CVE-2017-2486

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site.

Published : 2017-04-02 01:59 Updated : 2019-10-03 00:03

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Apple Iphone Os 10.2.1 cpe:/o:apple:iphone_os:10.2.1
Apple Safari 10.0.3 cpe:/a:apple:safari:10.0.3
  1. Apple (2) Search CVE
    1. Safari (1) Search CVE
      1. 10.0.3
    2. Iphone Os (1) Search CVE
      1. 10.2.1

CWE

ID Name Description Links
CWE-425 Direct Request ('Forced Browsing') The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files. CVE

History of changes

Date Event
2019-10-03 00:03
2017-07-12 05:32
2017-04-02 01:59

New CVE