CVE-2015-1124
published 2015-04-10CVE-2015-1124: WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to…
PriorityP429medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
0.91%
76.3th percentile
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_tv | — | — |
| apple | ios | — | — |
| apple | iphone_os | <= 8.2 | — |
| apple | itunes | <= 12.1 | — |
| apple | itunes | — | — |
| apple | safari | <= 6.2.4 | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari_8.0.5_safari_7.1.5_and_safari | — | — |
| apple | tvos | <= 7.1 | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
GHSA
GHSA-q478-v88v-f9f8: WebKit, as used in Apple iOS before 8
ghsa_unreviewed·2022-05-14
CVE-2015-1124 [MEDIUM] GHSA-q478-v88v-f9f8: WebKit, as used in Apple iOS before 8
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
OSV
CVE-2015-1124: WebKit, as used in Apple iOS before 8
osv·2015-04-10·CVSS 6.8
CVE-2015-1124 [MEDIUM] CVE-2015-1124: WebKit, as used in Apple iOS before 8
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
Apple
CVE-2015-1124: Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
vendor_apple·CVSS 6.8
CVE-2015-1124 [MEDIUM] CVE-2015-1124: Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
Apple Security Update: About the security content of Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
Product: Safari 8.0.5, Safari 7.1.5, and Safari
Version: 6.2.5
CVE: CVE-2015-1124
Component: CVE-ID
Apple
CVE-2015-1124: iOS 8.3
vendor_apple·CVSS 6.8
CVE-2015-1124 [MEDIUM] CVE-2015-1124: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1124
Component: CVE-2015-1076
Apple
CVE-2015-1124: Apple TV 7.2
vendor_apple·CVSS 6.8
CVE-2015-1124 [MEDIUM] CVE-2015-1124: Apple TV 7.2
Apple Security Update: About the security content of Apple TV 7.2
Product: Apple TV
Version: 7.2
CVE: CVE-2015-1124
Component: CVE-2015-1076
Apple
CVE-2015-1124: iTunes 12.2
vendor_apple·CVSS 6.8
CVE-2015-1124 [MEDIUM] CVE-2015-1124: iTunes 12.2
Apple Security Update: About the security content of iTunes 12.2
Product: iTunes
Version: 12.2
CVE: CVE-2015-1124
Component: CVE-2015-1076
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Apr/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Apr/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00006.htmlhttp://www.securityfocus.com/bid/73972http://www.securitytracker.com/id/1032047https://support.apple.com/HT204658https://support.apple.com/HT204661https://support.apple.com/HT204662https://support.apple.com/kb/HT204949http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Apr/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Apr/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00006.htmlhttp://www.securityfocus.com/bid/73972http://www.securitytracker.com/id/1032047https://support.apple.com/HT204658https://support.apple.com/HT204661https://support.apple.com/HT204662https://support.apple.com/kb/HT204949
2015-04-10
Published