CVE-2016-6231

Name of the Vulnerable Software and Affected Versions Kaspersky Safe Browser iOS versions prior to 1.7.0

Description The issue is related to the lack of verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. This can enable a remote attacker to gain confidential information by exploiting the vulnerability with a specially formed certificate.

Recommendations For versions prior to 1.7.0, update to version 1.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information when using the affected browser version until the update is applied.