CVE-2015-1084

The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.

Published: Mar 18, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-1084
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-17

Affected Software
References

Software	From	Fixed in
apple / iphone_os	-	8.2.x
apple / safari	7.0.1	7.0.1.x
apple / safari	8.0.2	8.0.2.x
apple / safari	8.0.1	8.0.1.x
apple / safari	7.0.3	7.0.3.x
apple / safari	7.0.4	7.0.4.x
apple / safari	7.1.0	7.1.0.x
apple / safari	8.0.0	8.0.0.x
apple / safari	7.0.5	7.0.5.x
apple / safari	-	6.2.3.x
apple / safari	7.0.6	7.0.6.x
apple / safari	7.1.3	7.1.3.x
apple / safari	7.1.1	7.1.1.x
apple / safari	7.0	7.0.x
apple / safari	8.0.3	8.0.3.x
apple / safari	7.1.2	7.1.2.x
apple / safari	7.0.2	7.0.2.x

http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html
http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html
http://www.securitytracker.com/id/1031936
https://support.apple.com/HT204560
https://support.apple.com/HT204661

Vulnerability Database

CVE-2015-1084