CVE-2016-4583: WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date…

CVE-2016-1854 WebKitGTK+ vulnerabilities Title: WebKitGTK+ vulnerabilities Summary: Several security issues were fixed in WebKitGTK+. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Instructions: This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.

CVE-2016-4583 [LOW] CVE-2016-4583: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4583 Component: WebKit Impact: Visiting a malicious website may disclose image data from another website Description: A timing issue existed in the processing of SVG. This issue was addressed through improved validation.

CVE-2016-4583 [LOW] CVE-2016-4583: Safari 9.1.2 Apple Security Update: About the security content of Safari 9.1.2 Product: Safari Version: 9.1.2 CVE: CVE-2016-4583 Component: WebKit Impact: Visiting a malicious website may disclose image data from another website Description: A timing issue existed in the processing of SVG. This issue was addressed through improved validation.

CVE-2016-4583 [LOW] CVE-2016-4583: tvOS 9.2.2 Apple Security Update: About the security content of tvOS 9.2.2 Product: tvOS Version: 9.2.2 CVE: CVE-2016-4583 Component: WebKit Impact: Processing maliciously crafted web content may disclose image data from another website Description: A timing issue existed in the processing of SVG. This issue was addressed through improved validation.

CVE-2016-4583 [LOW] CWE-362 GHSA-prfv-fm4x-p4rr: WebKit in Apple iOS before 9 WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document.

CVE-2016-4583 [LOW] CVE-2016-4583: WebKit in Apple iOS before 9 WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document.