Showing 1 - 3 of 3

CVE-2015-3658

Status Candidate

Overview

The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.

Related Files

Ubuntu Security Notice USN-2937-1: Posted Mar 22, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2937-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.; tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss; systems | linux, ubuntu; advisories | CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081, CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127, CVE-2015-1153, CVE-2015-1155, CVE-2015-3658, CVE-2015-3659, CVE-2015-3727, CVE-2015-3731, CVE-2015-3741, CVE-2015-3743, CVE-2015-3745, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801, CVE-2015-5809, CVE-2015-5822, CVE-2015-5928; SHA-256 | 9e8b68079ff3270e979de901c8faf5bdecbde047aa6e873a355a2b80f1b1099e; Download | Favorite | View

Apple Security Advisory 2015-06-30-4: Posted Jul 1, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-06-30-4 - Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 are now available and address account takeover, WebSQL database access, and various other issues.; tags | advisory; systems | apple; advisories | CVE-2015-3658, CVE-2015-3659, CVE-2015-3660, CVE-2015-3727; SHA-256 | 65a4e7e1055cabeaafab321c18f2600435a9a6b41433f5acd7cbbed23fa24c05; Download | Favorite | View

Apple Security Advisory 2015-06-30-1: Posted Jul 1, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-06-30-1 - iOS 8.4 is now available and addresses denial of service, an incorrect issued certificate, arbitrary code execution, and various other flaws.; tags | advisory, denial of service, arbitrary, code execution; systems | apple, ios; advisories | CVE-2013-1741, CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2015-1152, CVE-2015-1153, CVE-2015-1155, CVE-2015-1156, CVE-2015-1157, CVE-2015-3658, CVE-2015-3659, CVE-2015-3684, CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, CVE-2015-3689, CVE-2015-3690, CVE-2015-3694, CVE-2015-3703, CVE-2015-3710, CVE-2015-3717, CVE-2015-3719, CVE-2015-3721, CVE-2015-3722, CVE-2015-3723, CVE-2015-3724; SHA-256 | aa64c9a10b61a44ca9cbe32378688da43c9948d31f37b09253079d2bdffc2fbf; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 52 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,960)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,989)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2015-3658

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems