← back
CVE-2015-1126

CVE-2015-1126

EPSS 10.0%
WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Apr/msg00002.htmlhttps://support.apple.com/HT204658https://support.apple.com/HT204661http://www.securitytracker.com/id/1032047