CVE-2016-1784

Published on: 03/23/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:05 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Certain versions of Iphone Os from Apple contain the following vulnerability:

The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site.

  • CVE-2016-1784 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 6.5 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 4.3 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE PARTIAL

CVE References

Description Tags Link
APPLE-SA-2016-03-21-3 tvOS 9.2 Mailing List
Vendor Advisory
lists.apple.com
text/html
URL Logo APPLE APPLE-SA-2016-03-21-3
About the security content of iOS 9.3 - Apple Support Vendor Advisory
support.apple.com
text/html
URL Logo CONFIRM support.apple.com/HT206166
About the security content of Safari 9.1 - Apple Support Vendor Advisory
support.apple.com
text/html
URL Logo CONFIRM support.apple.com/HT206171
APPLE-SA-2016-03-21-1 iOS 9.3 Mailing List
Vendor Advisory
lists.apple.com
text/html
URL Logo APPLE APPLE-SA-2016-03-21-1
Apple iOS Multiple Flaws Let Remote Users Execute Arbitrary Code and Let Remote and Local Users Obtain Potentially Sensitive Information - SecurityTracker Third Party Advisory
VDB Entry
www.securitytracker.com
text/html
URL Logo SECTRACK 1035353
APPLE-SA-2016-03-21-6 Safari 9.1 Mailing List
Vendor Advisory
lists.apple.com
text/html
URL Logo APPLE APPLE-SA-2016-03-21-6
About the security content of tvOS 9.2 - Apple Support Vendor Advisory
support.apple.com
text/html
URL Logo CONFIRM support.apple.com/HT206169

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
AppleIphone OsAllAllAllAll
Operating
System
AppleIphone OsAllAllAllAll
ApplicationAppleSafariAllAllAllAll
ApplicationAppleSafariAllAllAllAll
Operating
System
AppleTvosAllAllAllAll
Operating
System
AppleTvosAllAllAllAll
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*: