{"apple": [{"lastseen": "2021-11-10T17:01:15", "description": "# About the security content of iOS 10\n\nThis document describes the security content of iOS 10.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iOS 10\n\nReleased September 13, 2016\n\n**AppleMobileFileIntegrity**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A local application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in the task port inheritance policy. This issue was addressed through improved validation of the process entitlement and Team ID.\n\nCVE-2016-4698: Pedro Vila\u00e7a\n\nEntry added September 20, 2016\n\n**Assets**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An attacker in a privileged network position may be able to block a device from receiving software updates\n\nDescription: An issue existed in iOS updates, which did not properly secure user communications. This issue was addressed by using HTTPS for software updates.\n\nCVE-2016-4741: Raul Siles of DinoSec\n\n**Audio**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University\n\nEntry added September 20, 2016\n\n**Certificate Trust Policy**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Update to the certificate trust policy\n\nDescription: The certificate trust policy was updated. The complete list of certificates may be viewed at <https://support.apple.com/kb/HT204132>.\n\nEntry added September 20, 2016\n\n**CFNetwork**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A local user may be able to discover websites a user has visited\n\nDescription: An issue existed in Local Storage deletion. This issue was addressed through improved Local Storage cleanup.\n\nCVE-2016-4707: an anonymous researcher\n\nEntry added September 20, 2016\n\n**CFNetwork**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may compromise user information\n\nDescription: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.\n\nCVE-2016-4708: Dawid Czagan of Silesia Security Lab\n\nEntry added September 20, 2016\n\n**CommonCrypto**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application using CCrypt may disclose sensitive plaintext if the output and input buffer are the same\n\nDescription: An input validation issue existed in corecrypto. This issue was addressed through improved input validation.\n\nCVE-2016-4711: Max Lohrmann\n\nEntry added September 20, 2016\n\n**CoreCrypto**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code\n\nDescription: An out-of-bounds write issue was addressed by removing the vulnerable code.\n\nCVE-2016-4712: Gergo Koteles\n\nEntry added September 20, 2016\n\n**FontParser**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A buffer overflow existed in the handling of font files.\n\nThis issue was addressed through improved bounds checking.\n\nCVE-2016-4718: Apple\n\nEntry added September 20, 2016\n\n**GeoServices**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to read sensitive location information\n\nDescription: A permissions issue existed in PlaceData. This issue was addressed through improved permission validation.\n\nCVE-2016-4719: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)\n\n**IDS - Connectivity**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An attacker in a privileged network position may be able to cause a denial of service\n\nDescription: A spoofing issue existed in the handling of Call Relay. This issue was addressed through improved input validation.\n\nCVE-2016-4722: Martin Vigo (@martin_vigo) of salesforce.com\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A null pointer dereference was addressed through improved input validation.\n\nCVE-2016-4724: Cererdlong, Eakerqiu of Team OverSky\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4725: Rodger Combs of Plex, Inc.\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4726: an anonymous researcher\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A local application may be able to access restricted files\n\nDescription: A parsing issue in the handling of directory paths was addressed through improved path validation.\n\nCVE-2016-4771: Balazs Bucsay, Research Director of MRG Effitas\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A lock handling issue was addressed through improved lock handling.\n\nCVE-2016-4772: Marc Heuse of mh-sec\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to determine kernel memory layout\n\nDescription: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.\n\nCVE-2016-4773: Brandon Azad\n\nCVE-2016-4774: Brandon Azad\n\nCVE-2016-4776: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An untrusted pointer dereference was addressed by removing the affected code.\n\nCVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4778: CESG\n\nEntry added September 20, 2016\n\n**Keyboards**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Keyboard auto correct suggestions may reveal sensitive information\n\nDescription: The iOS keyboard was inadvertently caching sensitive information. This issue was addressed through improved heuristics.