CVE-2016-4758 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-4758 Interim 1 3 2021-06-09T12:42:51Z current 2021-05-30T13:42:25Z 2021-06-09T12:42:51Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-4758 WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive information via a crafted web site. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive information via a crafted web site. CVE-2016-4758 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N