4.3
CVSSv2

CVE-2015-1129

Published: 10/04/2015 Updated: 29/09/2015
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Apple Safari prior to 6.2.5, 7.x prior to 7.1.5, and 8.x prior to 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site.

Affected Products

Vendor Product Versions
AppleSafari6.2.4, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4
AppleIphone Os8.4.1

Vendor Advisories

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available To learn more about Apple Product Security, see the Apple Product Security website For information about the Apple Product Security PGP Key, see How to use ...