CVE-2016-1785
N/A
N/A
Summary
The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html
- http://www.securitytracker.com/id/1035353
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
- http://www.securityfocus.com/archive/1/537948/100/0/threaded
- https://support.apple.com/HT206171
- https://support.apple.com/HT206166
References
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html
- http://www.securitytracker.com/id/1035353
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
- http://www.securityfocus.com/archive/1/537948/100/0/threaded
- https://support.apple.com/HT206171
- https://support.apple.com/HT206166
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.