Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2012-09-20T21:00:00
Updated: 2024-08-06T20:13:51.632Z
Reserved: 2012-06-19T00:00:00
Link: CVE-2012-3742
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-09-20T21:55:04.377
Modified: 2017-08-29T01:32:04.337
Link: CVE-2012-3742
Redhat
No data.