Published: 20/02/2017 Updated: 29/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

An issue exists in certain Apple products. Safari prior to 10.0.1 is affected. iCloud prior to 6.0.1 is affected. iTunes prior to 12.5.2 is affected. tvOS prior to 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote malicious users to obtain sensitive information via a crafted web site.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple safari
apple icloud
apple itunes
apple apple tv 10.0.0

Several security issues were fixed in WebKitGTK+ ...

DROWN-ing Xcode developer? Apple's thrown you a lifebelt

The Register • Richard Chirgwin • 30 Oct 2016

iCloud and iTunes on Windows also need patching

Apple has published security updates for Xcode, iCloud for Windows, and iTunes for Windows. Xcode 8.1 plugs holes the Xcode server inherited from Chrome, OpenSSL and node.js. Apple's announcement is here. There's a bunch of OpenSSL patches to start with: CVE-2015-6764 and CVE-2016-1669 are bugs inherited from Google Chrome code. CVE-2016-2086, CVE-2016-2216 and CVE-2015-8027 splat bugs in node.js. Cupertino has also updated iCloud for Windows against two bugs: CVE-2016-4613, reported by Google s...

CVE-2016-4613

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect