ALT-PU-2016-1288-1
Package libwebkitgtk4 updated to version 2.12.0-alt1 for branch sisyphus in task 162032.
Closed vulnerabilities
Published: 2016-05-20
BDU:2016-01450
Уязвимость операционной системы iOS и браузера Safari, позволяющая нарушителю получить конфиденциальную информацию
Severity: MEDIUM (4.3)
References:
Published: 2016-05-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-1858
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References:
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-1
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-2
- APPLE-SA-2016-05-16-5
- APPLE-SA-2016-05-16-5
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- 20160530 WebKitGTK+ Security Advisory WSA-2016-0004
- 20160530 WebKitGTK+ Security Advisory WSA-2016-0004
- 1035888
- 1035888
- https://support.apple.com/HT206564
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568
- https://support.apple.com/HT206568