\n\nCVE-2016-4746: Antoine M of France\n\n**libxml2**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4658: Nick Wellnhofer\n\nCVE-2016-5131: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**libxslt**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4738: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**Mail**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An attacker with a privileged network position may be able to intercept mail credentials\n\nDescription: An issue existed when handling untrusted certificates. This was addressed by terminating untrusted connections.\n\nCVE-2016-4747: Dave Aitel\n\n**Messages**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Messages may be visible on a device that has not signed in to Messages\n\nDescription: An issue existed when using Handoff for Messages. This issue was resolved via better state management.\n\nCVE-2016-4740: Step Wallace\n\n**Printing UIKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An unencrypted document may be written to a temporary file when using AirPrint preview\n\nDescription: An issue existed in AirPrint preview. This was addressed through improved environment sanitization.\n\nCVE-2016-4749: Scott Alexander (@gooshy)\n\nEntry updated September 12, 2018\n\n**S2 Camera**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4750: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro\u2019s Zero Day Initiative\n\nEntry added September 20, 2016\n\n**Safari Reader**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting\n\nDescription: Multiple validation issues were addressed through improved input sanitization.\n\nCVE-2016-4618: Erling Ellingsen\n\nEntry added September 20, 2016 and updated September 23, 2016.\n\n**Sandbox Profiles**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A malicious application may be able to determine whom a user is texting\n\nDescription: An access control issue existed in SMS draft directories. This issue was addressed by preventing apps from stat'ing the affected directories.\n\nCVE-2016-4620: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)\n\n**Security**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in signed disk images. This issue was addressed through improved size validation.\n\nCVE-2016-4753: Mark Mentovai of Google Inc.\n\nEntry added September 20, 2016\n\n**Springboard**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Sensitive data may be exposed in application snapshots presented in the Task Switcher\n\nDescription: An issue existed in Springboard which displayed cached snapshots containing sensitive data in the Task Switcher. This issue was addressed by displaying updated snapshots.\n\nCVE-2016-7759: Fatma Y\u0131lmaz of Ptt Genel M\u00fcd\u00fcrl\u00fc\u011f\u00fc from Ankara\n\nEntry added January 17, 2017\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.\n\nCVE-2016-4728: Daniel Divricean\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Visiting a maliciously crafted website may leak sensitive data\n\nDescription: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.\n\nCVE-2016-4758: Masato Kinugawa of Cure53\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4611: Apple\n\nCVE-2016-4729: Apple\n\nCVE-2016-4730: Apple\n\nCVE-2016-4731: Apple\n\nCVE-2016-4734: Natalie Silvanovich of Google Project Zero\n\nCVE-2016-4735: Andr\u00e9 Bargull\n\nCVE-2016-4737: Apple\n\nCVE-2016-4759: Tongbo Luo of Palo Alto Networks\n\nCVE-2016-4762: Zheng Huang of Baidu Security Lab\n\nCVE-2016-4766: Apple\n\nCVE-2016-4767: Apple\n\nCVE-2016-4768: Anonymous working with Trend Micro's Zero Day Initiative\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A malicious website may be able to access non-HTTP services\n\nDescription: Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a different HTTP protocol version.\n\nCVE-2016-4760: Jordan Milne\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4733: Natalie Silvanovich of Google Project Zero\n\nCVE-2016-4765: Apple\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An attacker in a privileged network position may be able to intercept and alter network traffic to applications using WKWebView with HTTPS\n\nDescription: A certificate validation issue existed in the handling of WKWebView. This issue was addressed through improved validation.