Vulnerability Details : CVE-2016-4603
Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior.
Products affected by CVE-2016-4603
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4603
0.30%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4603
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST | |
|
4.3
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
2.8
|
1.4
|
NIST |
CWE ids for CVE-2016-4603
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-4603
-
https://support.apple.com/HT206902
About the security content of iOS 9.3.3 - Apple SupportVendor Advisory
-
http://www.securitytracker.com/id/1036344
Apple iOS Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service and Let Remote and Local Users Obtain Potentially Sensitive Information - SecurityTracker
-
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
Apple - Lists.apple.comMailing List
-
http://www.securityfocus.com/bid/91825
Apple iOS APPLE-SA-2016-07-18-2 Multiple Security Vulnerabilities
Jump to