CVE-2016-1782

CVE-2016-1782

EPSS 1.6%

WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that specify a TCP port number, which allows remote attackers to bypass intended port restrictions via a crafted web site.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html https://support.apple.com/HT206166 https://support.apple.com/HT206171 http://www.securityfocus.com/archive/1/537948/100/0/threaded http://www.securitytracker.com/id/1035353