The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2016/May/msg00001.html | Mailing List Vendor Advisory |
http://lists.apple.com/archives/security-announce/2016/May/msg00002.html | Mailing List Vendor Advisory |
http://lists.apple.com/archives/security-announce/2016/May/msg00005.html | Mailing List Vendor Advisory |
http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html | Third Party Advisory VDB Entry |
http://www.securityfocus.com/archive/1/538522/100/0/threaded | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1035888 | Third Party Advisory VDB Entry |
http://www.zerodayinitiative.com/advisories/ZDI-16-352 | Third Party Advisory VDB Entry |
https://support.apple.com/HT206564 | Vendor Advisory |
https://support.apple.com/HT206565 | Vendor Advisory |
https://support.apple.com/HT206568 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apple
Published: 2016-05-20T10:00:00
Updated: 2018-10-09T18:57:01
Reserved: 2016-01-13T00:00:00
Link: CVE-2016-1859
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-05-20T11:00:13.413
Modified: 2019-03-25T17:34:53.520
Link: CVE-2016-1859
JSON object: View
Redhat Information
No data.
CWE