Lucene search

K

AppleCVELIST:CVE-2016-4585

HistoryJul 22, 2016 - 1:00 a.m.

CVE-2016-4585

2016-07-2201:00:00

apple

www.cve.org

5

AI Score

6.2

Confidence

High

EPSS

0.003

Percentile

69.7%

Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari.

References

lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

lists.apple.com/archives/security-announce/2016/Jul/msg00004.html

packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html

www.securityfocus.com/archive/1/539295/100/0/threaded

www.securityfocus.com/bid/91830

www.securitytracker.com/id/1036343

support.apple.com/HT206900

support.apple.com/HT206902

support.apple.com/HT206905

AI Score

6.2

Confidence

High

EPSS

0.003

Percentile

69.7%

Related for CVELIST:CVE-2016-4585

prion1 cve1 seebug1 ubuntucve1 nvd1 apple6 openvas2 nessus3 ubuntu1