First published: Mon Mar 27 2017(Updated: )
WebKit. An inconsistent user interface issue was addressed through improved state management.
Credit: redrain light4freedom product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS and iPadOS | <10.3 | 10.3 |
Safari | <=10.0.3 | |
iPhone OS | <=10.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-2486 has been classified as a medium severity vulnerability due to its potential to allow address bar spoofing.
To fix CVE-2017-2486, upgrade to Apple iOS version 10.3 or later and update Safari to version 10.1 or later.
CVE-2017-2486 affects Apple iOS versions before 10.3 and Safari versions before 10.1.
CVE-2017-2486 is a user interface spoofing vulnerability in the WebKit component.
Yes, CVE-2017-2486 can be exploited remotely by attackers to spoof the address bar.