VDB
CVE-2015-5825
CVE-2015-5825
PUBLISHED
WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via crafted JavaScript code.
EPSS 0.60% · 69.9th percentile
Risk Scores
EPSS Score
0.60%
69.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | qtwebkit-opensource-src | 5.5.1+dfsg-2ubuntu1, *, 0 |
| Ubuntu:16.04:LTS | qtwebkit-source | 0, 2.3.2-0ubuntu10, 2.3.2-0ubuntu11 |
| Ubuntu:16.04:LTS | webkitgtk | 2.4.11-0ubuntu0.1, 0, 2.4.9-2ubuntu2 |
Exploit Intelligence
- CVE-2015-1157 telnet server (github-poc)
- CVE-2015-1157 telnet server (github-poc)
- CVE-2015-1157 telnet server (github-poc)
- CVE-2015-1157 telnet server (github-poc)
- CVE-2015-1157 telnet server (github-poc)
- 76766 (circl)
- APPLE-SA-2015-09-16-3 (circl)
- APPLE-SA-2015-09-30-2 (circl)
- APPLE-SA-2015-09-16-1 (circl)
- https://support.apple.com/HT205265 (circl)
…and 4 more exploits
Timeline
- Sep 18, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2015-5825 third-party-advisory
- https://support.apple.com/HT205212 third-party-advisory
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2015-5825 third-party-advisory