Details of VAR-201507-0424

ID

VAR-201507-0424

CVE

CVE-2015-3660

TITLE

Apple Safari Used in etc. WebKit of PDF Cross-site scripting vulnerability in functionality

Trust: 0.8

sources: JVNDB: JVNDB-2015-003392

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content. Apple Safari Used in etc. Successful exploits may allow the attacker to gain access to sensitive information. Information obtained may lead to further attacks. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. The following versions are affected: Apple Safari prior to 6.2.7, 7.x prior to 7.1.7, and 8.x prior to 8.0.7. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 are now available and address the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3 Impact: A maliciously crafted website can access the WebSQL databases of other websites Description: An issue existed in the authorization checks for renaming WebSQL tables. This could have allowed a maliciously crafted website to access databases belonging to other websites. The issue was addressed with improved authorization checks. CVE-ID CVE-2015-3727 : Peter Rutenbar working with HP's Zero Day Initiative WebKit Page Loading Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3 Impact: Visiting a maliciously crafted website may lead to account account takeover Description: An issue existed where Safari would preserve the Origin request header for cross-origin redirects, allowing malicious websites to circumvent CSRF protections. This issue was addressed through improved handling of redirects. CVE-ID CVE-2015-3658 : Brad Hill of Facebook WebKit PDF Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3 Impact: Clicking a maliciously crafted link in a PDF embedded in a webpage may lead to cookie theft or user information leakage Description: An issue existed with PDF-embedded links which could execute JavaScript in a hosting webpage's context. This issue was addressed by restricting the support for JavaScript links. CVE-ID CVE-2015-3660 : Apple WebKit Storage Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3 Impact: Visiting a maliciously crafted webpage may lead to an unexpected application termination or arbitrary code execution Description: An insufficient comparison issue existed in SQLite authorizer which allowed invocation of arbitrary SQL functions. This issue was addressed with improved authorization checks. CVE-ID CVE-2015-3659 : Peter Rutenbar working with HP's Zero Day Initiative Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVke9DAAoJEBcWfLTuOo7tE7oP/0PWt+3zpRGevnWaTR1cdCSR ixlIqZ+OrwfGluIpnQIrMx8Lw2F954/Afcv68QW5pDwU02UYIiHXFiryFG2YYu6k +n1mnqY/5n3uo3+V18Tfi7q8WFoEfi607PbXUt/Q3FCu+NuQBl3nrVWo53f+a44v Pb08QVMyj+g0KWNoMudA7T/G9yXsnZFm6rBKkl1D+2Cwyx/DB2i4guHleJNawM/m 8vCgIc4FReFOz03EqW3Vzqp3qWd4AovRLX8iG+62mUU8AgAVVurJdhxPNjqzmoAi Zg1MDM2un4Op6QvLpJzG9zwW5/s+H8GVLPIYnK+uASu5UR0EU3yqb0UOCHbyG6iI DFaRDyHXaNBWglFxRdl/Lvbz/ZQyAdc3MJMaHOSHchvu7CX3x2szTKkPr1nd/7bS RB5JWTBKjz9G0zOp4d44u49oW4/43yV/kcjs7isBKyzPpO67dzukMDjjeKlkYAVE gOoYtQMcorh2PrMEAW7MN2jB9R0f7gEOr2txRLgy0NakI/W+WVK8wysbDNvsjEE4 9UynLpQHqmlEL68ZyXGPrbn7Q4dO3qdL3fYsCp/57o7wDkIfASBehTet4Va3yobr ZikiQkMU9QnYYWiN0whHzgtq+ONFg8B3hroD9XgfpG8kldjXyI6cOj6QY9e276m4 U31+XzCwLCTXylgolNOw =9Wfv -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2015-3660 // JVNDB: JVNDB-2015-003392 // BID: 75494 // VULHUB: VHN-81621 // VULMON: CVE-2015-3660 // PACKETSTORM: 132520

AFFECTED PRODUCTS

vendor:	apple	model:	safari	scope:	eq	version:	8.0.4	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	7.1.4	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	8.0.3	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	7.1.6	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	7.1.5	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	8.0.6	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	8.0.2	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	7.1.3	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	7.1.1	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	8.0.5	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	7.0.3	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0.4	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0.6	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.1.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0.5	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.1.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	8.0.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	lte	version:	6.2.6	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	7.0.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	8.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	lt	version:	6.2.7 (os x mavericks v10.9.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	6.2.7 (os x mountain lion v10.8.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	6.2.7 (os x yosemite v10.10.3)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.1.7 (os x mavericks v10.9.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.1.7 (os x mountain lion v10.8.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	7.1.7 (os x yosemite v10.10.3)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	8.0.7 (os x mavericks v10.9.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	8.0.7 (os x mountain lion v10.8.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	8.0.7 (os x yosemite v10.10.3)	Trust: 0.8

sources: JVNDB: JVNDB-2015-003392 // CNNVD: CNNVD-201507-022 // NVD: CVE-2015-3660

