CVE-2015-1155

Related Files

Mac OS X Safari file:// Redirection Sandbox Escape

Posted Aug 31, 2024

Authored by joev | Site metasploit.com

Versions of Safari before 8.0.6, 7.1.6, and 6.2.6 are vulnerable to a "state management issue" that allows a browser window to be navigated to a file:// URL. By dropping and loading a malicious .webarchive file, an attacker can read arbitrary files, inject cross-domain Javascript, and silently install Safari extensions.

tags | exploit, arbitrary, javascript

advisories | CVE-2015-1155

SHA-256 | ec1e4e18a1e9d055c3ab49c1e568cfd98484e3ffe54d3a28caba066e8099b47f

Download | Favorite | View

Ubuntu Security Notice USN-2937-1

Posted Mar 22, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2937-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss

systems | linux, ubuntu

advisories | CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081, CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127, CVE-2015-1153, CVE-2015-1155, CVE-2015-3658, CVE-2015-3659, CVE-2015-3727, CVE-2015-3731, CVE-2015-3741, CVE-2015-3743, CVE-2015-3745, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801, CVE-2015-5809, CVE-2015-5822, CVE-2015-5928

SHA-256 | 9e8b68079ff3270e979de901c8faf5bdecbde047aa6e873a355a2b80f1b1099e

Download | Favorite | View

Apple Security Advisory 2015-06-30-1

Posted Jul 1, 2015

Authored by Apple | Site apple.com

Apple Security Advisory 2015-06-30-1 - iOS 8.4 is now available and addresses denial of service, an incorrect issued certificate, arbitrary code execution, and various other flaws.

tags | advisory, denial of service, arbitrary, code execution

systems | apple, ios

advisories | CVE-2013-1741, CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2015-1152, CVE-2015-1153, CVE-2015-1155, CVE-2015-1156, CVE-2015-1157, CVE-2015-3658, CVE-2015-3659, CVE-2015-3684, CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, CVE-2015-3689, CVE-2015-3690, CVE-2015-3694, CVE-2015-3703, CVE-2015-3710, CVE-2015-3717, CVE-2015-3719, CVE-2015-3721, CVE-2015-3722, CVE-2015-3723, CVE-2015-3724

SHA-256 | aa64c9a10b61a44ca9cbe32378688da43c9948d31f37b09253079d2bdffc2fbf

Download | Favorite | View

Apple Security Advisory 2015-05-06-1

Posted May 7, 2015

Authored by Apple | Site apple.com

Apple Security Advisory 2015-05-06-1 - Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 are now available and address memory corruption, information compromise, and unauthorized access vulnerabilities.

tags | advisory, vulnerability

systems | apple

advisories | CVE-2015-1152, CVE-2015-1153, CVE-2015-1154, CVE-2015-1155, CVE-2015-1156

SHA-256 | e609569d25d389b25e5239f45be52c05969d8953e40e3f411986f8d182370607

Download | Favorite | View