1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
Candidate: CVE-2015-3660
PublicDate: 2015-07-02
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3660
http://support.apple.com/kb/HT204950
http://lists.apple.com/archives/security-announce/2015/Jun/msg00004.html
Description:
Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit
in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows
remote attackers to inject arbitrary web script or HTML via a crafted URL
in embedded PDF content.
Ubuntu-Description:
Notes:
jdstrand> webkit receives limited support. For details, see
https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit
jdstrand> webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_webkit:
upstream_webkit: needs-triage
precise_webkit: ignored (see notes)
trusty_webkit: DNE
utopic_webkit: DNE
vivid_webkit: DNE
vivid/stable-phone-overlay_webkit: DNE
vivid/ubuntu-core_webkit: DNE
wily_webkit: DNE
xenial_webkit: DNE
yakkety_webkit: DNE
devel_webkit: DNE
Patches_webkitgtk:
upstream_webkitgtk: needs-triage
precise_webkitgtk: DNE
trusty_webkitgtk: ignored (no update available)
utopic_webkitgtk: ignored (reached end-of-life)
vivid_webkitgtk: ignored (reached end-of-life)
vivid/stable-phone-overlay_webkitgtk: DNE
vivid/ubuntu-core_webkitgtk: DNE
wily_webkitgtk: ignored (reached end-of-life)
xenial_webkitgtk: ignored (no update available)
yakkety_webkitgtk: ignored (no update available)
devel_webkitgtk: ignored (no update available)
Patches_qtwebkit-source:
upstream_qtwebkit-source: needs-triage
precise_qtwebkit-source: ignored (see notes)
trusty_qtwebkit-source: ignored (no update available)
utopic_qtwebkit-source: ignored (reached end-of-life)
vivid_qtwebkit-source: ignored (reached end-of-life)
vivid/stable-phone-overlay_qtwebkit-source: DNE
vivid/ubuntu-core_qtwebkit-source: DNE
wily_qtwebkit-source: ignored (reached end-of-life)
xenial_qtwebkit-source: ignored (no update available)
yakkety_qtwebkit-source: ignored (no update available)
devel_qtwebkit-source: ignored (no update available)
Patches_qtwebkit-opensource-src: needs-triage
upstream_qtwebkit-opensource-src: needs-triage
precise_qtwebkit-opensource-src: DNE
trusty_qtwebkit-opensource-src: ignored (no update available)
utopic_qtwebkit-opensource-src: ignored (reached end-of-life)
vivid_qtwebkit-opensource-src: ignored (reached end-of-life)
vivid/stable-phone-overlay_qtwebkit-opensource-src: DNE
vivid/ubuntu-core_qtwebkit-opensource-src: DNE
wily_qtwebkit-opensource-src: ignored (reached end-of-life)
xenial_qtwebkit-opensource-src: ignored (no update available)
yakkety_qtwebkit-opensource-src: ignored (no update available)
devel_qtwebkit-opensource-src: ignored (no update available)
|