Vulnerability CVE-2015-3731: Information

Description

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

Severity: MEDIUM (6.8)

Published: Aug. 17, 2015
Modified: Feb. 8, 2019
Error type identifier: CWE-119

Fixed packages

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://support.apple.com/kb/HT205033
  • Vendor Advisory
https://support.apple.com/kb/HT205030
  • Vendor Advisory
APPLE-SA-2015-08-13-1
  • Mailing List
  • Vendor Advisory
APPLE-SA-2015-08-13-3
  • Mailing List
  • Vendor Advisory
https://support.apple.com/HT205221
  • Vendor Advisory
APPLE-SA-2015-09-16-3
  • Mailing List
  • Patch
  • Vendor Advisory
76338
  • Third Party Advisory
  • VDB Entry
openSUSE-SU-2016:0915
  • Mailing List
  • Third Party Advisory
USN-2937-1
  • Third Party Advisory
1033274
  • Third Party Advisory
  • VDB Entry
    1. Configuration 1

      cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
      End including
      12.2

      Configuration 2

      cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
      Start including
      6.0
      End excliding
      6.2.8

      cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
      Start including
      7.0
      End excliding
      7.1.8

      cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
      Start including
      8.0
      End excliding
      8.0.8

      Configuration 3

      cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

      Configuration 4

      cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
      End excliding
      8.4.1