CVE-2016-4592 — Uncontrolled Resource Consumption in Apple IOS

CWE-400 — Uncontrolled Resource Consumption6 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

1.7%

top 17.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Webkitgtk Apple IOS Apple Safari +1 more

Timeline

PublishedJul 22

Latest updateMay 14

Description

WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶Appleapple/tvos9.2.2

▶Appleapple/safari9.1.2

▶NVDwebkitgtk/webkitgtk< 2.10.5

▶Appleapple/ios9.3.3

🔴Vulnerability Details

GHSA

GHSA-94vh-jmgr-25ww: WebKit in Apple iOS before 9↗2022-05-14

▶

OSV

CVE-2016-4592: WebKit in Apple iOS before 9↗2016-07-22

▶

📋Vendor Advisories

Apple

CVE-2016-4592: iOS 9.3.3↗2016-07-18

▶

Apple

CVE-2016-4592: tvOS 9.2.2↗2016-07-18

▶

Apple

CVE-2016-4592: Safari 9.1.2↗2016-07-18

▶