CVE-2015-1084
published 2015-03-18CVE-2015-1084: The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it…
PriorityP420medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
0.43%
63.2th percentile
The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | <= 8.2 | — |
| apple | safari | <= 6.2.3 | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari_8.0.4_safari_7.1.4_and_safari | — | — |
Apple
CVE-2015-1084: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
vendor_apple·CVSS 5.0
CVE-2015-1084 [MEDIUM] CVE-2015-1084: Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Apple Security Update: About the security content of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Product: Safari 8.0.4, Safari 7.1.4, and Safari
Version: 6.2.4
CVE: CVE-2015-1084
Component: CVE-ID
Apple
CVE-2015-1084: iOS 8.3
vendor_apple·CVSS 5.0
CVE-2015-1084 [MEDIUM] CVE-2015-1084: iOS 8.3
Apple Security Update: About the security content of iOS 8.3
Product: iOS
Version: 8.3
CVE: CVE-2015-1084
Component: CVE-ID
GHSA
GHSA-94p8-6mcv-x2gr: The user interface in WebKit, as used in Apple Safari before 6
ghsa_unreviewed·2022-05-17
CVE-2015-1084 [MEDIUM] GHSA-94p8-6mcv-x2gr: The user interface in WebKit, as used in Apple Safari before 6
The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Mar/msg00004.htmlhttp://www.securitytracker.com/id/1031936https://support.apple.com/HT204560https://support.apple.com/HT204661http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Mar/msg00004.htmlhttp://www.securitytracker.com/id/1031936https://support.apple.com/HT204560https://support.apple.com/HT204661
2015-03-18
Published