Medium severity6.5NVD Advisory· Published Sep 25, 2016· Updated Jun 17, 2026
CVE-2016-4760
CVE-2016-4760
Description
WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to conduct DNS rebinding attacks against non-HTTP Safari sessions by leveraging HTTP/0.9 support.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*range: <=12.4.3
- (no CPE)range: <12.5.1
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <=9.1.3
- (no CPE)range: <10
- Range: <10
Patches
Vulnerability mechanics
References
8- lists.apple.com/archives/security-announce/2016/Sep/msg00007.htmlnvdMailing ListVendor Advisory
- lists.apple.com/archives/security-announce/2016/Sep/msg00008.htmlnvdMailing ListVendor Advisory
- lists.apple.com/archives/security-announce/2016/Sep/msg00012.htmlnvdMailing ListVendor Advisory
- support.apple.com/HT207143nvdVendor Advisory
- support.apple.com/HT207157nvdVendor Advisory
- support.apple.com/HT207158nvdVendor Advisory
- www.securityfocus.com/bid/93066nvd
- www.securitytracker.com/id/1036854nvd
News mentions
0No linked articles in our index yet.