replace the message content with an arbitrary webpage when the message is viewed Description: An issue existed in the support for HTML email which allowed message content to be refreshed with an arbitrary webpage. The issue was addressed through restricted support for HTML content. CVE-ID CVE-2015-3710 : Aaron Sigel of vtty.com, Jan Soucek

MobileInstallation Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious universal provisioning profile app can prevent a Watch app from launching Description: An issue existed in the install logic for universal provisioning profile apps on the Watch which allowed a collision to occur with existing bundle IDs. This issue was addressed through improved collision checking. CVE-ID CVE-2015-3725 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from FireEye, Inc.

Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may compromise user information on the filesystem Description: A state management issue existed in Safari that allowed unprivileged origins to access contents on the filesystem. This issue was addressed through improved state management. CVE-ID CVE-2015-1155 : Joe Vennix of Rapid7 Inc. working with HP's Zero Day Initiative

Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to account takeover Description: An issue existed where Safari would preserve the Origin request header for cross-origin redirects, allowing malicious websites to circumvent CSRF protections. The issue was addressed through improved handling of redirects. CVE-ID CVE-2015-3658 : Brad Hill of Facebook

Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the Security framework code for parsing S/MIME e-mail and some other signed or encrypted objects. This issue was addressed through improved validity checking. CVE-ID CVE-2013-1741

SQLite Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: Multiple buffer overflows existed in SQLite's printf implementation. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-3717 : Peter Rutenbar working with HP's Zero Day Initiative

Telephony Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Maliciously crafted SIM cards may lead to arbitrary code execution Description: Multiple input validation issues existed in the parsing of SIM/UIM payloads. These issues were addressed through improved payload validation. CVE-ID CVE-2015-3726 : Matt Spisak of Endgame

WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: An issue existed in the handling of the rel attribute in anchor elements. Target objects could get unauthorized access to link objects. This issue was addressed through improved link type adherence. CVE-ID CVE-2015-1156 : Zachary Durber of Moodle

WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-1152 : Apple CVE-2015-1153 : Apple

WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted webpage may lead to an unexpected application termination or arbitrary code execution Description: An insufficient comparison issue existed in SQLite authorizer which allowed invocation of arbitrary SQL functions. This issue was addressed with improved authorization checks. CVE-ID CVE-2015-3659 : Peter Rutenbar working with HP's Zero Day Initiative

WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted website can access the WebSQL databases of other websites Description: An issue existed in the authorization checks for renaming WebSQL tables which could have allowed a maliciously crafted website to access databases belonging to other websites. This was addressed through improved authorization checks. CVE-ID CVE-2015-3727 : Peter Rutenbar working with HP's Zero Day Initiative

WiFi Connectivity Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: iOS devices may auto-associate with untrusted access points advertising a known ESSID but with a downgraded security type Description: An insufficient comparison issue existed in WiFi manager's evaluation of known access point advertisements. This issue was addressed through improved matching of security parameters. CVE-ID CVE-2015-3728 : Brian W. Gray of Carnegie Mellon University, Craig Young from TripWire

Installation note:

This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

Navigate to Settings
Select General
Select About. The version after applying this update will be "8.4".

Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJVkr+6AAoJEBcWfLTuOo7tfDwP/1db2KLgQP+Pyb6av5awgS4m hQul1ihU0JO8jAI2ww345v6jMFq7MIAs82DobbRwqtI97aTep5bieqr5qUautlFz NtC4VQ5PsAyEoTo0cOSpvFOV3av6BdwFeNTI4w39n+bvKn6YUSJD0zswknUtI/G7 lpFx/KxvKBkXBhWWCg3cyVlo3Jap88svlyh9MZ+C0BYFyjZ+ZjYMlDZ6FdzRyBxI 4RHaXUFrtMQk3JAeIadSbevOH2mUwlCB9vDmFOC5BFTrMYV8nd3gyXMy924wLQli l3gtx+Kgq3+i71Zay7HGmshv06vZop8X82fC/lNZmTQFfNABLLug0ve0tLH9+IRm 516Yb4UxUZ51Pnhbv1wvwqATGoJpK4oFXHsTx0rCVpkcxGMLmeYRyaxQYBUzh+ns +9tcuqIBsvVudY8LGAF4yUxkmt2K5N6mqu9x+KqVmiI9M7DbBoc+AUNVJpoiEGmt qB/eqkpGYKvHal3UEV6P3sSM3gBrzb5aFYNa8R31/cE8U+INeKTwd99KNoixJa9y /rNOSnuwKsuD33NFUpOJo/MW70ts3BrjN8eIvtnZ7/GHVljkQde7LCCJ2k2iQWTW lp+C5jWsR/2qXoCkG1p2oipBP/2OKo9wRzklkOo+1LJiWY18r/FlRMWqfkFUyMrK +NEpxWhe8ytzIFIkrXDt =iv++ -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201505-0081",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "apple",
        "version": "12.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "8.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.1.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "8.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "8.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "8.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.1.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "7.1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "8.0.3"
      },
      {
        "model": "itunes",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "12.2"
      },
      {
        "model": "safari",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.2.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.0.0"
      },
      {
        "model": "iphone os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "apple",
        "version": "6.2.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.2.6"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(ipad 2 or later )"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.1.6"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x yosemite v10.10.3)"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.4"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.x (os x yosemite v10.10.3)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x mountain lion v10.8.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x yosemite v10.10.3)"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.0.6"
      },
      {
        "model": "itunes",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(windows 7) (ht204949)"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(iphone 4s or later )"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x mountain lion v10.8.5)"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(ipod touch first  5 after generation )"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.x (os x mountain lion v10.8.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(os x mavericks v10.9.5)"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x (os x mavericks v10.9.5)"
      },
      {
        "model": "itunes",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(windows 7 or later ) (ht205221)"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "12.3"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.x (os x mavericks v10.9.5)"
      },
      {
        "model": "itunes",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "(windows 8) (ht204949)"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.4.0.80"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.0.2.20"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.4.1.10"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1.6"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.2.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.1.8"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.2"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4.8"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.2.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.31"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.2.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1.1.4"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.6.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.3.1"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.7.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2.2"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "itunes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "12.3"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "64"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1.1"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.8.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1.3"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.2.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.7.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.7"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.7.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.4"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.8.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0.2"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.8"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.4.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.5"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.6.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.34"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.7.4"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.2.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.2.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "itunes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "12.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2.2.12"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5.1.42"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "12.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4.7"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.6.6"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0.4"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.7.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.52"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.6.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.31"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.28"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0.3"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.0.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.3.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.8"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.1.1"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0.3"
