CVE-2015-1076
published 2015-03-18CVE-2015-1076: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of…
PriorityP429medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
0.79%
74.3th percentile
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_tv | — | — |
| apple | ios | — | — |
| apple | iphone_os | <= 8.2 | — |
| apple | itunes | <= 12.1 | — |
| apple | itunes | — | — |
| apple | safari | <= 6.2.3 | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari_8.0.4_safari_7.1.4_and_safari | — | — |
| apple | tvos | <= 7.1 | — |
| webkitgtk | webkitgtk | >= 0 < 2.4.10-0ubuntu0.14.04.1 | 2.4.10-0ubuntu0.14.04.1 |
| webkitgtk | webkitgtk | >= 0 < 2.4.10-0ubuntu1 | 2.4.10-0ubuntu1 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
Ubuntu
WebKitGTK+ vulnerabilities
vendor_ubuntu·2016-03-21
CVE-2014-1748 WebKitGTK+ vulnerabilities
Title: WebKitGTK+ vulnerabilities
Summary: Several security issues were fixed in WebKitGTK+.
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
Instructions: This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany and Evolution, to make all the
necessary changes.
Apple
CVE-2015-1121: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1121 [MEDIUM] CVE-2015-1121: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1121
Component: CVE-2015-1076
Apple
CVE-2015-1082: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1082 [MEDIUM] CVE-2015-1082: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1082
Component: CVE-2015-1076
Apple
CVE-2015-1121: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1121 [MEDIUM] CVE-2015-1121: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1121
Component: CVE-2015-1076
Apple
CVE-2015-1078: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1078 [MEDIUM] CVE-2015-1078: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1078
Component: CVE-2015-1076
Apple
CVE-2015-1078: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 6.8
CVE-2015-1078 [MEDIUM] CVE-2015-1078: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1078
Component: CVE-2015-1076
Apple
CVE-2015-1080: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1080 [MEDIUM] CVE-2015-1080: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1080
Component: CVE-2015-1076
Apple
CVE-2015-1081: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1081 [MEDIUM] CVE-2015-1081: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1081
Component: CVE-2015-1076
Apple
CVE-2015-1077: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1077 [MEDIUM] CVE-2015-1077: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1077
Component: CVE-2015-1076
Apple
CVE-2015-1083: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1083 [MEDIUM] CVE-2015-1083: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1083
Component: CVE-2015-1076
Apple
CVE-2015-1077: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1077 [MEDIUM] CVE-2015-1077: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1077
Component: CVE-2015-1076
Apple
CVE-2015-1078: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1078 [MEDIUM] CVE-2015-1078: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1078
Component: CVE-2015-1076
Apple
CVE-2015-1120: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1120 [MEDIUM] CVE-2015-1120: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1120
Component: CVE-2015-1076
Apple
CVE-2015-1076: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 6.8
CVE-2015-1076 [MEDIUM] CVE-2015-1076: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1076
Component: CVE-2015-1076
Apple
CVE-2015-1082: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1082 [MEDIUM] CVE-2015-1082: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1082
Component: CVE-2015-1076
Apple
CVE-2015-1078: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1078 [MEDIUM] CVE-2015-1078: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1078
Component: CVE-2015-1076
Apple
CVE-2015-1121: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1121 [MEDIUM] CVE-2015-1121: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1121
Component: CVE-2015-1076
Apple
CVE-2015-1123: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1123 [MEDIUM] CVE-2015-1123: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1123
Component: CVE-2015-1076
Apple
CVE-2015-1081: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1081 [MEDIUM] CVE-2015-1081: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1081
Component: CVE-2015-1076
Apple
CVE-2015-1080: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1080 [MEDIUM] CVE-2015-1080: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1080
Component: CVE-2015-1076
Apple
CVE-2015-1079: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1079 [MEDIUM] CVE-2015-1079: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1079
Component: CVE-2015-1076
Apple
CVE-2015-1079: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1079 [MEDIUM] CVE-2015-1079: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1079
Component: CVE-2015-1076
Apple
CVE-2015-1077: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 6.8
CVE-2015-1077 [MEDIUM] CVE-2015-1077: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1077
Component: CVE-2015-1076
Apple
CVE-2015-1080: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1080 [MEDIUM] CVE-2015-1080: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1080
Component: CVE-2015-1076
Apple
CVE-2015-1079: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1079 [MEDIUM] CVE-2015-1079: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1079
Component: CVE-2015-1076
Apple
CVE-2015-1119: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1119 [MEDIUM] CVE-2015-1119: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1119
Component: CVE-2015-1076
Apple
CVE-2015-1079: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 6.8
