CVE-2015-3755 — Apple Iphone OS vulnerability

CWE-2545 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

1.4%

top 19.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Apple Safari Apple IOS +1 more

Timeline

PublishedAug 16

Latest updateMay 14

Description

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

▶NVDapple/safari6.0 — 6.2.8+2

▶Appleapple/safari_8.0.8_safari_7.1.8_and_safari6.2.8

▶NVDapple/iphone_os< 8.4.1

▶Appleapple/ios8.4.1

🔴Vulnerability Details

GHSA

GHSA-42x7-26ff-22r9: WebKit in Apple Safari before 6↗2022-05-14

▶

OSV

CVE-2015-3755: WebKit in Apple Safari before 6↗2015-08-16

▶

📋Vendor Advisories

Apple

CVE-2015-3755: Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8↗

▶

Apple

CVE-2015-3755: iOS 8.4.1↗

▶