Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 28 Dec 2015 19:33:36 +0100
From: Carlos Alberto Lopez Perez <clopez@...lia.com>
To: webkit-gtk@...ts.webkit.org
Cc: bugtraq@...urityfocus.com, oss-security@...ts.openwall.com
Subject: WebKitGTK+ Security Advisory WSA-2015-0002

------------------------------------------------------------------------
WebKitGTK+ Security Advisory                               WSA-2015-0002
------------------------------------------------------------------------

Date reported      : December 28, 2015
Advisory ID        : WSA-2015-0002
Advisory URL       : http://webkitgtk.org/security/WSA-2015-0002.html
CVE identifiers    : CVE-2013-6663, CVE-2014-1748, CVE-2014-3192,
                     CVE-2014-4409, CVE-2014-4410, CVE-2014-4411,
                     CVE-2014-4412, CVE-2014-4413, CVE-2014-4414,
                     CVE-2014-4452, CVE-2014-4459, CVE-2014-4465,
                     CVE-2014-4466, CVE-2014-4468, CVE-2014-4469,
                     CVE-2014-4470, CVE-2014-4471, CVE-2014-4472,
                     CVE-2014-4473, CVE-2014-4474, CVE-2014-4475,
                     CVE-2014-4476, CVE-2014-4477, CVE-2014-4479,
                     CVE-2015-1068, CVE-2015-1069, CVE-2015-1070,
                     CVE-2015-1071, CVE-2015-1072, CVE-2015-1073,
                     CVE-2015-1074, CVE-2015-1075, CVE-2015-1076,
                     CVE-2015-1077, CVE-2015-1080, CVE-2015-1081,
                     CVE-2015-1082, CVE-2015-1083, CVE-2015-1084,
                     CVE-2015-1119, CVE-2015-1120, CVE-2015-1121,
                     CVE-2015-1122, CVE-2015-1124, CVE-2015-1126,
                     CVE-2015-1127, CVE-2015-1152, CVE-2015-1153,
                     CVE-2015-1154, CVE-2015-1155, CVE-2015-1156,
                     CVE-2015-2330, CVE-2015-3658, CVE-2015-3659,
                     CVE-2015-3660, CVE-2015-3727, CVE-2015-3730,
                     CVE-2015-3731, CVE-2015-3732, CVE-2015-3733,
                     CVE-2015-3734, CVE-2015-3735, CVE-2015-3736,
                     CVE-2015-3737, CVE-2015-3738, CVE-2015-3739,
                     CVE-2015-3740, CVE-2015-3741, CVE-2015-3742,
                     CVE-2015-3743, CVE-2015-3744, CVE-2015-3745,
                     CVE-2015-3746, CVE-2015-3747, CVE-2015-3748,
                     CVE-2015-3749, CVE-2015-3750, CVE-2015-3751,
                     CVE-2015-3752, CVE-2015-3753, CVE-2015-3754,
                     CVE-2015-3755, CVE-2015-5788, CVE-2015-5789,
                     CVE-2015-5790, CVE-2015-5791, CVE-2015-5792,
                     CVE-2015-5793, CVE-2015-5794, CVE-2015-5795,
                     CVE-2015-5797, CVE-2015-5798, CVE-2015-5799,
                     CVE-2015-5800, CVE-2015-5801, CVE-2015-5802,
                     CVE-2015-5803, CVE-2015-5804, CVE-2015-5805,
                     CVE-2015-5806, CVE-2015-5807, CVE-2015-5809,
                     CVE-2015-5810, CVE-2015-5811, CVE-2015-5812,
                     CVE-2015-5813, CVE-2015-5814, CVE-2015-5815,
                     CVE-2015-5816, CVE-2015-5817, CVE-2015-5818,
                     CVE-2015-5819, CVE-2015-5822, CVE-2015-5823,
                     CVE-2015-5825, CVE-2015-5826, CVE-2015-5827,
                     CVE-2015-5828, CVE-2015-5928, CVE-2015-5929,
                     CVE-2015-5930, CVE-2015-5931, CVE-2015-7002,
                     CVE-2015-7012, CVE-2015-7013, CVE-2015-7014,
                     CVE-2015-7048, CVE-2015-7095, CVE-2015-7097,
                     CVE-2015-7099, CVE-2015-7100, CVE-2015-7102,
                     CVE-2015-7103, CVE-2015-7104.

Several vulnerabilities were discovered on WebKitGTK+.

