QwikSec

Security Database

CVE

CWE

Training

CVE-2016-1728

Published: Feb 1, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html

x_refsource_MISC

vdb-entry

x_refsource_BID

20160311 WebKitGTK+ Security Advisory WSA-2016-0002

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_SECTRACK

https://support.apple.com/HT205730

x_refsource_CONFIRM

APPLE-SA-2016-01-19-1

vendor-advisory

x_refsource_APPLE

vendor-advisory

x_refsource_GENTOO

https://support.apple.com/HT205732

x_refsource_CONFIRM

APPLE-SA-2016-01-19-3

vendor-advisory

x_refsource_APPLE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.