CVE-2015-1126
18Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 10.0%
from disclosure to weapon0 days
Published on NVDApr 10
metasploitApr 8
exploitation probability
10.0%top 5% of all CVEs
observed exploitation
nono source reports it
WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors.
Affected products
n/a · n/a