Lucene search

[email protected]CVE-2016-4603

HistoryJul 22, 2016 - 2:59 a.m.

CVE-2016-4603

2016-07-2202:59:00

CWE-254

[email protected]

web.nvd.nist.gov

apple

ios

cve

vulnerability

bypass

security

safari view controller

nvd

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

7.6 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

49.3%

JSON

Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior.

CPENameOperatorVersion
apple:iphone_osapple iphone osle9.3.2

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	le	9.3.2

References

lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

www.securityfocus.com/bid/91825

www.securitytracker.com/id/1036344

support.apple.com/HT206902

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

7.6 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

49.3%

JSON

Related for CVE-2016-4603

prion1 apple2