CVE-2016-4646

2016-07-2201:00:00

apple

www.cve.org

AI Score

6.4

Confidence

High

EPSS

0.07

Percentile

94.1%

JSON

Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file.

References

lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

www.securityfocus.com/bid/91824

www.securitytracker.com/id/1036348

zerodayinitiative.com/advisories/ZDI-16-439/

support.apple.com/HT206903