← back
CVE-2015-3729

CVE-2015-3729

EPSS 2.2%
Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not indicate what web site originated an input prompt, which allows remote attackers to conduct spoofing attacks via a crafted site.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttps://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205033http://www.securityfocus.com/bid/76342http://www.securitytracker.com/id/1033274