CVE-2014-1345

WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site.

Published: Jul 1, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-1345
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
apple / safari	6.0	6.0.x
apple / safari	-	6.1.4.x
apple / safari	6.0.3	6.0.3.x
apple / safari	6.1.2	6.1.2.x
apple / safari	6.0.2	6.0.2.x
apple / safari	6.1.1	6.1.1.x
apple / safari	6.1.3	6.1.3.x
apple / safari	6.0.5	6.0.5.x
apple / safari	6.1	6.1.x
apple / safari	6.0.4	6.0.4.x
apple / safari	6.0.1	6.0.1.x
apple / safari	7.0.1	7.0.1.x
apple / safari	7.0.3	7.0.3.x
apple / safari	7.0.4	7.0.4.x
apple / safari	7.0	7.0.x
apple / safari	7.0.2	7.0.2.x
apple / iphone_os	7.0.4	7.0.4.x
apple / iphone_os	7.0.5	7.0.5.x
apple / iphone_os	7.1	7.1.x
apple / iphone_os	-	7.1.1.x
apple / iphone_os	7.0.6	7.0.6.x
apple / iphone_os	7.0.1	7.0.1.x
apple / iphone_os	7.0.2	7.0.2.x
apple / iphone_os	7.0	7.0.x
apple / iphone_os	7.0.3	7.0.3.x

Vulnerability Database

CVE-2014-1345