Code injection

2012-09-2021:55:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.9%

JSON

Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page.

CPENameOperatorVersion
iphone_oseq3.0
iphone_oseq3.2
iphone_oseq3.1.3
iphone_oseq1.0.2
iphone_oseq4.3.2
iphone_oseq4.0.2
iphone_oseq2.2
iphone_oseq1.1.1
iphone_oseq4.2.8
iphone_osle5.1.1

Name	Operator	Version
iphone_os	eq	3.0
iphone_os	eq	3.2
iphone_os	eq	3.1.3
iphone_os	eq	1.0.2
iphone_os	eq	4.3.2
iphone_os	eq	4.0.2
iphone_os	eq	2.2
iphone_os	eq	1.1.1
iphone_os	eq	4.2.8
iphone_os	le	5.1.1