← back
CVE-2015-1155

CVE-2015-1155

23Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 11%
from disclosure to weapon0 days
Published on NVDMay 8
metasploitJan 16
exploitation probability
11%top 5% of all CVEs
observed exploitation
nono source reports it
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
Affected products
n/a · n/a