CVE-2016-1782: WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that specify a TCP port number, which allows remote attackers to…

CVE-2016-1782 [MEDIUM] CVE-2016-1782: Safari 9.1 Apple Security Update: About the security content of Safari 9.1 Product: Safari Version: 9.1 CVE: CVE-2016-1782 Component: CVE-ID

CVE-2016-1782 [MEDIUM] CVE-2016-1782: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1782 Component: CVE-ID

CVE-2016-1782 [MEDIUM] CWE-284 GHSA-q6q9-w26g-c8vj: WebKit in Apple iOS before 9 WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that specify a TCP port number, which allows remote attackers to bypass intended port restrictions via a crafted web site.

CVE-2016-1782 [MEDIUM] CVE-2016-1782: WebKit in Apple iOS before 9 WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that specify a TCP port number, which allows remote attackers to bypass intended port restrictions via a crafted web site.

[MEDIUM] Port banning can be bypassed with 30x redirect Port banning can be bypassed with 30x redirect User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.48 Safari/537.36 Steps to reproduce: Port banning can be bypassed with 30x redirect Firefox for iOS has port banning feature but it can be bypassed by following two ways. #1. Tap "Try again" or reload button on a port error screen Navigate to a banned port of a target host e.g., http://alice.csrf.jp:143. Here port 143 is a known port of IMAP so Firefox shows a "restricted port error" screen instead. However, if you tap "Try again" button or reload icon on a error screen Firefox sends a GET request to the port and shows a response. Note that it doesn't reproduce on other major browsers on iOS e.g., Safari or Chrome. #2. Access a r