CVE-2015-1084Apple Iphone OS vulnerability

CWE-174 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 37.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple Iphone OSApple SafariApple IOS+1 more
Timeline
PublishedMar 18
Latest updateMay 17

Description

The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

NVDapple/safari6.2.3+15
Appleapple/ios8.3

🔴Vulnerability Details

1
GHSA
GHSA-94p8-6mcv-x2gr: The user interface in WebKit, as used in Apple Safari before 62022-05-17

📋Vendor Advisories

2
Apple
CVE-2015-1084: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple
CVE-2015-1084: iOS 8.3