What is the severity of CVE-2015-1129?

CVE-2015-1129 has been rated as a moderate severity vulnerability due to its potential to enable tracking of users.

How do I fix CVE-2015-1129?

To fix CVE-2015-1129, users should update their Apple Safari browser or iPhone OS to the latest version available.

Which versions of Apple Safari are affected by CVE-2015-1129?

CVE-2015-1129 affects Apple Safari versions before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5.

Can CVE-2015-1129 be exploited remotely?

Yes, CVE-2015-1129 can be exploited remotely through a crafted website that attempts to track users.

What type of threat does CVE-2015-1129 pose to users?

CVE-2015-1129 poses a threat by potentially allowing remote attackers to track user activity without consent.

Vulnerability/
CVE-2015-1129

medium

4.3

CWE

310

10/4/2015

6/8/2024

CVE-2015-1129

First published: Fri Apr 10 2015(Updated: )

Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site.

Credit: product-security@apple.com

Affected Software	Affected Version	How to fix
iStyle @cosme iPhone OS	<=8.4.1
Apple Mobile Safari	<=6.2.4
Apple Mobile Safari	=7.0
Apple Mobile Safari	=7.0.1
Apple Mobile Safari	=7.0.2
Apple Mobile Safari	=7.0.3
Apple Mobile Safari	=7.0.4
Apple Mobile Safari	=7.0.5
Apple Mobile Safari	=7.0.6
Apple Mobile Safari	=7.1.0
Apple Mobile Safari	=7.1.1
Apple Mobile Safari	=7.1.2
Apple Mobile Safari	=7.1.3
Apple Mobile Safari	=7.1.4
Apple Mobile Safari	=8.0.0
Apple Mobile Safari	=8.0.1
Apple Mobile Safari	=8.0.2
Apple Mobile Safari	=8.0.3
Apple Mobile Safari	=8.0.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-1129?
CVE-2015-1129 has been rated as a moderate severity vulnerability due to its potential to enable tracking of users.
How do I fix CVE-2015-1129?
To fix CVE-2015-1129, users should update their Apple Safari browser or iPhone OS to the latest version available.
Which versions of Apple Safari are affected by CVE-2015-1129?
CVE-2015-1129 affects Apple Safari versions before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5.
Can CVE-2015-1129 be exploited remotely?
Yes, CVE-2015-1129 can be exploited remotely through a crafted website that attempts to track users.
What type of threat does CVE-2015-1129 pose to users?
CVE-2015-1129 poses a threat by potentially allowing remote attackers to track user activity without consent.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/author
agent/references
agent/first-publish-date
agent/description
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apple
canonical/istyle @cosme iphone os
version/istyle @cosme iphone os/8.4.1
canonical/apple mobile safari
version/apple mobile safari/6.2.4
version/apple mobile safari/7.0
version/apple mobile safari/7.0.1
version/apple mobile safari/7.0.2
version/apple mobile safari/7.0.3
version/apple mobile safari/7.0.4
version/apple mobile safari/7.0.5
version/apple mobile safari/7.0.6
version/apple mobile safari/7.1.0
version/apple mobile safari/7.1.1
version/apple mobile safari/7.1.2
version/apple mobile safari/7.1.3
version/apple mobile safari/7.1.4
version/apple mobile safari/8.0.0
version/apple mobile safari/8.0.1
version/apple mobile safari/8.0.2
version/apple mobile safari/8.0.3
version/apple mobile safari/8.0.4