CVE-2014-1345 — Apple Iphone OS vulnerability
3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 30.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 1
Latest updateMay 17
Description
WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site.
CVSS vector
AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9