VYPR
Medium severity6.5NVD Advisory· Published Sep 25, 2016· Updated Jun 17, 2026

CVE-2016-4760

CVE-2016-4760

Description

WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to conduct DNS rebinding attacks against non-HTTP Safari sessions by leveraging HTTP/0.9 support.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Apple Inc./iTunes2 versions
    cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*range: <=12.4.3
    • (no CPE)range: <12.5.1
  • Apple Inc./Safari2 versions
    cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <=9.1.3
    • (no CPE)range: <10
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    Range: <=9.3.5
  • Apple Inc./iOSllm-fuzzy
    Range: <10

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.