CVE-2015-3727

Published Jul 3, 2015

Last updated 8 years ago

Overview

Description: WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.
Source: product-security@apple.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3CBE396-522D-42D2-90D8-EC816E582642",
            "versionEndIncluding": "6.2.6"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88D46FE5-10D2-44A0-ACAE-CEED8BD0C30C"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "391B4255-4434-4EB3-929B-3E593D9CD249"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40B87D10-55B3-42E7-8FF6-93EDF003337D"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D4EBCD8-9DD5-468E-8B5B-49E38FEBCEC2"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B8C7AEC-F54A-4843-A0EA-C7DD847BEF5B"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49457917-495E-4D17-A0AB-D2A163D4721D"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CCADCE6-92F3-4A30-AA29-4E3394C1A3CF"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E74D3F4B-111E-4F51-ACB4-6725C4BF8DB6"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "223B13DA-9328-46C2-8426-3182D55E6669"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD636DF3-E590-4603-9D18-CC2375A97750"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0F8336F-D0F8-4337-9DF6-51B60F8A2E9B"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79C2EF49-A9F0-4612-903A-A3A95805277E"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E1934F2-5917-4C15-8869-82C557BF430D"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:7.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3567D600-C756-4FB5-B4B1-9B014A990A7B"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3587E5B7-4B66-4DB4-86A3-6E37034747C2"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB1C61F7-BAF4-4061-8B1A-D7F8D597F2D5"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A5C7D83-EA9E-4E26-910D-8471252723EF"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE29EE2D-9EA8-4486-BC3F-B0CCF9C396F6"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FDB5E2A-F3BD-4500-922E-A191C45DE93C"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E55F641-AC7F-41AD-BB6A-F69831DAD49E"
          },
          {
            "criteria": "cpe:2.3:a:apple:safari:8.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C46A6C6-292D-4F67-9DF4-DFA01DCEA387"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB31BE7C-CB6D-447E-AFF8-618998950FC5",
            "versionEndIncluding": "8.3"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68566BD8-D5DD-4747-9C9A-59154400EBFA",
            "versionEndIncluding": "10.10.3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References