Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2016-4591 - CERT CVE
CVE-2016-4591
ID
CVE-2016-4591
Sažetak
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
Reference
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00004.html
http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html
http://www.securityfocus.com/archive/1/539295/100/0/threaded
http://www.securityfocus.com/bid/91830
http://www.securitytracker.com/id/1036343
https://support.apple.com/HT206900
https://support.apple.com/HT206902
https://support.apple.com/HT206905
CVSS
Base:
7.8
Impact:
6.9
Exploitability:
10.0
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
COMPLETE
NONE
NONE
CVSS vektor
AV:N/AC:L/Au:N/C:C/I:N/A:N
Zadnje važnije ažuriranje
25-03-2019 - 17:04
Objavljeno
22-07-2016 - 02:59
