Unrated severityNVD Advisory· Published May 8, 2015· Updated Jun 17, 2026
CVE-2015-1155
CVE-2015-1155
Description
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <=6.2.5
- cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:7.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:8.0.5:*:*:*:*:*:*:*
- (no CPE)range: <6.2.6, <7.1.6, <8.0.6
Patches
Vulnerability mechanics
References
9- lists.apple.com/archives/security-announce/2015/Jun/msg00001.htmlnvdVendor Advisory
- lists.apple.com/archives/security-announce/2015/May/msg00000.htmlnvdVendor Advisory
- support.apple.com/kb/HT204941nvdVendor Advisory
- support.apple.com/HT204826nvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2016-03/msg00054.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-03/msg00132.htmlnvd
- www.securityfocus.com/bid/74527nvd
- www.securitytracker.com/id/1032270nvd
- www.ubuntu.com/usn/USN-2937-1nvd
News mentions
0No linked articles in our index yet.