Apple Information for VU#905344

HTTP CONNECT and 407 Proxy Authentication Required messages are not integrity protected



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References


WebKit and WebKit-based applications and browsers are affected. Apple has assigned CVE-2016-4642, CVE-2016-4643, and CVE-2016-4644, as described in the HT206905 security bulletin. CVE-2016-7579 is described in the HT207271 bulletin.

If you have feedback, comments, or additional information about this vulnerability, please send us email.