Code injection

2015-12-1111:59:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses content extensions, which allows remote attackers to obtain sensitive browsing-history information via a crafted web site.

CPENameOperatorVersion
iphone_osle9.1
safarile9.0.1

CPE	Name	Operator	Version
	iphone_os	le	9.1
	safari	le	9.0.1

References

lists.apple.com/archives/security-announce/2015/Dec/msg00000.html

lists.apple.com/archives/security-announce/2015/Dec/msg00003.html

www.securityfocus.com/bid/78722

www.securitytracker.com/id/1034341

support.apple.com/HT205635

support.apple.com/HT205639

support.apple.com/kb/HT205636