exploitDog

CVE-2018-4149

Опубликовано: 03 апр. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "SafariViewController" component. It allows remote attackers to spoof the user interface via a crafted web site that leverages input into a partially loaded page.

Ссылки

http://www.securityfocus.com/bid/103578
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040604
Third Party Advisory
VDB Entry
https://support.apple.com/HT208693
Vendor Advisory
http://www.securityfocus.com/bid/103578
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040604
Third Party Advisory
VDB Entry
https://support.apple.com/HT208693
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 11.3 (исключая)

EPSS

Процентиль: 81%

0.01577

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-hw33-rj8p-4j9j

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "SafariViewController" component. It allows remote attackers to spoof the user interface via a crafted web site that leverages input into a partially loaded page.

EPSS

Процентиль: 81%

0.01577

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20