      },
      {
        "model": "ios for developer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.10"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.6.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.2.2"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.6"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.2.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.33"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.0.163"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.30"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.10"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.72"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6.1.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "11.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "9.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.6.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "8.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.2.2"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.8.4"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "webkitgtk+ team webkitgtk+",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "the",
        "version": "2.4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "74525"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1152"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201505-050"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.2.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-1152"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple",
    "sources": [
      {
        "db": "BID",
        "id": "74525"
      },
      {
        "db": "PACKETSTORM",
        "id": "133618"
      },
      {
        "db": "PACKETSTORM",
        "id": "132517"
      },
      {
        "db": "PACKETSTORM",
        "id": "131803"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2015-1152",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2015-1152",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-79113",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-1152",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201505-050",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-79113",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-1152",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79113"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-1152"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1152"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201505-050"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154. Apple Safari Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. The following versions are affected: Apple Safari prior to 6.2.6, 7.x prior to 7.1.6, and 8.x prior to 8.0.6. Miller of Google\nCVE-2015-5823 : Apple\n\nSoftware Update\nImpact:  An attacker in a privileged network position may be able to\nobtain encrypted SMB credentials\nDescription:  A redirection issue existed in the handling of certain\nnetwork connections. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-06-30-1 iOS 8.4\n\niOS 8.4 is now available and addresses the following:\n\nApplication Store\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious universal provisioning profile app may prevent\napps from launching\nDescription:  An issue existed in the install logic for universal\nprovisioning profile apps, which allowed a collision to occur with\nexisting bundle IDs. This issue was addressed through improved\ncollision checking. \nCVE-ID\nCVE-2015-3722 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from\nFireEye, Inc. \n\nCertificate Trust Policy\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker with a privileged network position may be able\nto intercept network traffic\nDescription:  An intermediate certificate was incorrectly issued by\nthe certificate authority CNNIC. This issue was addressed through the\naddition of a mechanism to trust only a subset of certificates issued\nprior to the mis-issuance of the intermediate. Further details are\navailable at https://support.apple.com/en-us/HT204938\n\nCertificate Trust Policy\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Update to the certificate trust policy\nDescription:  The certificate trust policy was updated. The complete\nlist of certificates may be viewed at https://support.apple.com/en-\nus/HT204132\n\nCFNetwork HTTPAuthentication\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Following a maliciously crafted URL may lead to arbitrary\ncode execution\nDescription:  A memory corruption issue existed in handling of\ncertain URL credentials. This issue was addressed with improved\nmemory handling. \nCVE-ID\nCVE-2015-3684 : Apple\n\nCoreGraphics\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in the\nhandling of ICC profiles. These issues were addressed through\nimproved memory handling. \nCVE-ID\nCVE-2015-3723 : chaithanya (SegFault) working with HP\u0027s Zero Day\nInitiative\nCVE-2015-3724 : WanderingGlitch of HP\u0027s Zero Day Initiative\n\nCoreText\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Processing a maliciously crafted text file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in the\nprocessing of text files. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2015-1157\nCVE-2015-3685 : Apple\nCVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3689 : Apple\n\ncoreTLS\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker with a privileged network position may intercept\nSSL/TLS connections\nDescription:  coreTLS accepted short ephemeral Diffie-Hellman (DH)\nkeys, as used in export-strength ephemeral DH cipher suites. This\nissue, also known as Logjam, allowed an attacker with a privileged\nnetwork position to downgrade security to 512-bit DH if the server\nsupported an export-strength ephemeral DH cipher suite. The issue was\naddressed by increasing the default minimum size allowed for DH\nephemeral keys to 768 bits. \nCVE-ID\nCVE-2015-4000 : The weakdh team at weakdh.org, Hanno Boeck\n\nDiskImages\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to determine kernel\nmemory layout\nDescription:  An information disclosure issue existed in the\nprocessing of disk images. This issue was addressed through improved\nmemory