Lucene search
HistorySep 18, 2014 - 10:55 a.m.
CVE-2014-4363
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.3 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.2%
Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3) an IFRAME element.
Affected configurations
Node
appleiphone_osRange7.0–7.1.2
Node
applesafariRange6.0–6.1.5
ORapplesafariRange7.0–7.0.5
Related
cve
cve
CVE-2014-4363
2014-09-18 10:55:08
prion
prion
Code injection
2014-09-18 10:55:00
cvelist
cvelist
CVE-2014-4363
2014-09-18 10:00:00
securityvulns
securityvulns
Apple Safari / Webkit multiple security vulnerabilities
2014-09-21 00:00:00
APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1
2014-09-21 00:00:00
Apple iOS multiple security vulnerabilities
2014-09-21 00:00:00
nessus
nessus
Safari < 6.2 / 7.1 Multiple Vulnerabilities
2014-09-19 00:00:00
Mac OS X : Apple Safari < 6.2 / 7.1 Multiple Vulnerabilities
2014-09-18 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.3 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.2%
Related for NVD:CVE-2014-4363