CVE-2015-3729 Information

Description

Apple Safari before 6.2.8 7.x before 7.1.8 and 8.x before 8.0.8 as used in iOS before 8.4.1 and other products does not indicate what web site originated an input prompt which allows remote attackers to conduct spoofing attacks via a crafted site.

Reference

http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://www.securityfocus.com/bid/76342 http://www.securitytracker.com/id/1033274 https://support.apple.com/kb/HT205030 https://support.apple.com/kb/HT205033