Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1084

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-1084
Last Modified 30 Sep 2015 01:39:28
Published 18 Mar 2015 06:59:15
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-1084

Summary

The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.

Vulnerable Systems

Operating System

  • Apple Iphone Os 8.2

Application

  • Apple Safari 6.2.3

  • Apple Safari 7.0

  • Apple Safari 7.0.1

  • Apple Safari 7.0.2

  • Apple Safari 7.0.3

  • Apple Safari 7.0.4

  • Apple Safari 7.0.5

  • Apple Safari 7.0.6

  • Apple Safari 7.1.0

  • Apple Safari 7.1.1

  • Apple Safari 7.1.2

  • Apple Safari 7.1.3

  • Apple Safari 8.0.0

  • Apple Safari 8.0.1

  • Apple Safari 8.0.2

  • Apple Safari 8.0.3


References

CONFIRM - https://support.apple.com/HT204560

APPLE - APPLE-SA-2015-03-17-1

SECTRACK - 1031936

CONFIRM - https://support.apple.com/HT204661

APPLE - APPLE-SA-2015-04-08-3

Related Patches

Apple Safari 8.0.4 for Mac OS X (HT204560)

Apple Safari 7.1.4 for Mac OS X (HT204560)

Apple Safari 6.2.4 for Mac OS X (HT204560)


Last Updated: 27 May 2016 11:09:58