Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-4651

Опубликовано: 22 июл. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.1

Описание

Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability.

РелизСтатусПримечание
devel

ignored

no update available
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [no update available]]
esm-infra/xenial

ignored

no update available
precise

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [no update available]
upstream

needs-triage

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

ignored

no update available
esm-apps/xenial

ignored

no update available
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [no update available]]
precise

ignored

end of life
trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [no update available]
upstream

needs-triage

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

precise

ignored

end of life
trusty

DNE

trusty/esm

DNE

upstream

needs-triage

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
devel

not-affected

2.12.5-1
esm-infra-legacy/trusty

DNE

esm-infra/xenial

released

2.12.5-0ubuntu0.16.04.1
precise

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

2.12.0
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

ignored

end of life

Показывать по

РелизСтатусПримечание
devel

ignored

no update available
esm-apps/xenial

ignored

no update available
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [no update available]]
precise

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [no update available]
upstream

needs-triage

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 39%
0.00175
Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2016-4651

CVSS3: 6.1
nvd
больше 9 лет назад

Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability.

github логотип

GHSA-377q-pqm6-wg2h

CVSS3: 6.1
github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability.

fstec логотип

BDU:2016-02108

fstec
больше 9 лет назад

Уязвимость операционной системы iOS и браузера Safari, позволяющая нарушителю внедрить произвольный Веб- или HTML-код

EPSS

Процентиль: 39%
0.00175
Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3