management. \nCVE-ID\nCVE-2015-3690 : Peter Rutenbar working with HP\u0027s Zero Day Initiative\n\nFontParser\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in the\nprocessing of font files. These issues were addressed through\nimproved input validation. \nCVE-ID\nCVE-2015-3694 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3719 : John Villamil (@day6reak), Yahoo Pentest Team\n\nImageIO\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Processing a maliciously crafted .tiff file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in the processing of\n.tiff files. This issue was addressed with improved bounds checking. \nCVE-ID\nCVE-2015-3703 : Apple\n\nImageIO\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Multiple vulnerabilities exist in libtiff, the most serious\nof which may lead to arbitrary code execution\nDescription:  Multiple vulnerabilities existed in libtiff versions\nprior to 4.0.4. They were addressed by updating libtiff to version\n4.0.4. \nCVE-ID\nCVE-2014-8127\nCVE-2014-8128\nCVE-2014-8129\nCVE-2014-8130\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to determine kernel\nmemory layout\nDescription:  A memory management issue existed in the handling of\nHFS parameters which could have led to the disclosure of kernel\nmemory layout. This issue was addressed through improved memory\nmanagement. \nCVE-ID\nCVE-2015-3721 : Ian Beer of Google Project Zero\n\nMail\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A maliciously crafted email can replace the message content\nwith an arbitrary webpage when the message is viewed\nDescription:  An issue existed in the support for HTML email which\nallowed message content to be refreshed with an arbitrary webpage. \nThe issue was addressed through restricted support for HTML content. \nCVE-ID\nCVE-2015-3710 : Aaron Sigel of vtty.com, Jan Soucek\n\nMobileInstallation\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious universal provisioning profile app can prevent a\nWatch app from launching\nDescription:  An issue existed in the install logic for universal\nprovisioning profile apps on the Watch which allowed a collision to\noccur with existing bundle IDs. This issue was addressed through\nimproved collision checking. \nCVE-ID\nCVE-2015-3725 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from\nFireEye, Inc. \n\nSafari\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may compromise user\ninformation on the filesystem\nDescription:  A state management issue existed in Safari that allowed\nunprivileged origins to access contents on the filesystem. This issue\nwas addressed through improved state management. \nCVE-ID\nCVE-2015-1155 : Joe Vennix of Rapid7 Inc. working with HP\u0027s Zero Day\nInitiative\n\n\nSafari\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to account\ntakeover\nDescription:  An issue existed where Safari would preserve the Origin\nrequest header for cross-origin redirects, allowing malicious\nwebsites to circumvent CSRF protections. The issue was addressed\nthrough improved handling of redirects. \nCVE-ID\nCVE-2015-3658 : Brad Hill of Facebook\n\nSecurity\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A remote attacker may cause an unexpected application\ntermination or arbitrary code execution\nDescription:  An integer overflow existed in the Security framework\ncode for parsing S/MIME e-mail and some other signed or encrypted\nobjects. This issue was addressed through improved validity checking. \nCVE-ID\nCVE-2013-1741\n\nSQLite\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A remote attacker may cause an unexpected application\ntermination or arbitrary code execution\nDescription:  Multiple buffer overflows existed in SQLite\u0027s printf\nimplementation. These issues were addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-3717 : Peter Rutenbar working with HP\u0027s Zero Day Initiative\n\nTelephony\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Maliciously crafted SIM cards may lead to arbitrary code\nexecution\nDescription:  Multiple input validation issues existed in the parsing\nof SIM/UIM payloads. These issues were addressed through improved\npayload validation. \nCVE-ID\nCVE-2015-3726 : Matt Spisak of Endgame\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a malicious website by clicking a link may lead to\nuser interface spoofing\nDescription:  An issue existed in the handling of the rel attribute\nin anchor elements. Target objects could get unauthorized access to\nlink objects. This issue was addressed through improved link type\nadherence. \nCVE-ID\nCVE-2015-1156 : Zachary Durber of Moodle\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-1152 : Apple\nCVE-2015-1153 : Apple\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted webpage may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  An insufficient comparison issue existed in SQLite\nauthorizer which allowed invocation of arbitrary SQL functions. This\nissue was addressed with improved authorization checks. \nCVE-ID\nCVE-2015-3659 : Peter Rutenbar working with HP\u0027s Zero Day Initiative\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A maliciously crafted website can access the WebSQL\ndatabases of other websites\nDescription:  An issue existed in the authorization checks for\nrenaming WebSQL tables which could have allowed a maliciously crafted\nwebsite to access databases belonging to other websites. This was\naddressed through improved authorization checks. \nCVE-ID\nCVE-2015-3727 : Peter Rutenbar working with HP\u0027s Zero Day Initiative\n\nWiFi Connectivity\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  iOS devices may auto-associate with untrusted access points\nadvertising a known ESSID but with a downgraded security type\nDescription:  An insufficient comparison issue existed in WiFi\nmanager\u0027s evaluation of known access point advertisements. This issue\nwas addressed through improved matching of security parameters. \nCVE-ID\nCVE-2015-3728 : Brian W. Gray of Carnegie Mellon University, Craig\nYoung from TripWire\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"8.4\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJVkr+6AAoJEBcWfLTuOo7tfDwP/1db2KLgQP+Pyb6av5awgS4m\nhQul1ihU0JO8jAI2ww345v6jMFq7MIAs82DobbRwqtI97aTep5bieqr5qUautlFz\nNtC4VQ5PsAyEoTo0cOSpvFOV3av6BdwFeNTI4w39n+bvKn6YUSJD0zswknUtI/G7\nlpFx/KxvKBkXBhWWCg3cyVlo3Jap88svlyh9MZ+C0BYFyjZ+ZjYMlDZ6FdzRyBxI\n4RHaXUFrtMQk3JAeIadSbevOH2mUwlCB9vDmFOC5BFTrMYV8nd3gyXMy924wLQli\nl3gtx+Kgq3+i71Zay7HGmshv06vZop8X82fC/lNZmTQFfNABLLug0ve0tLH9+IRm\n516Yb4UxUZ51Pnhbv1wvwqATGoJpK4oFXHsTx0rCVpkcxGMLmeYRyaxQYBUzh+ns\n+9tcuqIBsvVudY8LGAF4yUxkmt2K5N6mqu9x+KqVmiI9M7DbBoc+AUNVJpoiEGmt\nqB/eqkpGYKvHal3UEV6P3sSM3gBrzb5aFYNa8R31/cE8U+INeKTwd99KNoixJa9y\n/rNOSnuwKsuD33NFUpOJo/MW70ts3BrjN8eIvtnZ7/GHVljkQde7LCCJ2k2iQWTW\nlp+C5jWsR/2qXoCkG1p2oipBP/2OKo9wRzklkOo+1LJiWY18r/FlRMWqfkFUyMrK\n+NEpxWhe8ytzIFIkrXDt\n=iv++\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-1152"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      },
