CVE-2016-1858
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.
| Software | From | Fixed in |
|---|---|---|
| apple / iphone_os | - | 9.3.2 |
| apple / tvos | - | 9.2.1 |
| apple / safari | - | 9.1.1 |
| webkitgtk / webkitgtk+ | - | 2.12.0 |
- http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://www.securityfocus.com/archive/1/538522/100/0/threaded
- http://www.securitytracker.com/id/1035888
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime