CVE-2017-2453 — Improper Input Validation in Apple

Vendor	Product	Version range	Fixed in
apple	ios	—	—
apple	iphone_os	<= 10.2.1	—
apple	safari	<= 10.0.3	—
apple	safari	—	—

Apple

CVE-2017-2453: Safari 10.1

vendor_apple·2017-03-27·CVSS 6.5

CVE-2017-2453 [MEDIUM] CVE-2017-2453: Safari 10.1 Apple Security Update: About the security content of Safari 10.1 Product: Safari Version: 10.1 CVE: CVE-2017-2453 Component: Safari Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: A spoofing issue existed in the handling of FaceTime prompts. This issue was addressed through improved input validation.

Apple

CVE-2017-2453: iOS 10.3

vendor_apple·2017-03-27·CVSS 6.5

CVE-2017-2453 [MEDIUM] CVE-2017-2453: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2453 Component: Safari Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: A spoofing issue existed in the handling of FaceTime prompts. This issue was addressed through improved input validation.

GHSA

GHSA-mr43-8cm5-9g7j: An issue was discovered in certain Apple products

ghsa_unreviewed·2022-05-13

CVE-2017-2453 [MEDIUM] CWE-20 GHSA-mr43-8cm5-9g7j: An issue was discovered in certain Apple products An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof FaceTime prompts in the user interface via a crafted web site.

CVE-2017-2453: An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It…

Affected

CVSS provenance