      {
        "db": "BID",
        "id": "74525"
      },
      {
        "db": "VULHUB",
        "id": "VHN-79113"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-1152"
      },
      {
        "db": "PACKETSTORM",
        "id": "133618"
      },
      {
        "db": "PACKETSTORM",
        "id": "132517"
      },
      {
        "db": "PACKETSTORM",
        "id": "131803"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-1152",
        "trust": 3.2
      },
      {
        "db": "BID",
        "id": "74525",
        "trust": 1.5
      },
      {
        "db": "SECTRACK",
        "id": "1032270",
        "trust": 1.2
      },
      {
        "db": "JVN",
        "id": "JVNVU94416388",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU99970459",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201505-050",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "64409",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "131803",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-79113",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-1152",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "133618",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "132517",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79113"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-1152"
      },
      {
        "db": "BID",
        "id": "74525"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      },
      {
        "db": "PACKETSTORM",
        "id": "133618"
      },
      {
        "db": "PACKETSTORM",
        "id": "132517"
      },
      {
        "db": "PACKETSTORM",
        "id": "131803"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1152"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201505-050"
      }
    ]
  },
  "id": "VAR-201505-0081",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79113"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:07:48.178000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APPLE-SA-2015-09-16-3 iTunes 12.3",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00003.html"
      },
      {
        "title": "APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/may/msg00000.html"
      },
      {
        "title": "APPLE-SA-2015-06-30-1 iOS 8.4",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00001.html"
      },
      {
        "title": "APPLE-SA-2015-06-30-6 iTunes 12.2",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00006.html"
      },
      {
        "title": "HT204949",
        "trust": 0.8,
        "url": "http://support.apple.com/en-us/ht204949"
      },
      {
        "title": "HT204826",
        "trust": 0.8,
        "url": "http://support.apple.com/en-us/ht204826"
      },
      {
        "title": "HT205221",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht205221"
      },
      {
        "title": "HT204941",
        "trust": 0.8,
        "url": "http://support.apple.com/en-us/ht204941"
      },
      {
        "title": "HT204941",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/ht204941"
      },
      {
        "title": "HT204949",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/ht204949"
      },
      {
        "title": "HT204826",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/ht204826"
      },
      {
        "title": "HT205221",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/ht205221"
      },
      {
        "title": "Apple: Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=5390fb0ff76f6297e2be71c3845ae066"
      },
      {
        "title": "Apple: iTunes 12.2",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=2226f3b33d2757eb165213f6cbf380a9"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/apple-fixes-webkit-vulnerabilities-in-safari-browser/112670/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2015-1152"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-1152"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/may/msg00000.html"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/ht204826"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/74525"
      },
      {
        "trust": 1.2,
        "url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00001.html"
      },
      {
        "trust": 1.2,
        "url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00006.html"
      },
      {
        "trust": 1.2,
        "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00003.html"
      },
      {
        "trust": 1.2,
        "url": "http://support.apple.com/kb/ht204941"
      },
      {
        "trust": 1.2,
        "url": "https://support.apple.com/ht205221"
      },
      {
        "trust": 1.2,
        "url": "https://support.apple.com/kb/ht204949"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1032270"
      },
      {
        "trust": 1.2,
        "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1152"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu94416388/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu99970459/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1152"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/64409"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/safari/"
      },
      {
        "trust": 0.3,
        "url": "https://support.apple.com/en-ie/ht204949"
      },
      {
        "trust": 0.3,
        "url": "https://support.apple.com/en-us/ht205221"
      },
      {
        "trust": 0.3,
        "url": "https://support.apple.com/en-ie/ht204826"
      },
      {
        "trust": 0.3,
        "url": "http://webkitgtk.org/security/wsa-2015-0002.html"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1153"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1152"
      },
      {
