Information Disclosure Vulnerability in WebKit for Apple iOS and tvOS
CVE-2016-4587

6.5MEDIUM

Key Information:

Vendor: Apple
Status: Webkit
Vendor: CVE Published:; 22 July 2016

🔔 Create Apple Vulnerability Alert

What is CVE-2016-4587?

The WebKit component used in Apple iOS and tvOS prior to specified versions has a vulnerability that allows remote attackers to access sensitive information through uninitialized process memory. This can be exploited via specially crafted web content, potentially leading to unauthorized data exposure from the user's device.

References

http://www.securitytracker.com/id/1036344

vdb-entryx_refsource_SECTRACK

http://lists.apple.com/archives/security-announce/2016/Ju...

vendor-advisoryx_refsource_APPLE

http://lists.apple.com/archives/security-announce/2016/Ju...

vendor-advisoryx_refsource_APPLE

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2016
Vulnerability Reserved
May 11, 2016

.

CVE-2016-4587 : Information Disclosure Vulnerability in WebKit for Apple iOS and tvOS