CVE-2015-1128

The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
applesafari
𝑥
≤ 6.2.4
applesafari
7.0
applesafari
7.0.1
applesafari
7.0.2
applesafari
7.0.3
applesafari
7.0.4
applesafari
7.0.5
applesafari
7.0.6
applesafari
7.1.0
applesafari
7.1.1
applesafari
7.1.2
applesafari
7.1.3
applesafari
7.1.4
applesafari
8.0.0
applesafari
8.0.1
applesafari
8.0.2
applesafari
8.0.3
applesafari
8.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html
http://www.securitytracker.com/id/1032047
https://support.apple.com/HT204658
http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html
http://www.securitytracker.com/id/1032047
https://support.apple.com/HT204658