CVE-2012-3742Apple Iphone OS vulnerability

CWE-2643 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 40.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedSep 20
Latest updateMay 17

Description

Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapple/iphone_os5.1.1+39

🔴Vulnerability Details

2
GHSA
GHSA-8qp8-cphr-rp5h: Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which2022-05-17
OSV
CVE-2012-3742: Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which2012-09-20
CVE-2012-3742 — Apple Iphone OS vulnerability | cvebase