MEDIUM6.8
Уязвимость операционной системы iOS и браузера Safari, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
ALT-PU-2016-1335-1Package update libwebkitgtk4 in branch sisyphus
Severity:
Closed issues (6)
MEDIUM6.8
Уязвимость операционной системы iOS и браузера Safari, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:PMEDIUM6.8
Уязвимость операционной системы iOS и браузера Safari, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:PHIGH8.8
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857.
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:PCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://www.securityfocus.com/archive/1/538522/100/0/threaded
- http://www.securitytracker.com/id/1035888
- http://www.zerodayinitiative.com/advisories/ZDI-16-341
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568
- http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://www.securityfocus.com/archive/1/538522/100/0/threaded
- http://www.securitytracker.com/id/1035888
- http://www.zerodayinitiative.com/advisories/ZDI-16-341
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568
HIGH8.8
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1857.
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:PCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://www.securityfocus.com/archive/1/538522/100/0/threaded
- http://www.securitytracker.com/id/1035888
- http://www.zerodayinitiative.com/advisories/ZDI-16-342
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568
- http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://www.securityfocus.com/archive/1/538522/100/0/threaded
- http://www.securitytracker.com/id/1035888
- http://www.zerodayinitiative.com/advisories/ZDI-16-342
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568
HIGH8.8
The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:PCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://www.securityfocus.com/archive/1/538522/100/0/threaded
- http://www.securitytracker.com/id/1035888
- http://www.zerodayinitiative.com/advisories/ZDI-16-352
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568
- http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
- http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html
- http://www.securityfocus.com/archive/1/538522/100/0/threaded
- http://www.securitytracker.com/id/1035888
- http://www.zerodayinitiative.com/advisories/ZDI-16-352
- https://support.apple.com/HT206564
- https://support.apple.com/HT206565
- https://support.apple.com/HT206568