        "trust": 0.3,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.3,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.2,
        "url": "https://support.apple.com/kb/ht201222"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3687"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3688"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3686"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1157"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1155"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1156"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/kb/ht204826"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/apple-fixes-webkit-vulnerabilities-in-safari-browser/112670/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3741"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3736"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3730"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8146"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3190"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3748"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3749"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3738"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3744"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1205"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3746"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3742"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3731"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3734"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3740"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3743"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3747"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3735"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3737"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3745"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3739"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/itunes/download/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3684"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/itunes/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3719"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3658"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3724"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3685"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3703"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/en-us/ht204938"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8127"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1741"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8128"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8130"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3721"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3659"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3723"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3690"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/en-"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3689"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3710"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8129"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3717"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3722"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3694"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1154"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79113"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-1152"
      },
      {
        "db": "BID",
        "id": "74525"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      },
      {
        "db": "PACKETSTORM",
        "id": "133618"
      },
      {
        "db": "PACKETSTORM",
        "id": "132517"
      },
      {
        "db": "PACKETSTORM",
        "id": "131803"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1152"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201505-050"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-79113"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-1152"
      },
      {
        "db": "BID",
        "id": "74525"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      },
      {
        "db": "PACKETSTORM",
        "id": "133618"
      },
      {
        "db": "PACKETSTORM",
        "id": "132517"
      },
      {
        "db": "PACKETSTORM",
        "id": "131803"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1152"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201505-050"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-05-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-79113"
      },
      {
        "date": "2015-05-08T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-1152"
      },
      {
        "date": "2015-05-06T00:00:00",
        "db": "BID",
        "id": "74525"
      },
      {
        "date": "2015-05-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      },
      {
        "date": "2015-09-19T15:35:19",
        "db": "PACKETSTORM",
        "id": "133618"
      },
      {
        "date": "2015-07-01T03:28:44",
        "db": "PACKETSTORM",
        "id": "132517"
      },
      {
        "date": "2015-05-07T15:53:40",
        "db": "PACKETSTORM",
        "id": "131803"
      },
      {
        "date": "2015-05-08T00:59:00.077000",
        "db": "NVD",
        "id": "CVE-2015-1152"
      },
      {
        "date": "2015-05-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201505-050"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-12-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-79113"
      },
      {
        "date": "2016-12-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-1152"
      },
      {
        "date": "2016-02-02T20:04:00",
        "db": "BID",
        "id": "74525"
      },
      {
        "date": "2015-10-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      },
      {
        "date": "2016-12-03T03:03:06.900000",
        "db": "NVD",
        "id": "CVE-2015-1152"
      },
      {
        "date": "2015-05-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201505-050"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201505-050"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple Safari Used in etc.  WebKit Vulnerable to arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002548"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "74525"
      }
    ],
    "trust": 0.3
  }
}

