CVE-2015-1125 — Apple Iphone OS vulnerability

CWE-175 documents5 sources

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 49.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Apple IOS

Timeline

PublishedApr 10

Latest updateMay 17

Description

The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDapple/iphone_os8.2

▶Appleapple/ios8.3

🔴Vulnerability Details

GHSA

GHSA-cxfp-vg93-5g2w: The touch-events implementation in WebKit in Apple iOS before 8↗2022-05-17

▶

OSV

CVE-2015-1125: The touch-events implementation in WebKit in Apple iOS before 8↗2015-04-10

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows Kernel - Information Disclosure↗2020-01-27

▶

📋Vendor Advisories

Apple

CVE-2015-1125: iOS 8.3↗

▶