The host is installed with Apple Safari before 6.2.8, 7.x before 7.1.8 or 8.x before 8.0.8 and is prone to an user interface spoofing vulnerability. A flaw is present in the application, which fails to handle a malformed URL. Successful exploitation allows attackers to spoof the user interface.