CVE-2014-1345

2014-07-0110:00:00

apple

www.cve.org

5.6 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.9%

JSON

WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site.

References

archives.neohapsis.com/archives/bugtraq/2014-06/0171.html

archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

secunia.com/advisories/59481

www.securityfocus.com/bid/68276

www.securitytracker.com/id/1030495