fkie_nvd - fkie_cve-2015-1153

fkie_cve-2015-1153

Vulnerability from fkie_nvd

Published

2015-05-08 00:59

Modified

2025-04-12 10:46

Severity ?

Summary

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154.

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html	Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html	Patch, Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/May/msg00000.html	Vendor Advisory
product-security@apple.com	http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html	Patch, Vendor Advisory
product-security@apple.com	http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html
product-security@apple.com	http://support.apple.com/kb/HT204941	Vendor Advisory
product-security@apple.com	http://www.securityfocus.com/bid/74523
product-security@apple.com	http://www.securitytracker.com/id/1032270
product-security@apple.com	http://www.ubuntu.com/usn/USN-2937-1
product-security@apple.com	https://support.apple.com/HT204826	Vendor Advisory
product-security@apple.com	https://support.apple.com/HT205221	Vendor Advisory
product-security@apple.com	https://support.apple.com/kb/HT204949	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/May/msg00000.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT204941	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/74523
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032270
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2937-1
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT204826	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT205221	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT204949	Vendor Advisory

Impacted products

Vendor	Product	Version
apple	itunes	*
apple	safari	*
apple	safari	7.0
apple	safari	7.0.1
apple	safari	7.0.2
apple	safari	7.0.3
apple	safari	7.0.4
apple	safari	7.0.5
apple	safari	7.0.6
apple	safari	7.1.0
apple	safari	7.1.1
apple	safari	7.1.2
apple	safari	7.1.3
apple	safari	7.1.4
apple	safari	7.1.5
apple	safari	8.0.0
apple	safari	8.0.1
apple	safari	8.0.2
apple	safari	8.0.3
apple	safari	8.0.4
apple	safari	8.0.5
apple	iphone_os	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C417D4CD-EC8C-4572-A017-F571CD6A2F78",
              "versionEndIncluding": "12.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2354C83-9358-405A-9336-38D43BA143AC",
              "versionEndIncluding": "6.2.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "391B4255-4434-4EB3-929B-3E593D9CD249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40B87D10-55B3-42E7-8FF6-93EDF003337D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "49457917-495E-4D17-A0AB-D2A163D4721D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "223B13DA-9328-46C2-8426-3182D55E6669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD636DF3-E590-4603-9D18-CC2375A97750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0F8336F-D0F8-4337-9DF6-51B60F8A2E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79C2EF49-A9F0-4612-903A-A3A95805277E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E1934F2-5917-4C15-8869-82C557BF430D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "845A67F0-7BE6-482C-AE49-D8E9B272BA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1C61F7-BAF4-4061-8B1A-D7F8D597F2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5C7D83-EA9E-4E26-910D-8471252723EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE29EE2D-9EA8-4486-BC3F-B0CCF9C396F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FDB5E2A-F3BD-4500-922E-A191C45DE93C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E55F641-AC7F-41AD-BB6A-F69831DAD49E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB31BE7C-CB6D-447E-AFF8-618998950FC5",
              "versionEndIncluding": "8.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154."
    },
    {
      "lang": "es",
      "value": "WebKit, utilizado en Apple Safari anterior a 6.2.6, 7.x anterior a 7.1.6, y 8.x anterior a 8.0.6, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado, una vulnerabilidad diferente a CVE-2015-1152 y CVE-2015-1154."
    }
  ],
  "id": "CVE-2015-1153",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-05-08T00:59:01.577",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT204941"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securityfocus.com/bid/74523"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.securitytracker.com/id/1032270"
    },
    {
      "source": "product-security@apple.com",
      "url": "http://www.ubuntu.com/usn/USN-2937-1"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT204826"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT205221"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT204949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/May/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT204941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/74523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032270"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2937-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT204826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT205221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT204949"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2015-1153 (GCVE-0-2015-1153)

Vulnerability from cvelistv5

Published

2015-05-08 00:00