The history implementation in WebKit, as used in Apple Safari prior to 6.2.6, 7.x prior to 7.1.6, and 8.x prior to 8.0.6, allows remote malicious users to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os |
||
apple safari 7.0.3 |
||
apple safari |
||
apple safari 7.0 |
||
apple safari 7.1.0 |
||
apple safari 7.1.1 |
||
apple safari 8.0.2 |
||
apple safari 8.0.3 |
||
apple safari 7.0.4 |
||
apple safari 7.1.4 |
||
apple safari 7.1.5 |
||
apple safari 7.0.1 |
||
apple safari 7.0.2 |
||
apple safari 7.1.2 |
||
apple safari 7.1.3 |
||
apple safari 8.0.4 |
||
apple safari 8.0.5 |
||
apple safari 7.0.5 |
||
apple safari 7.0.6 |
||
apple safari 8.0.0 |
||
apple safari 8.0.1 |
Webkit history, page loading and everyday browsing holes plugged
Apple has update its Safari browser to quash three Webkit-derived bugs. One of the bugs, CVE-2015-1155 , meant “ Visiting a maliciously crafted website may compromise user information on the filesystem,” thanks to “A state management issue … that allowed unprivileged origins to access contents on the filesystem.” CVE-2015-1156 “Visiting a malicious website by clicking a link may lead to user interface spoofing.” An issue in “... the handling of the rel attribute in anchor element...