5
CVSSv2

CVE-2015-1128

Published: 10/04/2015 Updated: 11/09/2015
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The private-browsing implementation in Apple Safari prior to 6.2.5, 7.x prior to 7.1.5, and 8.x prior to 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests.

Affected Products

Vendor Product Versions
AppleSafari6.2.4, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4

Vendor Advisories

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available To learn more about Apple Product Security, see the Apple Product Security website For information about the Apple Product Security PGP Key, see How to use ...