CVE-2015-1112
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
10/04/2015
Last modified:
30/11/2015
Description
Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as used on iOS before 8.3 and other platforms, does not properly delete browsing-history data from the history.plist file, which allows attackers to obtain sensitive information by reading this file.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* | 8.2 (including) | |
| cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* | 6.2.4 (including) | |
| cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page