4 matches found
Apple OSX Message cross-domain scripting attacks vulnerability details(CVE-2 0 1 6-1 7 6 4-the vulnerability warning-the black bar safety net
! Apple in 3 months to fix the CVE-2 0 1 6-1 7 6 4 out of CNNVD-2 0 1 6 0 3-3 4 7, is an application-layer vulnerabilities that can lead to a remote attacker by means of a iMessage client leaked all message content and attachments. Contrast to attack the iMessage Protocol, this is a relatively...
CVE-2016-1764
The Content Security Policy CSP implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL...
CVE-2016-1764
The Content Security Policy CSP implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL...
CVE-2016-1764
Summary (CVE-2016-1764): In OS X El Capitan prior to 10.11.4, the Content Security Policy (CSP) implementation in the Messages component allowed remote attackers to disclose sensitive information via a javascript: URL. The issue stems from how JavaScript links were processed by Messages. Impact: ...