\n\nCVE-2016-4763: an anonymous researcher\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4764: Apple\n\nEntry added November 3, 2016\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: September 12, 2018\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-13T00:00:00", "type": "apple", "title": "About the security content of iOS 10", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4618", "CVE-2016-4620", "CVE-2016-4658", "CVE-2016-4698", "CVE-2016-4702", "CVE-2016-4707", "CVE-2016-4708", "CVE-2016-4711", "CVE-2016-4712", "CVE-2016-4718", "CVE-2016-4719", "CVE-2016-4722", "CVE-2016-4724", "CVE-2016-4725", "CVE-2016-4726", "CVE-2016-4728", "CVE-2016-4729", "CVE-2016-4730", "CVE-2016-4731", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4737", "CVE-2016-4738", "CVE-2016-4740", "CVE-2016-4741", "CVE-2016-4746", "CVE-2016-4747", "CVE-2016-4749", "CVE-2016-4750", "CVE-2016-4753", "CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4762", "CVE-2016-4763", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4771", "CVE-2016-4772", "CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4776", "CVE-2016-4777", "CVE-2016-4778", "CVE-2016-5131", "CVE-2016-7759"], "modified": "2016-09-13T00:00:00", "id": "APPLE:E9669457A392F3841155FA0993A498A4", "href": "https://support.apple.com/kb/HT207143", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:52", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iOS 10\n\nReleased September 13, 2016\n\n**AppleMobileFileIntegrity**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A local application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in the task port inheritance policy. This issue was addressed through improved validation of the process entitlement and Team ID.\n\nCVE-2016-4698: Pedro Vila\u00e7a\n\nEntry added September 20, 2016\n\n**Assets**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An attacker in a privileged network position may be able to block a device from receiving software updates\n\nDescription: An issue existed in iOS updates, which did not properly secure user communications. This issue was addressed by using HTTPS for software updates.\n\nCVE-2016-4741: Raul Siles of DinoSec\n\n**Audio**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University\n\nEntry added September 20, 2016\n\n**Certificate Trust Policy**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Update to the certificate trust policy\n\nDescription: The certificate trust policy was updated. The complete list of certificates may be viewed at <https://support.apple.com/kb/HT204132>.\n\nEntry added September 20, 2016\n\n**CFNetwork**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A local user may be able to discover websites a user has visited\n\nDescription: An issue existed in Local Storage deletion. This issue was addressed through improved Local Storage cleanup.\n\nCVE-2016-4707: an anonymous researcher\n\nEntry added September 20, 2016\n\n**CFNetwork**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may compromise user information\n\nDescription: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.\n\nCVE-2016-4708: Dawid Czagan of Silesia Security Lab\n\nEntry added September 20, 2016\n\n**CommonCrypto**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application using CCrypt may disclose sensitive plaintext if the output and input buffer are the same\n\nDescription: An input validation issue existed in corecrypto. This issue was addressed through improved input validation.\n\nCVE-2016-4711: Max Lohrmann\n\nEntry added September 20, 2016\n\n**CoreCrypto**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code\n\nDescription: An out-of-bounds write issue was addressed by removing the vulnerable code.\n\nCVE-2016-4712: Gergo Koteles\n\nEntry added September 20, 2016\n\n**FontParser**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A buffer overflow existed in the handling of font files.\n\nThis issue was addressed through improved bounds checking.\n\nCVE-2016-4718: Apple\n\nEntry added September 20, 2016\n\n**GeoServices**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to read sensitive location information\n\nDescription: A permissions issue existed in PlaceData. This issue was addressed through improved permission validation.\n\nCVE-2016-4719: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)\n\n**IDS - Connectivity**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An attacker in a privileged network position may be able to cause a denial of service\n\nDescription: A spoofing issue existed in the handling of Call Relay. This issue was addressed through improved input validation.\n\nCVE-2016-4722: Martin Vigo (@martin_vigo) of salesforce.com\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A null pointer dereference was addressed through improved input validation.\n\nCVE-2016-4724: Cererdlong, Eakerqiu of Team OverSky\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4725: Rodger Combs of Plex, Inc.\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4726: an anonymous researcher\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A local application may be able to access restricted files\n\nDescription: A parsing issue in the handling of directory paths was addressed through improved path validation.