GHSA-XR42-288C-HWMJ

Vulnerability from github – Published: 2022-05-17 03:34 – Updated: 2022-05-17 03:34

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-1152"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-05-08T00:59:00Z",
    "severity": "MODERATE"
  },
  "details": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.",
  "id": "GHSA-xr42-288c-hwmj",
  "modified": "2022-05-17T03:34:22Z",
  "published": "2022-05-17T03:34:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1152"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT204826"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT205221"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT204949"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT204941"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/74525"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032270"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2015-1152

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-1152

Aliases

CVE-2015-1152

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-1152",
    "description": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.",
    "id": "GSD-2015-1152",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-1152.html",
      "https://advisories.mageia.org/CVE-2015-1152.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-1152"
      ],
      "details": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.",
      "id": "GSD-2015-1152",
      "modified": "2023-12-13T01:20:05.296534Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2015-1152",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.apple.com/HT205221",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT205221"
          },
          {
            "name": "https://support.apple.com/HT204826",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT204826"
          },
          {
            "name": "http://support.apple.com/kb/HT204941",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT204941"
          },
          {
            "name": "APPLE-SA-2015-06-30-6",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
          },
          {
            "name": "74525",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/74525"
          },
          {
            "name": "openSUSE-SU-2016:0761",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
          },
          {
            "name": "1032270",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1032270"
          },
          {
            "name": "APPLE-SA-2015-09-16-3",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
          },
          {
            "name": "https://support.apple.com/kb/HT204949",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT204949"
          },
          {
            "name": "APPLE-SA-2015-06-30-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
          },
          {
            "name": "APPLE-SA-2015-05-06-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.2.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2015-1152"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2015-05-06-1",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
            },
            {
              "name": "https://support.apple.com/HT204826",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT204826"
            },
            {
              "name": "74525",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/74525"
            },
            {
              "name": "1032270",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1032270"
            },
            {
              "name": "APPLE-SA-2015-06-30-6",
              "refsource": "APPLE",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
            },
            {
              "name": "APPLE-SA-2015-06-30-1",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
            },
            {
              "name": "https://support.apple.com/kb/HT204949",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/kb/HT204949"
            },
            {
              "name": "http://support.apple.com/kb/HT204941",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT204941"
            },
            {
              "name": "https://support.apple.com/HT205221",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT205221"
            },
            {
              "name": "APPLE-SA-2015-09-16-3",
              "refsource": "APPLE",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
            },
            {
              "name": "openSUSE-SU-2016:0761",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2016-12-03T03:03Z",
      "publishedDate": "2015-05-08T00:59Z"
    }
  }
}

FKIE_CVE-2015-1152

Vulnerability from fkie_nvd - Published: 2015-05-08 00:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html	Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html	Patch, Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/May/msg00000.html	Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html	Patch, Vendor Advisory
product-security@apple.com	http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html
product-security@apple.com	http://support.apple.com/kb/HT204941	Vendor Advisory
product-security@apple.com	http://www.securityfocus.com/bid/74525
product-security@apple.com	http://www.securitytracker.com/id/1032270
product-security@apple.com	https://support.apple.com/HT204826	Vendor Advisory
product-security@apple.com	https://support.apple.com/HT205221	Vendor Advisory
product-security@apple.com	https://support.apple.com/kb/HT204949	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/May/msg00000.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT204941	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/74525
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032270
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT204826	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT205221	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT204949	Vendor Advisory

Impacted products

Vendor	Product	Version
apple	iphone_os	*
apple	itunes	*
apple	safari	*
apple	safari	7.0
apple	safari	7.0.1
apple	safari	7.0.2
apple	safari	7.0.3
apple	safari	7.0.4
apple	safari	7.0.5
apple	safari	7.0.6
apple	safari	7.1.0
apple	safari	7.1.1
apple	safari	7.1.2
apple	safari	7.1.3
apple	safari	7.1.4
apple	safari	7.1.5
apple	safari	8.0.0
apple	safari	8.0.1
apple	safari	8.0.2
apple	safari	8.0.3
apple	safari	8.0.4
apple	safari	8.0.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB31BE7C-CB6D-447E-AFF8-618998950FC5",
              "versionEndIncluding": "8.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C417D4CD-EC8C-4572-A017-F571CD6A2F78",
              "versionEndIncluding": "12.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2354C83-9358-405A-9336-38D43BA143AC",
              "versionEndIncluding": "6.2.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391B4255-4434-4EB3-929B-3E593D9CD249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40B87D10-55B3-42E7-8FF6-93EDF003337D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "49457917-495E-4D17-A0AB-D2A163D4721D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "223B13DA-9328-46C2-8426-3182D55E6669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD636DF3-E590-4603-9D18-CC2375A97750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0F8336F-D0F8-4337-9DF6-51B60F8A2E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79C2EF49-A9F0-4612-903A-A3A95805277E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E1934F2-5917-4C15-8869-82C557BF430D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "845A67F0-7BE6-482C-AE49-D8E9B272BA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C61F7-BAF4-4061-8B1A-D7F8D597F2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5C7D83-EA9E-4E26-910D-8471252723EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE29EE2D-9EA8-4486-BC3F-B0CCF9C396F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FDB5E2A-F3BD-4500-922E-A191C45DE93C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E55F641-AC7F-41AD-BB6A-F69831DAD49E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154."
    },
    {
      "lang": "es",
      "value": "WebKit, utilizado en Apple Safari anterior a 6.2.6, 7.x anterior a 7.1.6, y 8.x anterior a 8.0.6, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado, una vulnerabilidad diferente a CVE-2015-1153 y CVE-2015-1154."
    }
  ],
  "id": "CVE-2015-1152",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-05-08T00:59:00.077",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT204941"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securityfocus.com/bid/74525"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securitytracker.com/id/1032270"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT204826"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT205221"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT204949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT204941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/74525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032270"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT204826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT205221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT204949"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2015-02940

