CVE-2015-1122Out-of-bounds Write in Apple Iphone OS

9 documents6 sources
Severity
6.8MEDIUMNVD
EPSS
0.8%
top 25.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
WebkitgtkApple Iphone OSApple Itunes+5 more
Timeline
PublishedApr 10
Latest updateMay 14

Description

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages9 packages

NVDapple/safari6.2.4+17
NVDapple/tvos7.1
NVDapple/itunes12.1

Patches

Patch: lists.apple.comPatch: lists.apple.com

🔴Vulnerability Details

2
GHSA
GHSA-hr9j-hgxx-5r88: WebKit, as used in Apple iOS before 82022-05-14
OSV
CVE-2015-1122: WebKit, as used in Apple iOS before 82015-04-10

📋Vendor Advisories

5
Ubuntu
WebKitGTK+ vulnerabilities2016-03-21
Apple
CVE-2015-1122: iTunes 12.2
Apple
CVE-2015-1122: Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
Apple
CVE-2015-1122: Apple TV 7.2
Apple
CVE-2015-1122: iOS 8.3

💬Community

1
Bugzilla
CVE-2015-5186 Audit: log terminal emulator escape sequences handling2015-08-07
CVE-2015-1122 — Out-of-bounds Write in Apple Iphone OS | cvebase