CVE-2017-7152

Published: Dec 27, 2017Modified: May 13, 2026

4.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail Message Framework" component. It allows remote attackers to spoof the address bar via a crafted web site.

Affected (1)

Products: Apple: Iphone Os

Apple

1 product

Iphone Os

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 11.2

References (14)

http://seclists.org/fulldisclosure/2019/Oct/49

Source: product-security@apple.com

http://seclists.org/fulldisclosure/2019/Oct/54

Source: product-security@apple.com

http://seclists.org/fulldisclosure/2019/Oct/56

Source: product-security@apple.com

https://support.apple.com/HT208334

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/kb/HT210721

Source: product-security@apple.com

https://support.apple.com/kb/HT210722

Source: product-security@apple.com

https://support.apple.com/kb/HT210724

Source: product-security@apple.com

http://seclists.org/fulldisclosure/2019/Oct/49