Vulnerability from cnvd - Published: 2015-05-11

Title

Apple Safari WebKit内存破坏漏洞（CNVD-2015-02940）

Description

WebKit是开源的Web浏览器引擎，目前被Safari、Chrome等浏览器使用。 Apple Safari 6.2.6之前，7.1.6之前的7.x,8.0.6之前的8.x版本中使用WebKit存在内存破坏漏洞，允许远程攻击者执行任意代码或造成拒绝服务（内存损坏和应用程序崩溃）。

Severity

中

Patch Name

Apple Safari WebKit内存破坏漏洞（CNVD-2015-02940）的补丁

Patch Description

WebKit是开源的Web浏览器引擎，目前被Safari、Chrome等浏览器使用。Apple Safari 6.2.6之前，7.1.6之前的7.x,8.0.6之前的8.x版本中使用WebKit存在内存破坏漏洞，允许远程攻击者执行任意代码或造成拒绝服务（内存损坏和应用程序崩溃）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可联系供应商获得补丁信息： https://support.apple.com/zh-cn/HT204826

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1152

Impacted products

Name
['Apple Safari <6.2.6', 'Apple Safari 7.x(<7.1.6)', 'Apple Safari 8.x(<8.0.6)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-1152"
    }
  },
  "description": "WebKit\u662f\u5f00\u6e90\u7684Web\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u76ee\u524d\u88abSafari\u3001Chrome\u7b49\u6d4f\u89c8\u5668\u4f7f\u7528\u3002 \r\n\r\nApple Safari 6.2.6\u4e4b\u524d\uff0c7.1.6\u4e4b\u524d\u76847.x,8.0.6\u4e4b\u524d\u76848.x\u7248\u672c\u4e2d\u4f7f\u7528WebKit\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5185\u5b58\u635f\u574f\u548c\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\uff09\u3002",
  "discovererName": "Apple",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a \r\nhttps://support.apple.com/zh-cn/HT204826",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-02940",
  "openTime": "2015-05-11",
  "patchDescription": "WebKit\u662f\u5f00\u6e90\u7684Web\u6d4f\u89c8\u5668\u5f15\u64ce\uff0c\u76ee\u524d\u88abSafari\u3001Chrome\u7b49\u6d4f\u89c8\u5668\u4f7f\u7528\u3002Apple Safari 6.2.6\u4e4b\u524d\uff0c7.1.6\u4e4b\u524d\u76847.x,8.0.6\u4e4b\u524d\u76848.x\u7248\u672c\u4e2d\u4f7f\u7528WebKit\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5185\u5b58\u635f\u574f\u548c\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apple Safari WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff08CNVD-2015-02940\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apple Safari \u003c6.2.6",
      "Apple Safari 7.x(\u003c7.1.6)",
      "Apple Safari 8.x(\u003c8.0.6)"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1152",
  "serverity": "\u4e2d",
  "submitTime": "2015-05-08",
  "title": "Apple Safari WebKit\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff08CNVD-2015-02940\uff09"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-1152 (GCVE-0-2015-1152)

Contournement provisoire

Solution

Solution

Solution

Solution

Solution

Solution

Contournement provisoire

Tags

Sightings

Nomenclature