\n\nCVE-2016-4771: Balazs Bucsay, Research Director of MRG Effitas\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A lock handling issue was addressed through improved lock handling.\n\nCVE-2016-4772: Marc Heuse of mh-sec\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to determine kernel memory layout\n\nDescription: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.\n\nCVE-2016-4773: Brandon Azad\n\nCVE-2016-4774: Brandon Azad\n\nCVE-2016-4776: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An untrusted pointer dereference was addressed by removing the affected code.\n\nCVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4778: CESG\n\nEntry added September 20, 2016\n\n**Keyboards**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Keyboard auto correct suggestions may reveal sensitive information\n\nDescription: The iOS keyboard was inadvertently caching sensitive information. This issue was addressed through improved heuristics.\n\nCVE-2016-4746: Antoine M of France\n\n**libxml2**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4658: Nick Wellnhofer\n\nCVE-2016-5131: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**libxslt**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4738: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**Mail**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An attacker with a privileged network position may be able to intercept mail credentials\n\nDescription: An issue existed when handling untrusted certificates. This was addressed by terminating untrusted connections.\n\nCVE-2016-4747: Dave Aitel\n\n**Messages**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Messages may be visible on a device that has not signed in to Messages\n\nDescription: An issue existed when using Handoff for Messages. This issue was resolved via better state management.\n\nCVE-2016-4740: Step Wallace\n\n**Printing UIKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An unencrypted document may be written to a temporary file when using AirPrint preview\n\nDescription: An issue existed in AirPrint preview. This was addressed through improved environment sanitization.\n\nCVE-2016-4749: Scott Alexander (@gooshy)\n\nEntry updated September 12, 2018\n\n**S2 Camera**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4750: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro\u2019s Zero Day Initiative\n\nEntry added September 20, 2016\n\n**Safari Reader**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting\n\nDescription: Multiple validation issues were addressed through improved input sanitization.\n\nCVE-2016-4618: Erling Ellingsen\n\nEntry added September 20, 2016 and updated September 23, 2016.\n\n**Sandbox Profiles**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A malicious application may be able to determine whom a user is texting\n\nDescription: An access control issue existed in SMS draft directories. This issue was addressed by preventing apps from stat'ing the affected directories.\n\nCVE-2016-4620: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)\n\n**Security**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in signed disk images. This issue was addressed through improved size validation.\n\nCVE-2016-4753: Mark Mentovai of Google Inc.\n\nEntry added September 20, 2016\n\n**Springboard**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Sensitive data may be exposed in application snapshots presented in the Task Switcher\n\nDescription: An issue existed in Springboard which displayed cached snapshots containing sensitive data in the Task Switcher. This issue was addressed by displaying updated snapshots.\n\nCVE-2016-7759: Fatma Y\u0131lmaz of Ptt Genel M\u00fcd\u00fcrl\u00fc\u011f\u00fc from Ankara\n\nEntry added January 17, 2017\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.\n\nCVE-2016-4728: Daniel Divricean\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Visiting a maliciously crafted website may leak sensitive data\n\nDescription: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.\n\nCVE-2016-4758: Masato Kinugawa of Cure53\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4611: Apple\n\nCVE-2016-4729: Apple\n\nCVE-2016-4730: Apple\n\nCVE-2016-4731: Apple\n\nCVE-2016-4734: Natalie Silvanovich of Google Project Zero\n\nCVE-2016-4735: Andr\u00e9 Bargull\n\nCVE-2016-4737: Apple\n\nCVE-2016-4759: Tongbo Luo of Palo Alto Networks\n\nCVE-2016-4762: Zheng Huang of Baidu Security Lab\n\nCVE-2016-4766: Apple\n\nCVE-2016-4767: Apple\n\nCVE-2016-4768: Anonymous working with Trend Micro's Zero Day Initiative\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: A malicious website may be able to access non-HTTP services\n\nDescription: Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a different HTTP protocol version.