Information Disclosure Vulnerability in WebKit for Apple iOS and tvOS
CVE-2016-4587

6.5MEDIUM

Key Information:

Vendor
Apple
Status
Webkit
Vendor
CVE Published:
22 July 2016

Summary

The WebKit component used in Apple iOS and tvOS prior to specified versions has a vulnerability that allows remote attackers to access sensitive information through uninitialized process memory. This can be exploited via specially crafted web content, potentially leading to unauthorized data exposure from the user's device.

References

http://www.securitytracker.com/id/1036344
vdb-entryx_refsource_SECTRACK
http://lists.apple.com/archives/security-announce/2016/Ju...
vendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/security-announce/2016/Ju...
vendor-advisoryx_refsource_APPLE

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.