Vulnerability CVE-2015-1081: Information

Description

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

Severity: MEDIUM (6.8)

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-1081

Published: March 19, 2015

Modified: March 8, 2019

Error type identifier: CWE-399

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
libwebkitgtk2	p10	2.4.11-alt1	2.4.11-alt13	ALT-PU-2016-1315-1	162826	Fixed
libwebkitgtk2	p9	2.4.11-alt1	2.4.11-alt10	ALT-PU-2016-1315-1	162826	Fixed
libwebkitgtk2	c10f1	2.4.11-alt1	2.4.11-alt13	ALT-PU-2016-1315-1	162826	Fixed
libwebkitgtk2	c9f2	2.4.11-alt1	2.4.11-alt10	ALT-PU-2016-1315-1	162826	Fixed
libwebkitgtk3	p10	2.4.10-alt1	2.4.11-alt12	ALT-PU-2016-1245-1	161352	Fixed
libwebkitgtk3	p9	2.4.10-alt1	2.4.11-alt9.1.p9	ALT-PU-2016-1245-1	161352	Fixed
libwebkitgtk3	c10f1	2.4.10-alt1	2.4.11-alt12	ALT-PU-2016-1245-1	161352	Fixed
libwebkitgtk3	c9f2	2.4.10-alt1	2.4.11-alt9.1.p9	ALT-PU-2016-1245-1	161352	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
APPLE-SA-2015-03-17-1	Vendor Advisory
https://support.apple.com/HT204560	Vendor Advisory
1031936
https://support.apple.com/HT204662	Vendor Advisory
APPLE-SA-2015-04-08-3	Vendor Advisory
APPLE-SA-2015-04-08-4	Vendor Advisory
https://support.apple.com/HT204661	Vendor Advisory
APPLE-SA-2015-06-30-6	Patch Vendor Advisory
https://support.apple.com/kb/HT204949	Vendor Advisory
openSUSE-SU-2016:0915
USN-2937-1

Affected configurations:
1. Configuration 1
  cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
  End including
  7.1
  
  Configuration 2
  cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
  End including
  8.2
  
  Configuration 3
  cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
  End including
  6.2.3
  cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*
  cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*
  
  Configuration 4
  cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
  End including
  12.1

Version: v24.5.0

Vulnerability CVE-2015-1081: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3

Configuration 4