CVE-2015-3732
published 2015-08-16CVE-2015-3732: WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or…
PriorityP430medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.58%
81.9th percentile
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_tv | — | — |
| apple | ios | — | — |
| apple | iphone_os | < 8.4.1 | 8.4.1 |
| apple | safari | >= 6.0 < 6.2.8 | 6.2.8 |
| apple | safari | >= 7.0 < 7.1.8 | 7.1.8 |
| apple | safari | >= 8.0 < 8.0.8 | 8.0.8 |
| apple | safari_8.0.8_safari_7.1.8_and_safari | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
Apple
CVE-2015-3732: iOS 8.4.1
vendor_apple·CVSS 6.8
CVE-2015-3732 [MEDIUM] CVE-2015-3732: iOS 8.4.1
Apple Security Update: About the security content of iOS 8.4.1
Product: iOS
Version: 8.4.1
CVE: CVE-2015-3732
Component: CVE-ID
Apple
CVE-2015-3732: Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
vendor_apple·CVSS 6.8
CVE-2015-3732 [MEDIUM] CVE-2015-3732: Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
Apple Security Update: About the security content of Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
Product: Safari 8.0.8, Safari 7.1.8, and Safari
Version: 6.2.8
CVE: CVE-2015-3732
Component: CVE-ID
Apple
CVE-2015-3732: Apple TV 7.2.1
vendor_apple·CVSS 6.8
CVE-2015-3732 [MEDIUM] CVE-2015-3732: Apple TV 7.2.1
Apple Security Update: About the security content of Apple TV 7.2.1
Product: Apple TV
Version: 7.2.1
CVE: CVE-2015-3732
Component: CVE-ID
GHSA
GHSA-v52p-fjx8-fvmh: WebKit, as used in Apple iOS before 8
ghsa_unreviewed·2022-05-14
CVE-2015-3732 [MEDIUM] CWE-119 GHSA-v52p-fjx8-fvmh: WebKit, as used in Apple iOS before 8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
OSV
CVE-2015-3732: WebKit, as used in Apple iOS before 8
osv·2015-08-16·CVSS 6.8
CVE-2015-3732 [MEDIUM] CVE-2015-3732: WebKit, as used in Apple iOS before 8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttp://www.securityfocus.com/bid/76338http://www.securitytracker.com/id/1033274https://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205033http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttp://www.securityfocus.com/bid/76338http://www.securitytracker.com/id/1033274https://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205033
2015-08-16
Published