An issue exists in certain Apple products. iOS prior to 11.2 is affected. Safari prior to 11.0.2 is affected. iCloud prior to 7.2 on Windows is affected. iTunes prior to 12.7.2 on Windows is affected. tvOS prior to 11.2 is affected. watchOS prior to 4.2 is affected. The issue involves the "WebKit" component. It allows remote malicious users to spoof user-interface information (about whether the entire content is derived from a valid TLS session) via a crafted web site that sends a 401 Unauthorized redirect.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari |
||
apple watchos |
||
apple iphone os |
||
apple tvos |
||
apple icloud |
||
apple itunes |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 16.04 |