5 matches found
About the security content of iCloud for Windows 6.2 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
CVE-2017-2480
creationtimestamp| type| source ---|---|--- 2017-04-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41865...
WebKit Synchronous Page Load UXSS
WebKit: UXSS via a synchronous page load CVE-2017-2480 Here's a snippet of the method SubframeLoader::requestFrame which is invoked when the |src| of an iframe object is changed. bool SubframeLoader::requestFrameHTMLFrameOwnerElement& ownerElement, const String& urlString, const AtomicString&...
WebKit: UXSS via a synchronous page load(CVE-2017-2480)
Here's a snippet of the method SubframeLoader::requestFrame which is invoked when the |src| of an iframe object is changed. bool SubframeLoader::requestFrameHTMLFrameOwnerElement& ownerElement, const String& urlString, const AtomicString& frameName, LockHistory lockHistory, LockBackForwardList...
CVE-2017-2480
The CVE-2017-2480 entry concerns WebKit in multiple Apple platforms (iOS before 10.3, Safari before 10.1, iCloud/iTunes on Windows, tvOS before 10.2). The issue allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Connected documents co...