\n\nCVE-2016-4760: Jordan Milne\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4733: Natalie Silvanovich of Google Project Zero\n\nCVE-2016-4765: Apple\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: An attacker in a privileged network position may be able to intercept and alter network traffic to applications using WKWebView with HTTPS\n\nDescription: A certificate validation issue existed in the handling of WKWebView. This issue was addressed through improved validation.\n\nCVE-2016-4763: an anonymous researcher\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4764: Apple\n\nEntry added November 3, 2016\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-12T09:13:10", "title": "About the security content of iOS 10 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4762", "CVE-2016-4767", "CVE-2016-4734", "CVE-2016-4759", "CVE-2016-4733", "CVE-2016-4741", "CVE-2016-4750", "CVE-2016-7759", "CVE-2016-4730", "CVE-2016-4737", "CVE-2016-4722", "CVE-2016-4753", "CVE-2016-4773", "CVE-2016-4712", "CVE-2016-4708", "CVE-2016-4747", "CVE-2016-4731", "CVE-2016-4768", "CVE-2016-4728", "CVE-2016-4618", "CVE-2016-4740", "CVE-2016-4729", "CVE-2016-4749", "CVE-2016-4611", "CVE-2016-4776", "CVE-2016-4711", "CVE-2016-4719", "CVE-2016-4698", "CVE-2016-4758", "CVE-2016-4707", "CVE-2016-5131", "CVE-2016-4718", "CVE-2016-4777", "CVE-2016-4763", "CVE-2016-4766", "CVE-2016-4764", "CVE-2016-4738", "CVE-2016-4724", "CVE-2016-4735", "CVE-2016-4725", "CVE-2016-4772", "CVE-2016-4746", "CVE-2016-4771", "CVE-2016-4760", "CVE-2016-4726", "CVE-2016-4658", "CVE-2016-4620", "CVE-2016-4774", "CVE-2016-4778", "CVE-2016-4702", "CVE-2016-4765"], "modified": "2018-09-12T09:13:10", "id": "APPLE:HT207143", "href": "https://support.apple.com/kb/HT207143", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:30", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## tvOS 10\n\nReleased September 13, 2016\n\n**Audio**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: A remote attacker may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University\n\nEntry added September 20, 2016\n\n**CFNetwork**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may compromise user information\n\nDescription: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.\n\nCVE-2016-4708: Dawid Czagan of Silesia Security Lab\n\nEntry added September 20, 2016\n\n**CoreCrypto**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code\n\nDescription: An out-of-bounds write issue was addressed by removing the vulnerable code.\n\nCVE-2016-4712: Gergo Koteles\n\nEntry added September 20, 2016\n\n**FontParser**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.\n\nCVE-2016-4718: Apple\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4725: Rodger Combs of Plex, Inc.\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4726: an anonymous researcher\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A lock handling issue was addressed through improved lock handling.\n\nCVE-2016-4772: Marc Heuse of mh-sec\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to determine kernel memory layout\n\nDescription: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.\n\nCVE-2016-4773: Brandon Azad\n\nCVE-2016-4774: Brandon Azad\n\nCVE-2016-4776: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: A local user may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4775: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An untrusted pointer dereference was addressed by removing the affected code.\n\nCVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4778: CESG\n\nEntry added September 20, 2016\n\n**libxml2**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4658: Nick Wellnhofer\n\nCVE-2016-5131: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**libxslt**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4738: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**Security**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in signed disk images. This issue was addressed through improved size validation.\n\nCVE-2016-4753: Mark Mentovai of Google Inc.\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.\n\nCVE-2016-4728: Daniel Divricean\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4611: Apple\n\nCVE-2016-4730: Apple\n\nCVE-2016-4734: Natalie Silvanovich of Google Project Zero\n\nCVE-2016-4735: Andr\u00e9 Bargull\n\nCVE-2016-4737: Apple\n\nCVE-2016-4759: Tongbo Luo of Palo Alto Networks\n\nCVE-2016-4766: Apple\n\nCVE-2016-4767: Apple\n\nCVE-2016-4768: Anonymous working with Trend Micro's Zero Day Initiative\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4733: Natalie Silvanovich of Google Project Zero\n\nCVE-2016-4765: Apple\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4764: Apple\n\nEntry added November 3, 2016\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-23T05:36:09", "title": "About the security content of tvOS 10 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4767", "CVE-2016-4734", "CVE-2016-4759", "CVE-2016-4733", "CVE-2016-4730", "CVE-2016-4737", "CVE-2016-4753", "CVE-2016-4773", "CVE-2016-4712", "CVE-2016-4708", "CVE-2016-4768", "CVE-2016-4728", "CVE-2016-4611", "CVE-2016-4776", "CVE-2016-5131", "CVE-2016-4718", "CVE-2016-4777", "CVE-2016-4766", "CVE-2016-4764", "CVE-2016-4738", "CVE-2016-4735", "CVE-2016-4725", "CVE-2016-4772", "CVE-2016-4726", "CVE-2016-4658", "CVE-2016-4775", "CVE-2016-4774", "CVE-2016-4778", "CVE-2016-4702", "CVE-2016-4765"], "modified": "2017-01-23T05:36:09", "id": "APPLE:HT207142", "href": "https://support.apple.com/kb/HT207142", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-26T19:33:27", "description": "# About the security content of tvOS 10\n\nThis document describes the security content of tvOS 10.