CVE-2015-3755
published 2015-08-16CVE-2015-3755: WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof…
PriorityP421medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.39%
80.7th percentile
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | < 8.4.1 | 8.4.1 |
| apple | safari | >= 6.0 < 6.2.8 | 6.2.8 |
| apple | safari | >= 7.0 < 7.1.8 | 7.1.8 |
| apple | safari | >= 8.0 < 8.0.8 | 8.0.8 |
| apple | safari_8.0.8_safari_7.1.8_and_safari | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM
GHSA
GHSA-42x7-26ff-22r9: WebKit in Apple Safari before 6
ghsa_unreviewed·2022-05-14
CVE-2015-3755 [MEDIUM] GHSA-42x7-26ff-22r9: WebKit in Apple Safari before 6
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
OSV
CVE-2015-3755: WebKit in Apple Safari before 6
osv·2015-08-16·CVSS 4.3
CVE-2015-3755 [MEDIUM] CVE-2015-3755: WebKit in Apple Safari before 6
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
Apple
CVE-2015-3755: Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
vendor_apple·CVSS 4.3
CVE-2015-3755 [MEDIUM] CVE-2015-3755: Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
Apple Security Update: About the security content of Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
Product: Safari 8.0.8, Safari 7.1.8, and Safari
Version: 6.2.8
CVE: CVE-2015-3755
Component: CVE-ID
Apple
CVE-2015-3755: iOS 8.4.1
vendor_apple·CVSS 4.3
CVE-2015-3755 [MEDIUM] CVE-2015-3755: iOS 8.4.1
Apple Security Update: About the security content of iOS 8.4.1
Product: iOS
Version: 8.4.1
CVE: CVE-2015-3755
Component: CVE-ID
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttp://lists.opensuse.org/opensuse-updates/2016-03/msg00054.htmlhttp://www.securityfocus.com/bid/76344http://www.securitytracker.com/id/1033274https://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205033http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttp://lists.opensuse.org/opensuse-updates/2016-03/msg00054.htmlhttp://www.securityfocus.com/bid/76344http://www.securitytracker.com/id/1033274https://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205033
2015-08-16
Published