CVE-2015-7014
published 2015-10-23CVE-2015-7014: WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | <= 9.0.2 | — |
| apple | itunes | <= 12.3.0 | — |
| apple | itunes | — | — |
| apple | safari | <= 9.0 | — |
| apple | safari | — | — |
CVSS provenance
nvd6.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
GHSA
GHSA-w8v6-4g87-w2vv: WebKit, as used in Apple iOS before 9
ghsa_unreviewed·2022-05-17
CVE-2015-7014 [MEDIUM] CWE-119 GHSA-w8v6-4g87-w2vv: WebKit, as used in Apple iOS before 9
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
OSV
CVE-2015-7014: WebKit, as used in Apple iOS before 9
osv·2015-10-23·CVSS 6.8
CVE-2015-7014 [MEDIUM] CVE-2015-7014: WebKit, as used in Apple iOS before 9
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
Apple
CVE-2015-7104: iOS 9.1
vendor_apple·CVSS 6.8
CVE-2015-7104 [MEDIUM] CVE-2015-7104: iOS 9.1
Apple Security Update: About the security content of iOS 9.1
Product: iOS
Version: 9.1
CVE: CVE-2015-7104
Component: CVE-2015-7014
Apple
CVE-2015-7014: Safari 9.0.1
vendor_apple·CVSS 6.8
CVE-2015-7014 [MEDIUM] CVE-2015-7014: Safari 9.0.1
Apple Security Update: About the security content of Safari 9.0.1
Product: Safari
Version: 9.0.1
CVE: CVE-2015-7014
Component: CVE-2015-7014
Apple
CVE-2015-7014: iOS 9.1
vendor_apple·CVSS 6.8
CVE-2015-7014 [MEDIUM] CVE-2015-7014: iOS 9.1
Apple Security Update: About the security content of iOS 9.1
Product: iOS
Version: 9.1
CVE: CVE-2015-7014
Component: CVE-2015-7014
Apple
CVE-2015-7014: iTunes 12.3.1
vendor_apple·CVSS 6.8
CVE-2015-7014 [MEDIUM] CVE-2015-7014: iTunes 12.3.1
Apple Security Update: About the security content of iTunes 12.3.1
Product: iTunes
Version: 12.3.1
CVE: CVE-2015-7014
Component: CVE-2015-7014
Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Oct/msg00004.htmlhttp://lists.apple.com/archives/security-announce/2015/Oct/msg00006.htmlhttp://lists.opensuse.org/opensuse-updates/2016-03/msg00054.htmlhttp://www.securityfocus.com/bid/77267http://www.securitytracker.com/id/1033929https://support.apple.com/HT205370https://support.apple.com/HT205372https://support.apple.com/HT205377http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Oct/msg00004.htmlhttp://lists.apple.com/archives/security-announce/2015/Oct/msg00006.htmlhttp://lists.opensuse.org/opensuse-updates/2016-03/msg00054.htmlhttp://www.securityfocus.com/bid/77267http://www.securitytracker.com/id/1033929https://support.apple.com/HT205370https://support.apple.com/HT205372https://support.apple.com/HT205377
2015-10-23
Published