CVE-2015-1121

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.

Published: Apr 10, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-1121
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
apple / tvos	-	7.1.x
apple / iphone_os	-	8.2.x
apple / itunes	-	12.1.x
apple / safari	7.0.1	7.0.1.x
apple / safari	8.0.2	8.0.2.x
apple / safari	8.0.1	8.0.1.x
apple / safari	7.0.3	7.0.3.x
apple / safari	7.0.4	7.0.4.x
apple / safari	7.1.0	7.1.0.x
apple / safari	-	6.2.4.x
apple / safari	8.0.0	8.0.0.x
apple / safari	7.0.5	7.0.5.x
apple / safari	7.0.6	7.0.6.x
apple / safari	7.1.3	7.1.3.x
apple / safari	7.1.1	7.1.1.x
apple / safari	7.0	7.0.x
apple / safari	7.1.4	7.1.4.x
apple / safari	8.0.3	8.0.3.x
apple / safari	8.0.4	8.0.4.x
apple / safari	7.1.2	7.1.2.x
apple / safari	7.0.2	7.0.2.x

Vulnerability Database

290,206

CVE-2015-1121