WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: apple

Published: 2016-09-25T10:00:00

Updated: 2017-07-29T09:57:01

Reserved: 2016-05-11T00:00:00


Link: CVE-2016-4763

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2016-09-25T10:59:57.160

Modified: 2017-07-30T01:29:06.817


Link: CVE-2016-4763

JSON object: View

cve-icon Redhat Information

No data.

CWE