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-3660
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-3660
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201507-022
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-81621
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2015-3660
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-3660
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-81621
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-81621 // VULMON: CVE-2015-3660 // JVNDB: JVNDB-2015-003392 // CNNVD: CNNVD-201507-022 // NVD: CVE-2015-3660

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-81621 // JVNDB: JVNDB-2015-003392 // NVD: CVE-2015-3660

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-022

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201507-022

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003392

PATCH

title:	APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7	url:	http://lists.apple.com/archives/security-announce/2015/Jun/msg00004.html	Trust: 0.8
title:	HT204950	url:	http://support.apple.com/en-us/HT204950	Trust: 0.8
title:	HT204950	url:	http://support.apple.com/ja-jp/HT204950	Trust: 0.8
title:	quicktime7.7.7_installer	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56517	Trust: 0.6
title:	osxupd10.10.4	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56516	Trust: 0.6
title:	iPhone7,1_8.4_12H143_Restore	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56515	Trust: 0.6
title:	-	url:	https://github.com/0xCyberY/CVE-T4PDF	Trust: 0.1

sources: VULMON: CVE-2015-3660 // JVNDB: JVNDB-2015-003392 // CNNVD: CNNVD-201507-022

EXTERNAL IDS

db:	NVD	id:	CVE-2015-3660	Trust: 3.0
db:	BID	id:	75494	Trust: 1.5
db:	SECTRACK	id:	1032754	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-003392	Trust: 0.8
db:	CNNVD	id:	CNNVD-201507-022	Trust: 0.7
db:	VULHUB	id:	VHN-81621	Trust: 0.1
db:	VULMON	id:	CVE-2015-3660	Trust: 0.1
db:	PACKETSTORM	id:	132520	Trust: 0.1

sources: VULHUB: VHN-81621 // VULMON: CVE-2015-3660 // BID: 75494 // JVNDB: JVNDB-2015-003392 // PACKETSTORM: 132520 // CNNVD: CNNVD-201507-022 // NVD: CVE-2015-3660

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2015/jun/msg00004.html	Trust: 1.8
url:	http://support.apple.com/kb/ht204950	Trust: 1.8
url:	http://www.securityfocus.com/bid/75494	Trust: 1.3
url:	http://www.securitytracker.com/id/1032754	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3660	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3660	Trust: 0.8
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	http://www.apple.com/safari/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/79.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=39580	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-3660	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-3727	Trust: 0.1
url:	http://support.apple.com/kb/ht1222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-3658	Trust: 0.1
url:	http://gpgtools.org	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-3659	Trust: 0.1

sources: VULHUB: VHN-81621 // VULMON: CVE-2015-3660 // BID: 75494 // JVNDB: JVNDB-2015-003392 // PACKETSTORM: 132520 // CNNVD: CNNVD-201507-022 // NVD: CVE-2015-3660

CREDITS

Apple

Trust: 0.4

sources: BID: 75494 // PACKETSTORM: 132520

SOURCES

db:	VULHUB	id:	VHN-81621
db:	VULMON	id:	CVE-2015-3660
db:	BID	id:	75494
db:	JVNDB	id:	JVNDB-2015-003392
db:	PACKETSTORM	id:	132520
db:	CNNVD	id:	CNNVD-201507-022
db:	NVD	id:	CVE-2015-3660

LAST UPDATE DATE

2025-04-13T22:22:10.031000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-81621	date:	2016-12-28T00:00:00
db:	VULMON	id:	CVE-2015-3660	date:	2016-12-28T00:00:00
db:	BID	id:	75494	date:	2016-02-02T20:04:00
db:	JVNDB	id:	JVNDB-2015-003392	date:	2015-07-08T00:00:00
db:	CNNVD	id:	CNNVD-201507-022	date:	2015-07-03T00:00:00
db:	NVD	id:	CVE-2015-3660	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-81621	date:	2015-07-03T00:00:00
db:	VULMON	id:	CVE-2015-3660	date:	2015-07-03T00:00:00
db:	BID	id:	75494	date:	2015-06-30T00:00:00
db:	JVNDB	id:	JVNDB-2015-003392	date:	2015-07-08T00:00:00
db:	PACKETSTORM	id:	132520	date:	2015-07-01T05:38:21
db:	CNNVD	id:	CNNVD-201507-022	date:	2015-07-03T00:00:00
db:	NVD	id:	CVE-2015-3660	date:	2015-07-03T01:59:19.510