PT-2015-7078 · Apple+2 · Webkit+5

Publicado

2015-10-23

·

Atualizado

2024-06-15

·

CVE-2015-5928

CVSS v2.0

6.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions WebKit, as used in Apple iOS versions prior to 9.1 WebKit, as used in Safari versions prior to 9.0.1 WebKit, as used in iTunes versions prior to 12.3.1
Description The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site.
Recommendations For Apple iOS versions prior to 9.1, update to version 9.1 or later. For Safari versions prior to 9.0.1, update to version 9.0.1 or later. For iTunes versions prior to 12.3.1, update to version 12.3.1 or later.

Exploit

Correção

RCE

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2016-1245
ALT-PU-2016-1315
CVE-2015-5928
MGASA-2016-0116
MGASA-2016-0120
OPENSUSE-SU-2024:10461-1
USN-2937-1

Produtos afetados

Alt Linux
Safari
Ubuntu
Webkit
Ios
Itunes