Main Vulnerability Database Vulnerabilities #VU8519

#VU8519 Spoofing attack in Apple Safari - CVE-2017-7085

Published: September 20, 2017

Vulnerability identifier: #VU8519

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-7085

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Apple Safari

Software vendor:
Apple Inc.

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to unknown error. A remote attacker can trick the victim into visiting a specially crafted website and spoof address bar and other parts of web page.

Successful exploitation of this vulnerability may result in information disclosure or malicious actions execution.

Remediation

Update to version 11.

External links

https://support.apple.com/en-us/HT208116