CVE-2015-1127

Apple Safari <6.2.5-8.0.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.

References (5)

Core 5
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT204658
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032047
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2937-1

Scores

EPSS 0.0036
EPSS Percentile 27.8%

Details

CWE
CWE-200
Status published
Products (18)
apple/safari 7.0
apple/safari 7.0.1
apple/safari 7.0.2
apple/safari 7.0.3
apple/safari 7.0.4
apple/safari 7.0.5
apple/safari 7.0.6
apple/safari 7.1.0
apple/safari 7.1.1
apple/safari 7.1.2
... and 8 more
Published Apr 10, 2015
Tracked Since Feb 18, 2026