Описание
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-1858
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568
- http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://www.securityfocus.com/archive/1/538522/100/0/threaded
- http://www.securitytracker.com/id/1035888
Связанные уязвимости
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.
Уязвимость операционной системы iOS и браузера Safari, позволяющая нарушителю получить конфиденциальную информацию