CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1129
https://notcve.org/view.php?id=CVE-2015-1129
Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site. Apple Safari anterior a 6.2.5, 7.x anterior a 7.1.5, y 8.x anterior a 8.0.5 no selecciona correctamente los certificados de clientes X.509, lo que facilita a atacantes remotos seguir usuarios a través de un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://www.securitytracker.com/id/1032047 https://support.apple.com/HT204658 https://support.apple.com/HT205212 • CWE-310: Cryptographic Issues •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1077
https://notcve.org/view.php?id=CVE-2015-1077
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web modificado, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://www.securitytracker.com/id/1031936 https://support.apple.com/HT204560 https://support.apple.com/HT204661 https://support.apple.com/HT204662 https://support.apple.com/kb/HT204949 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 1%CPEs: 19EXPL: 0CVE-2015-1076
https://notcve.org/view.php?id=CVE-2015-1076
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web modificado, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://www.securitytracker.com/id/1031936 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT204560 https://support • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1079
https://notcve.org/view.php?id=CVE-2015-1079
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web modificado, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://www.securitytracker.com/id/1031936 https://support.apple.com/HT204560 https://support.apple.com/HT204661 https://support.apple.com/HT204662 https://support.apple.com/kb/HT204949 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 1%CPEs: 19EXPL: 0CVE-2015-1081
https://notcve.org/view.php?id=CVE-2015-1081
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web modificado, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://www.securitytracker.com/id/1031936 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT204560 https://support • CWE-399: Resource Management Errors •