← Back

CVE-2014-1345

nvd nist
Published: Jul 1, 2014Modified: May 6, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site.

Affected (25)

Products: Apple: Safari, Iphone Os
Apple
2 products
Safari
Iphone Os
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Safari
Up to 6.1.4
Safari
Version 6.0.1
Safari
Version 6.0.2
Safari
Version 6.0.3
Safari
Version 6.0.4
Safari
Version 6.0.5
Safari
Version 6.0
Safari
Version 6.1.1
Safari
Version 6.1.2
Safari
Version 6.1.3
Safari
Version 6.1
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Safari
Version 7.0.1
Safari
Version 7.0.2
Safari
Version 7.0.3
Safari
Version 7.0.4
Safari
Version 7.0
Configuration C
9 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Iphone Os
Up to 7.1.1
Iphone Os
Version 7.0.1
Iphone Os
Version 7.0.2
Iphone Os
Version 7.0.3
Iphone Os
Version 7.0.4
Iphone Os
Version 7.0.5
Iphone Os
Version 7.0.6
Iphone Os
Version 7.0
Iphone Os
Version 7.1

References (10)

Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.