CVE-2016-1764

CVE-2016-1764

EPSS 2.6%

The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html https://support.apple.com/HT206167 http://www.securitytracker.com/id/1035363