CVE-2013-6663
    Versions affected: WebKitGTK+ before 2.4.0.
    Credit to Atte Kettunen of OUSPG.
    Use-after-free vulnerability in the SVGImage::setContainerSize
    function in core/svg/graphics/SVGImage.cpp in the SVG implementation
    in Blink, as used in Google Chrome before 33.0.1750.146, allows
    remote attackers to cause a denial of service or possibly have
    unspecified other impact via vectors related to the resizing of a
    view.

CVE-2014-1748
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Jordan Milne.
    The ScrollView::paint function in platform/scroll/ScrollView.cpp in
    Blink, as used in Google Chrome before 35.0.1916.114, allows remote
    attackers to spoof the UI by extending scrollbar painting into the
    parent frame.

CVE-2014-3192
    Versions affected: WebKitGTK+ before 2.6.3.
    Credit to cloudfuzzer.
    Use-after-free vulnerability in the
    ProcessingInstruction::setXSLStyleSheet function in
    core/dom/ProcessingInstruction.cpp in the DOM implementation in
    Blink, as used in Google Chrome before 38.0.2125.101, allows remote
    attackers to cause a denial of service or possibly have unspecified
    other impact via unknown vectors.

CVE-2014-4409
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Yosuke Hasegawa (NetAgent Co., Led.).
    WebKit in Apple iOS before 8 makes it easier for remote attackers to
    track users during private browsing via a crafted web site that
    reads HTML5 application-cache data that had been stored during
    normal browsing.

CVE-2014-4410
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Eric Seidel of Google.
    WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4411
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Google Chrome Security Team.
    WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4412
    Versions affected: WebKitGTK+ before 2.4.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4413
    Versions affected: WebKitGTK+ before 2.4.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4414
    Versions affected: WebKitGTK+ before 2.4.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.

CVE-2014-4452
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to unknown.
    WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption and application crash) via a crafted
    web site, a different vulnerability than CVE-2014-4462.

CVE-2014-4459
    Versions affected: WebKitGTK+ before 2.6.2.
    Credit to unknown.
    Use-after-free vulnerability in WebKit, as used in Apple OS X before
    10.10.1, allows remote attackers to execute arbitrary code via
    crafted page objects in an HTML document.

CVE-2014-4465
    Versions affected: WebKitGTK+ before 2.6.2.
    Credit to Rennie deGraaf of iSEC Partners.
    WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x
    before 8.0.1 allows remote attackers to bypass the Same Origin
    Policy via crafted Cascading Style Sheets (CSS) token sequences
    within an SVG file in the SRC attribute of an IMG element.

CVE-2014-4466
    Versions affected: WebKitGTK+ before 2.6.2.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4468
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4469
    Versions affected: WebKitGTK+ before 2.6.4.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4470
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4471
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4472
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4473
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4474
    Versions affected: WebKitGTK+ before 2.6.2.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4475
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and
    8.x before 8.0.1, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2014-12-2-1.

CVE-2014-4476
    Versions affected: WebKitGTK+ before 2.6.2.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.1.3; Apple Safari before
    6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before
    7.0.3, allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2014-4477 and
    CVE-2014-4479.

CVE-2014-4477
    Versions affected: WebKitGTK+ before 2.6.4.
    Credit to lokihardt@...T working with HP’s Zero Day Initiative.
    WebKit, as used in Apple iOS before 8.1.3; Apple Safari before
    6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before
    7.0.3, allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2014-4476 and
    CVE-2014-4479.

CVE-2014-4479
    Versions affected: WebKitGTK+ before 2.6.4.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.1.3; Apple Safari before
    6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before
    7.0.3, allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2014-4476 and
    CVE-2014-4477.

CVE-2015-1068
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1069
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1070
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1071
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1072
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to unknown.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1073
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1074
    Versions affected: WebKitGTK+ before 2.6.4.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1075
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Google Chrome Security Team.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1076
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to unknown.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1077
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1080
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1081
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1082
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1083
    Versions affected: WebKitGTK+ before 2.6.4.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and
    8.x before 8.0.4, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1084
    Versions affected: WebKitGTK+ before 2.6.1.
    Credit to Apple.
    The user interface in WebKit, as used in Apple Safari before 6.2.4,
    7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs
    consistently, which makes it easier for remote attackers to conduct
    phishing attacks via a crafted URL.

CVE-2015-1119
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Renata Hodovan of University of Szeged / Samsung
    Electronics.
    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and
    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption and application crash) via a crafted
    web site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-
    SA-2015-04-08-4.

CVE-2015-1120
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and
    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption and application crash) via a crafted
    web site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-
    SA-2015-04-08-4.

