CVE Vulnerabilities

CVE-2015-3729

Published: Aug 16, 2015 | Modified: Feb 08, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not indicate what web site originated an input prompt, which allows remote attackers to conduct spoofing attacks via a crafted site.

Affected Software

Name Vendor Start Version End Version
Safari Apple 6.0 (including) 6.2.8 (excluding)
Safari Apple 7.0 (including) 7.1.8 (excluding)
Safari Apple 8.0 (including) 8.0.8 (excluding)

References