CVE-2014-4467Apple Iphone OS vulnerability

CWE-174 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 57.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple Iphone OSApple IOS
Timeline
PublishedJan 30
Latest updateMay 17

Description

WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDapple/iphone_os8.1.2
Appleapple/ios8.1.3

🔴Vulnerability Details

2
GHSA
GHSA-cvpw-fqmx-ggx7: WebKit, as used in Apple iOS before 82022-05-17
OSV
CVE-2014-4467: WebKit, as used in Apple iOS before 82015-01-30

📋Vendor Advisories

1
Apple
CVE-2014-4467: iOS 8.1.3
CVE-2014-4467 — Apple Iphone OS vulnerability | cvebase