CVE-2015-1121
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and
    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption and application crash) via a crafted
    web site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-
    SA-2015-04-08-4.

CVE-2015-1122
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and
    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption and application crash) via a crafted
    web site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-
    SA-2015-04-08-4.

CVE-2015-1124
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and
    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,
    allows remote attackers to execute arbitrary code or cause a denial
    of service (memory corruption and application crash) via a crafted
    web site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-
    SA-2015-04-08-4.

CVE-2015-1126
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Jouko Pynnonen of Klikki Oy.
    WebKit, as used in Apple iOS before 8.3 and Apple Safari before
    6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly
    handle the userinfo field in FTP URLs, which allows remote attackers
    to trigger incorrect resource access via unspecified vectors.

CVE-2015-1127
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Tyler C (2.6.5).
    The private-browsing implementation in WebKit in Apple Safari before
    6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing
    history into an index, which might allow local users to obtain
    sensitive information by reading index entries.

CVE-2015-1152
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and
    8.x before 8.0.6, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than
    CVE-2015-1153 and CVE-2015-1154.

CVE-2015-1153
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple (2.6.5).
    WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and
    8.x before 8.0.6, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than
    CVE-2015-1152 and CVE-2015-1154.

CVE-2015-1154
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple (2.6.5).
    WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and
    8.x before 8.0.6, allows remote attackers to execute arbitrary code
    or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than
    CVE-2015-1152 and CVE-2015-1153.

CVE-2015-1155
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Joe Vennix of Rapid7 Inc. working with HP's Zero Day
    Initiative.
    The history implementation in WebKit, as used in Apple Safari before
    6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote
    attackers to bypass the Same Origin Policy and read arbitrary files
    via a crafted web site.

CVE-2015-1156
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Zachary Durber of Moodle.
    The page-loading implementation in WebKit, as used in Apple Safari
    before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not
    properly handle the rel attribute in an A element, which allows
    remote attackers to bypass the Same Origin Policy for a link's
    target, and spoof the user interface, via a crafted web site.

CVE-2015-2330
    Versions affected: WebKitGTK+ before 2.6.6.
    Credit to Ross Lagerwall.
    Late TLS certificate verification in WebKitGTK+ prior to 2.6.6
    allows remote attackers to view a secure HTTP request, including,
    for example, secure cookies.

CVE-2015-3658
    Versions affected: WebKitGTK+ before 2.8.1.
    Credit to Brad Hill of Facebook.
    The Page Loading functionality in WebKit in Apple Safari before
    6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS
    before 8.4 and other products, does not properly consider redirects
    during decisions about sending an Origin header, which makes it
    easier for remote attackers to bypass CSRF protection mechanisms via
    a crafted web site.

CVE-2015-3659
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Peter Rutenbar working with HP's Zero Day Initiative.
    The SQLite authorizer in the Storage functionality in WebKit in
    Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7,
    as used in Apple iOS before 8.4 and other products, does not
    properly restrict access to SQL functions, which allows remote
    attackers to execute arbitrary code or cause a denial of service
    (application crash) via a crafted web site.

CVE-2015-3660
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    Cross-site scripting (XSS) vulnerability in the PDF functionality in
    WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x
    before 8.0.7 allows remote attackers to inject arbitrary web script
    or HTML via a crafted URL in embedded PDF content.

CVE-2015-3727
    Versions affected: WebKitGTK+ before 2.8.1.
    Credit to Peter Rutenbar working with HP's Zero Day Initiative.
    WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x
    before 8.0.7, as used in Apple iOS before 8.4 and other products,
    does not properly restrict rename operations on WebSQL tables, which
    allows remote attackers to access an arbitrary web site's database
    via a crafted web site.

CVE-2015-3730
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3731
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3732
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3733
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3734
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3735
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3736
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3737
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3738
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3739
    Versions affected: WebKitGTK+ before 2.8.1.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3740
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3741
    Versions affected: WebKitGTK+ before 2.8.1.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3742
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3743
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3744
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3745
    Versions affected: WebKitGTK+ before 2.8.1.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3746
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3747
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3748
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3749
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,
    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to
    execute arbitrary code or cause a denial of service (memory
    corruption and application crash) via a crafted web site, a
    different vulnerability than other WebKit CVEs listed in APPLE-
    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

CVE-2015-3750
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Muneaki Nishimura (nishimunea).
    WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x
    before 8.0.8, as used in iOS before 8.4.1 and other products, does
    not enforce the HTTP Strict Transport Security (HSTS) protection
    mechanism for Content Security Policy (CSP) report requests, which
    allows man-in-the-middle attackers to obtain sensitive information
    by sniffing the network or spoof a report by modifying the client-
    server data stream.

