VDB
CVE-2015-1155
CVE-2015-1155
PUBLISHED
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
EPSS 67.87% · 98.6th percentile
Risk Scores
EPSS Score
67.87%
98.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | qtwebkit-opensource-src | 5.4.2+dfsg-1ubuntu2.1, 5.5.1+dfsg-2ubuntu1, 0 |
| Ubuntu:14.04:LTS | webkitgtk | 0, 2.2.1-2ubuntu2, 2.3.2-1ubuntu2 |
| Ubuntu:16.04:LTS | webkitgtk | 2.4.9-2ubuntu2, 0 |
| Ubuntu:16.04:LTS | qtwebkit-source | 0, 2.3.2-0ubuntu10, 2.3.2-0ubuntu11 |
Timeline
- May 7, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2015-1155 third-party-advisory
- https://support.apple.com/HT204826 third-party-advisory
- http://lists.apple.com/archives/security-announce/2015/May/msg00000.html third-party-advisory
- https://ubuntu.com/security/notices/USN-2937-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2015-1155 third-party-advisory