exploitDog

CVE-2014-4467

Опубликовано: 30 янв. 2015

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site.

Ссылки

http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html
Vendor Advisory
http://support.apple.com/HT204245
Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html
Vendor Advisory
http://support.apple.com/HT204245
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 8.1.2 (включая)

EPSS

Процентиль: 42%

0.00205

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-17

Связанные уязвимости

CVE-2014-4467

ubuntu

около 11 лет назад

WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site.

GHSA-cvpw-fqmx-ggx7

github

больше 3 лет назад

WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site.

EPSS

Процентиль: 42%

0.00205

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-17