CVE-2015-3751
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Muneaki Nishimura (nishimunea).
    WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x
    before 8.0.8, as used in iOS before 8.4.1 and other products, allows
    remote attackers to bypass a Content Security Policy protection
    mechanism by using a video control in conjunction with an IMG
    element within an OBJECT element.

CVE-2015-3752
    Versions affected: WebKitGTK+ before 2.8.4.
    Credit to Muneaki Nishimura (nishimunea).
    The Content Security Policy implementation in WebKit in Apple Safari
    before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS
    before 8.4.1 and other products, does not properly restrict cookie
    transmission for report requests, which allows remote attackers to
    obtain sensitive information via vectors involving (1) a cross-
    origin request or (2) a private-browsing request.

CVE-2015-3753
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Antonio Sanso and Damien Antipa of Adobe.
    WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x
    before 8.0.8, as used in iOS before 8.4.1 and other products, does
    not properly perform taint checking for CANVAS elements, which
    allows remote attackers to bypass the Same Origin Policy and obtain
    sensitive image data by leveraging a redirect to a data:image
    resource.

CVE-2015-3754
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Dongsung Kim (@...1ng).
    The private-browsing implementation in WebKit in Apple Safari before
    6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent
    caching of HTTP authentication credentials, which makes it easier
    for remote attackers to track users via a crafted web site.

CVE-2015-3755
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to xisigr of Tencent's Xuanwu Lab.
    WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x
    before 8.0.8, as used in iOS before 8.4.1 and other products, allows
    remote attackers to spoof the user interface via a malformed URL.

CVE-2015-5788
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    The WebKit Canvas implementation in Apple iOS before 9 allows remote
    attackers to bypass the Same Origin Policy and obtain sensitive
    image information via vectors involving a CANVAS element.

CVE-2015-5789
    Versions affected: WebKitGTK+ before 2.6.1.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5790
    Versions affected: WebKitGTK+ before 2.6.2.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5791
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes
    before 12.3, allows remote attackers to execute arbitrary code or
    cause a denial of service (memory corruption and application crash)
    via a crafted web site, a different vulnerability than other WebKit
    CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5792
    Versions affected: WebKitGTK+ before 2.4.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5793
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes
    before 12.3, allows remote attackers to execute arbitrary code or
    cause a denial of service (memory corruption and application crash)
    via a crafted web site, a different vulnerability than other WebKit
    CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5794
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5795
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5797
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5798
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple iTunes before 12.3, allows man-in-the-
    middle attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via vectors
    related to iTunes Store browsing, a different vulnerability than
    other WebKit CVEs listed in APPLE-SA-2015-09-16-3.

CVE-2015-5799
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple (2.6.5).
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5800
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple (2.6.5).
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5801
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5802
    Versions affected: WebKitGTK+ before 2.6.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5803
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5804
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5805
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to unknown.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5806
    Versions affected: WebKitGTK+ before 2.8.3.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5807
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5809
    Versions affected: WebKitGTK+ before 2.8.4.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5810
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5811
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5812
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5813
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5814
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes
    before 12.3, allows remote attackers to execute arbitrary code or
    cause a denial of service (memory corruption and application crash)
    via a crafted web site, a different vulnerability than other WebKit
    CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5815
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iTunes before 12.3, allows man-in-the-
    middle attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via vectors
    related to iTunes Store browsing, a different vulnerability than
    other WebKit CVEs listed in APPLE-SA-2015-09-16-3.

CVE-2015-5816
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes
    before 12.3, allows remote attackers to execute arbitrary code or
    cause a denial of service (memory corruption and application crash)
    via a crafted web site, a different vulnerability than other WebKit
    CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5817
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5818
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5819
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site, a different vulnerability than other WebKit CVEs listed in
    APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5822
    Versions affected: WebKitGTK+ before 2.8.1.
    Credit to Mark S. Miller of Google.
    WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes
    before 12.3, allows remote attackers to execute arbitrary code or
    cause a denial of service (memory corruption and application crash)
    via a crafted web site, a different vulnerability than other WebKit
    CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5823
    Versions affected: WebKitGTK+ before 2.8.0.
    Credit to Apple.
    WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes
    before 12.3, allows remote attackers to execute arbitrary code or
    cause a denial of service (memory corruption and application crash)
    via a crafted web site, a different vulnerability than other WebKit
    CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

CVE-2015-5825
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Yossi Oren et al. of Columbia University's Network
    Security Lab.
    WebKit in Apple iOS before 9 does not properly restrict the
    availability of Performance API times, which allows remote attackers
    to obtain sensitive information about the browser history, mouse
    movement, or network traffic via crafted JavaScript code.