CVE-2015-1079 [MEDIUM] CVE-2015-1079: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1079
Component: CVE-2015-1076
Apple
CVE-2015-1124: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1124 [MEDIUM] CVE-2015-1124: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1124
Component: CVE-2015-1076
Apple
CVE-2015-1076: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1076 [MEDIUM] CVE-2015-1076: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1076
Component: CVE-2015-1076
Apple
CVE-2015-1119: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1119 [MEDIUM] CVE-2015-1119: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1119
Component: CVE-2015-1076
Apple
CVE-2015-1122: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1122 [MEDIUM] CVE-2015-1122: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1122
Component: CVE-2015-1076
Apple
CVE-2015-1120: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1120 [MEDIUM] CVE-2015-1120: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1120
Component: CVE-2015-1076
Apple
CVE-2015-1081: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 6.8
CVE-2015-1081 [MEDIUM] CVE-2015-1081: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1081
Component: CVE-2015-1076
Apple
CVE-2015-1083: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1083 [MEDIUM] CVE-2015-1083: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1083
Component: CVE-2015-1076
Apple
CVE-2015-1124: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1124 [MEDIUM] CVE-2015-1124: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1124
Component: CVE-2015-1076
Apple
CVE-2015-1124: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1124 [MEDIUM] CVE-2015-1124: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1124
Component: CVE-2015-1076
Apple
CVE-2015-1076: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1076 [MEDIUM] CVE-2015-1076: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1076
Component: CVE-2015-1076
Apple
CVE-2015-1080: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 6.8
CVE-2015-1080 [MEDIUM] CVE-2015-1080: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1080
Component: CVE-2015-1076
Apple
CVE-2015-1083: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 6.8
CVE-2015-1083 [MEDIUM] CVE-2015-1083: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1083
Component: CVE-2015-1076
Apple
CVE-2015-1119: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1119 [MEDIUM] CVE-2015-1119: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1119
Component: CVE-2015-1076
Apple
CVE-2015-1120: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1120 [MEDIUM] CVE-2015-1120: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1120
Component: CVE-2015-1076
Apple
CVE-2015-1081: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1081 [MEDIUM] CVE-2015-1081: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1081
Component: CVE-2015-1076
Apple
CVE-2015-1076: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1076 [MEDIUM] CVE-2015-1076: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1076
Component: CVE-2015-1076
Apple
CVE-2015-1123: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1123 [MEDIUM] CVE-2015-1123: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1123
Component: CVE-2015-1076
Apple
CVE-2015-1122: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1122 [MEDIUM] CVE-2015-1122: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1122
Component: CVE-2015-1076
Apple
CVE-2015-1077: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1077 [MEDIUM] CVE-2015-1077: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1077
Component: CVE-2015-1076
Apple
CVE-2015-1083: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1083 [MEDIUM] CVE-2015-1083: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1083
Component: CVE-2015-1076
Apple
CVE-2015-1082: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 6.8
CVE-2015-1082 [MEDIUM] CVE-2015-1082: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1082
Component: CVE-2015-1076
Apple
CVE-2015-1122: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1122 [MEDIUM] CVE-2015-1122: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1122
Component: CVE-2015-1076
Apple
CVE-2015-1082: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1082 [MEDIUM] CVE-2015-1082: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1082
Component: CVE-2015-1076
GHSA
GHSA-fw3v-f6jw-qjjv: WebKit, as used in Apple Safari before 6
ghsa_unreviewed·2022-05-14
CVE-2015-1076 [MEDIUM] GHSA-fw3v-f6jw-qjjv: WebKit, as used in Apple Safari before 6
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
OSV
CVE-2015-1076: WebKit, as used in Apple Safari before 6
osv·2015-03-18·CVSS 6.8
CVE-2015-1076 [MEDIUM] CVE-2015-1076: WebKit, as used in Apple Safari before 6
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Apr/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00006.htmlhttp://lists.apple.com/archives/security-announce/2015/Mar/msg00004.htmlhttp://lists.opensuse.org/opensuse-updates/2016-03/msg00132.htmlhttp://www.securitytracker.com/id/1031936http://www.ubuntu.com/usn/USN-2937-1https://support.apple.com/HT204560https://support.apple.com/HT204661https://support.apple.com/HT204662https://support.apple.com/kb/HT204949http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Apr/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00006.htmlhttp://lists.apple.com/archives/security-announce/2015/Mar/msg00004.htmlhttp://lists.opensuse.org/opensuse-updates/2016-03/msg00132.htmlhttp://www.securitytracker.com/id/1031936http://www.ubuntu.com/usn/USN-2937-1https://support.apple.com/HT204560https://support.apple.com/HT204661https://support.apple.com/HT204662https://support.apple.com/kb/HT204949
2015-03-18
Published