UBUNTU-CVE-2015-1126
- Source
- https://ubuntu.com/security/CVE-2015-1126
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-1126.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2015-1126
- Upstream
- Published
- 2015-04-10T14:59:00Z
- Modified
- 2025-10-24T04:45:19Z
- Severity
-
- Ubuntu - medium
- Summary
- [none]
- Details
-
WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors.
- References
-
- https://ubuntu.com/security/CVE-2015-1126
- https://support.apple.com/HT204661
- https://support.apple.com/HT204658
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html
- https://www.cve.org/CVERecord?id=CVE-2015-1126
Affected packages
Ubuntu:16.04:LTS / qtwebkit-opensource-src
Package
- Name
- qtwebkit-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebkit-opensource-src@5.5.1+dfsg-2ubuntu1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.5.1+dfsg-2ubuntu1",
"binary_name": "libqt5webkit5"
},
{
"binary_version": "5.5.1+dfsg-2ubuntu1",
"binary_name": "libqt5webkit5-dev"
},
{
"binary_version": "5.5.1+dfsg-2ubuntu1",
"binary_name": "libqt5webkit5-qmlwebkitplugin"
},
{
"binary_version": "5.5.1+dfsg-2ubuntu1",
"binary_name": "qml-module-qtwebkit"
},
{
"binary_version": "5.5.1+dfsg-2ubuntu1",
"binary_name": "qtwebkit5-doc-html"
}
]
}
Ubuntu:16.04:LTS / qtwebkit-source
Package
- Name
- qtwebkit-source
- Purl
- pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu11?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:16.04:LTS / webkitgtk
Package
- Name
- webkitgtk
- Purl
- pkg:deb/ubuntu/webkitgtk@2.4.11-0ubuntu0.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "gir1.2-javascriptcoregtk-3.0"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "gir1.2-webkit-3.0"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "gir1.2-webkit2-3.0"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libjavascriptcoregtk-1.0-0"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libjavascriptcoregtk-1.0-dev"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libjavascriptcoregtk-3.0-0"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libjavascriptcoregtk-3.0-bin"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libjavascriptcoregtk-3.0-dev"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkit-dev"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkit2gtk-3.0-25"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkit2gtk-3.0-dev"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkitgtk-1.0-0"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkitgtk-1.0-common"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkitgtk-3.0-0"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkitgtk-3.0-common"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkitgtk-3.0-dev"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkitgtk-common-dev"
},
{
"binary_version": "2.4.11-0ubuntu0.1",
"binary_name": "libwebkitgtk-dev"
}
]
}