CVE-2015-5826
    Versions affected: WebKitGTK+ before 2.6.5.
    Credit to filedescriptior, Chris Evans.
    WebKit in Apple iOS before 9 does not properly select the cases in
    which a Cascading Style Sheets (CSS) document is required to have
    the text/css content type, which allows remote attackers to bypass
    the Same Origin Policy via a crafted web site.

CVE-2015-5827
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Gildas.
    WebKit in Apple iOS before 9 allows remote attackers to bypass the
    Same Origin Policy and obtain an object reference via vectors
    involving a (1) custom event, (2) message event, or (3) pop state
    event.

CVE-2015-5828
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Lorenzo Fontana.
    The API in the WebKit Plug-ins component in Apple Safari before 9
    does not provide notification of an HTTP Redirection (aka 3xx)
    status code to a plugin, which allows remote attackers to bypass
    intended request restrictions via a crafted web site.

CVE-2015-5928
    Versions affected: WebKitGTK+ before 2.8.4.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and
    iTunes before 12.3.1, allows remote attackers to execute arbitrary
    code or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3,
    and APPLE-SA-2015-10-21-5.

CVE-2015-5929
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and
    iTunes before 12.3.1, allows remote attackers to execute arbitrary
    code or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3,
    and APPLE-SA-2015-10-21-5.

CVE-2015-5930
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and
    iTunes before 12.3.1, allows remote attackers to execute arbitrary
    code or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3,
    and APPLE-SA-2015-10-21-5.

CVE-2015-5931
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to unknown.
    WebKit, as used in Apple Safari before 9.0.1 and iTunes before
    12.3.1, allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than other WebKit CVEs
    listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.

CVE-2015-7002
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and
    iTunes before 12.3.1, allows remote attackers to execute arbitrary
    code or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3,
    and APPLE-SA-2015-10-21-5.

CVE-2015-7012
    Versions affected: WebKitGTK+ before 2.8.4.
    Credit to Apple.
    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and
    iTunes before 12.3.1, allows remote attackers to execute arbitrary
    code or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3,
    and APPLE-SA-2015-10-21-5.

CVE-2015-7013
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit, as used in Apple Safari before 9.0.1 and iTunes before
    12.3.1, allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than other WebKit CVEs
    listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.

CVE-2015-7014
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to unknown.
    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and
    iTunes before 12.3.1, allows remote attackers to execute arbitrary
    code or cause a denial of service (memory corruption and application
    crash) via a crafted web site, a different vulnerability than other
    WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3,
    and APPLE-SA-2015-10-21-5.

CVE-2015-7048
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before
    9.1 allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2015-7095,
    CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099,
    CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.

CVE-2015-7095
    Versions affected: WebKitGTK+ before 2.10.2.
    Credit to Apple.
    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before
    9.1 allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2015-7048,
    CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099,
    CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.

CVE-2015-7097
    Versions affected: WebKitGTK+ before 2.10.3.
    Credit to Apple.
    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before
    9.1 allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2015-7048,
    CVE-2015-7095, CVE-2015-7096, CVE-2015-7098, CVE-2015-7099,
    CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.

CVE-2015-7099
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before
    9.1 allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2015-7048,
    CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098,
    CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.

CVE-2015-7100
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before
    9.1 allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2015-7048,
    CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098,
    CVE-2015-7099, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.

CVE-2015-7102
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before
    9.1 allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2015-7048,
    CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098,
    CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7103.

CVE-2015-7103
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before
    9.1 allows remote attackers to execute arbitrary code or cause a
    denial of service (memory corruption and application crash) via a
    crafted web site, a different vulnerability than CVE-2015-7048,
    CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098,
    CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7102.

CVE-2015-7104
    Versions affected: WebKitGTK+ before 2.10.0.
    Credit to Apple.
    WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows
    remote attackers to execute arbitrary code or cause a denial of
    service (memory corruption and application crash) via a crafted web
    site.


We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.

Further information about WebKitGTK+ Security Advisories can be found
at: http://webkitgtk.org/security.html

The WebKitGTK+ team,
December 28, 2015


Download attachment "signature.asc" of type "application/pgp-signature" (884 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