← back
CVE-2016-1785

CVE-2016-1785

EPSS 1.5%
The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2016/Mar/msg00005.htmlhttps://support.apple.com/HT206166https://support.apple.com/HT206171http://www.securityfocus.com/archive/1/537948/100/0/threadedhttp://www.securitytracker.com/id/1035353