← back
CVE-2012-3742

CVE-2012-3742

EPSS 1.9%
Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlhttp://osvdb.org/85632https://exchange.xforce.ibmcloud.com/vulnerabilities/78708http://support.apple.com/kb/HT5503