CVE

Id
91404  
CVE No.
CVE-2016-4585  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari.  
Phase
Assigned (20160511)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
785330 91404 CVE-2016-4585 BUGTRAQ:20160825 WebKitGTK+ Security Advisory WSA-2016-0005  View
785331 91404 CVE-2016-4585 URL:http://www.securityfocus.com/archive/1/archive/1/539295/100/0/threaded  View
785332 91404 CVE-2016-4585 MISC:http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html  View
785333 91404 CVE-2016-4585 CONFIRM:https://support.apple.com/HT206900  View
785334 91404 CVE-2016-4585 CONFIRM:https://support.apple.com/HT206902  View
785335 91404 CVE-2016-4585 CONFIRM:https://support.apple.com/HT206905  View
785336 91404 CVE-2016-4585 APPLE:APPLE-SA-2016-07-18-2  View
785337 91404 CVE-2016-4585 URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html  View
785338 91404 CVE-2016-4585 APPLE:APPLE-SA-2016-07-18-4  View
785339 91404 CVE-2016-4585 URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html  View
785340 91404 CVE-2016-4585 APPLE:APPLE-SA-2016-07-18-5  View
785341 91404 CVE-2016-4585 URL:http://lists.apple.com/archives/security-announce/2016/Jul/msg00004.html  View
785342 91404 CVE-2016-4585 BID:91830  View
785343 91404 CVE-2016-4585 URL:http://www.securityfocus.com/bid/91830  View
785344 91404 CVE-2016-4585 SECTRACK:1036343  View

Related JVN