Safari in Apple iOS prior to 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote malicious users to spoof https connections by placing this character in the TITLE element of a web page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os 1.1.0 |
||
apple iphone os 1.1.1 |
||
apple iphone os 2.0.2 |
||
apple iphone os 2.1 |
||
apple iphone os 3.1.2 |
||
apple iphone os 3.1.3 |
||
apple iphone os 4.1 |
||
apple iphone os 4.2.1 |
||
apple iphone os 5.0 |
||
apple iphone os 5.0.1 |
||
apple iphone os 1.1.2 |
||
apple iphone os 1.1.3 |
||
apple iphone os 2.1.1 |
||
apple iphone os 2.2 |
||
apple iphone os 3.2 |
||
apple iphone os 3.2.1 |
||
apple iphone os 4.2.5 |
||
apple iphone os 4.2.8 |
||
apple iphone os |
||
apple iphone os 1.0.0 |
||
apple iphone os 1.1.4 |
||
apple iphone os 1.1.5 |
||
apple iphone os 2.2.1 |
||
apple iphone os 3.0 |
||
apple iphone os 3.2.2 |
||
apple iphone os 4.0 |
||
apple iphone os 4.3.0 |
||
apple iphone os 4.3.1 |
||
apple iphone os 4.3.2 |
||
apple iphone os 1.0.1 |
||
apple iphone os 1.0.2 |
||
apple iphone os 2.0 |
||
apple iphone os 2.0.0 |
||
apple iphone os 2.0.1 |
||
apple iphone os 3.0.1 |
||
apple iphone os 3.1 |
||
apple iphone os 4.0.1 |
||
apple iphone os 4.0.2 |
||
apple iphone os 4.3.3 |
||
apple iphone os 4.3.5 |