CVE-2016-4613

MEDIUM

Description

An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site.

References

http://www.securityfocus.com/bid/93949

http://www.securitytracker.com/id/1037139

https://support.apple.com/HT207270

https://support.apple.com/HT207272

https://support.apple.com/HT207273

https://support.apple.com/HT207274

Details

Source: MITRE

Published: 2017-02-20

Updated: 2017-07-29

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (6 total)

ID	Name	Product	Family	Severity
96406	Ubuntu 16.04 LTS : webkit2gtk vulnerabilities (USN-3166-1)	Nessus	Ubuntu Local Security Checks	high
95411	macOS : Apple Safari < 10.0.1 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
94934	Apple iTunes < 12.5.2 Multiple Vulnerabilities (Uncredentialed Check)	Nessus	Peer-To-Peer File Sharing	high
94915	Apple iTunes < 12.5.2 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	high
9757	Apple TV < 10.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Internet Services	high
94337	Apple TV < 10.0.1 Multiple Vulnerabilities	Nessus	Misc.	high

CVE-2016-4613

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Tenable Plugins