Vulnonym.com

CVE-2015-3729 - Unconventional Trousers

Description

Apple Safari before 6.2.8 7.x before 7.1.8 and 8.x before 8.0.8 as used in iOS before 8.4.1 and other products does not indicate what web site originated an input prompt which allows remote attackers to conduct spoofing attacks via a crafted site.

Reference

https://support.apple.com/kb/HT205033 https://support.apple.com/kb/HT205030 http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://www.securityfocus.com/bid/76342 http://www.securitytracker.com/id/1033274