CVE-2016-1849
Apple Security Advisory 2016-05-16-5
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read access to a Safari directory.
La función "Clear History and Website Data" en Apple Safari en versiones anteriores a 9.1.1, cómo se utiliza en iOS en versiones anteriores a 9.3.2 y otros productos, no maneja correctamente el borrado del historial de navegación, lo que podría permitir a usuarios locales obtener información sensible aprovechando el acceso de lectura a un directorio de Safari.
Safari 9.1.1 is now available and addresses history deletion, data disclosure, code execution, and various other vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-01-13 CVE Reserved
- 2016-05-17 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1035888 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2016/May/msg00002.html | 2016-12-01 | |
| http://lists.apple.com/archives/security-announce/2016/May/msg00005.html | 2016-12-01 | |
| https://support.apple.com/HT206565 | 2016-12-01 | |
| https://support.apple.com/HT206568 | 2016-12-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Safari Search vendor "Apple" for product "Safari" | <= 9.1 Search vendor "Apple" for product "Safari" and version " <= 9.1" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | <= 9.3.1 Search vendor "Apple" for product "Iphone Os" and version " <= 9.3.1" | - |
Affected
| ||||||