CVE-2015-1126

WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:apple:safari:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.1.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:7.0.2:*:*:*:*:*:*:*

Information

Published : 2015-04-10 07:59

Updated : 2015-09-11 10:57


NVD link : CVE-2015-1126

Mitre link : CVE-2015-1126


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

apple

  • iphone_os
  • safari