Apple Safari information leakage (CVE-2015-1155)
Apple Safari information leakage (CVE-2015-1155)
Release date:
Updated on:
Affected Systems:
Apple Safari <8.0.6
Apple Safari <7.1.6
Apple Safari <6.2.6
Description:
Bugtraq id: 74527
CVE (CAN) ID: CVE-2015-1155
Safari is the browser in Mac OS X, the latest operating system of Apple Computer. It uses KDE's KHTML as the core of browser computing.
A security vulnerability exists in the history Implementation of WebKit. Remote attackers can exploit this vulnerability to bypass the same-origin policy and read arbitrary files by constructing a website.
<* Source: Joe Vennix
*>
Suggestion:
Vendor patch:
Apple
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://lists.apple.com/archives/security-announce/2015/May/msg00000.html
Https://support.apple.com/HT204826
Safari details: click here
Safari: click here
This article permanently updates the link address: