CVE-2016-4657 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-4657 PUBLISHED KEV

WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

EPSS 77.13% · 99.0th percentile

Risk Scores

EPSS Score

77.13%

99.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	webkitgtk	2.4.10-0ubuntu1, 2.4.9-2ubuntu2, 0
Ubuntu:16.04:LTS	qtwebkit-source	0, 2.3.2-0ubuntu10, 2.3.2-0ubuntu11
Ubuntu:16.04:LTS	webkit2gtk	2.10.8-1ubuntu1, 2.10.9-1ubuntu1, 2.12.5-0ubuntu0.16.04.1
Ubuntu:16.04:LTS	qtwebkit-opensource-src	5.5.1+dfsg-2ubuntu1, 5.4.2+dfsg-1ubuntu2.1, 0

Timeline

Aug 25, 2016 CVE Published
Aug 25, 2016 PoC Published
Aug 25, 2016 PoC Published
Aug 26, 2016 PoC Published
Nov 7, 2016 PoC Published
Mar 1, 2018 PoC Published
Jun 4, 2018 PoC Published
Jun 4, 2018 PoC Published
Jun 5, 2018 PoC Published
Sep 19, 2018 PoC Published
Oct 9, 2020 PoC Published
Feb 4, 2022 EPSS Score

References

https://ubuntu.com/security/CVE-2016-4657 third-party-advisory
http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html third-party-advisory
https://support.apple.com/HT207107 third-party-advisory
https://webkitgtk.org/security/WSA-2016-0006.html third-party-advisory
https://ubuntu.com/security/notices/USN-3166-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2016-4657 third-party-advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog third-party-advisory

Open in Interactive Console →