CVE-2016-1771 — Apple Safari vulnerability

CWE-193 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.5%

top 34.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedMar 24

Latest updateMay 17

Description

The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDapple/safari9.0.3

▶Appleapple/safari9.1

🔴Vulnerability Details

GHSA

GHSA-2fx6-wf22-3rf5: The Downloads feature in Apple Safari before 9↗2022-05-17

▶

📋Vendor Advisories

Apple

CVE-2016-1771: Safari 9.1↗

▶