Vulnerability Database

296,224

Total vulnerabilities in the database

CVE-2014-4363

Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3) an IFRAME element.

  • Published: Sep 18, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-4363
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
apple / iphone_os 7.0 7.1.2.x
apple / safari 6.0 6.1.5.x
apple / safari 7.0 7.0.5.x