CVE-2015-1155 Information

Description

The history implementation in WebKit as used in Apple Safari before 6.2.6 7.x before 7.1.6 and 8.x before 8.0.6 allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.

Reference

http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/May/msg00000.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://support.apple.com/kb/HT204941 http://www.securityfocus.com/bid/74527 http://www.securitytracker.com/id/1032270 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT204826