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## tvOS 10\n\nReleased September 13, 2016\n\n**Audio**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: A remote attacker may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University\n\nEntry added September 20, 2016\n\n**CFNetwork**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may compromise user information\n\nDescription: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.\n\nCVE-2016-4708: Dawid Czagan of Silesia Security Lab\n\nEntry added September 20, 2016\n\n**CoreCrypto**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code\n\nDescription: An out-of-bounds write issue was addressed by removing the vulnerable code.\n\nCVE-2016-4712: Gergo Koteles\n\nEntry added September 20, 2016\n\n**FontParser**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.\n\nCVE-2016-4718: Apple\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4725: Rodger Combs of Plex, Inc.\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4726: an anonymous researcher\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A lock handling issue was addressed through improved lock handling.\n\nCVE-2016-4772: Marc Heuse of mh-sec\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to determine kernel memory layout\n\nDescription: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.\n\nCVE-2016-4773: Brandon Azad\n\nCVE-2016-4774: Brandon Azad\n\nCVE-2016-4776: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: A local user may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4775: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An untrusted pointer dereference was addressed by removing the affected code.\n\nCVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4778: CESG\n\nEntry added September 20, 2016\n\n**libxml2**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4658: Nick Wellnhofer\n\nCVE-2016-5131: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**libxslt**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4738: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**Security**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in signed disk images. This issue was addressed through improved size validation.\n\nCVE-2016-4753: Mark Mentovai of Google Inc.\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.\n\nCVE-2016-4728: Daniel Divricean\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4611: Apple\n\nCVE-2016-4730: Apple\n\nCVE-2016-4734: natashenka of Google Project Zero\n\nCVE-2016-4735: Andr\u00e9 Bargull\n\nCVE-2016-4737: Apple\n\nCVE-2016-4759: Tongbo Luo of Palo Alto Networks\n\nCVE-2016-4766: Apple\n\nCVE-2016-4767: Apple\n\nCVE-2016-4768: Anonymous working with Trend Micro's Zero Day Initiative\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4733: natashenka of Google Project Zero\n\nCVE-2016-4765: Apple\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4764: Apple\n\nEntry added November 3, 2016\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-13T00:00:00", "type": "apple", "title": "About the security content of tvOS 10", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4658", "CVE-2016-4702", "CVE-2016-4708", "CVE-2016-4712", "CVE-2016-4718", "CVE-2016-4725", "CVE-2016-4726", "CVE-2016-4728", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4737", "CVE-2016-4738", "CVE-2016-4753", "CVE-2016-4759", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4772", "CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4775", "CVE-2016-4776", "CVE-2016-4777", "CVE-2016-4778", "CVE-2016-5131"], "modified": "2016-09-13T00:00:00", "id": "APPLE:6748E384E7BA13DBCB2C35FCC0D241F7", "href": "https://support.apple.com/kb/HT207142", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:34", "description": "For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## watchOS 3\n\nReleased September 13, 2016\n\n**Audio**\n\nAvailable for: All Apple Watch models\n\nImpact: A remote attacker may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University\n\nEntry added September 20, 2016\n\n**CFNetwork**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may compromise user information\n\nDescription: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.\n\nCVE-2016-4708: Dawid Czagan of Silesia Security Lab\n\nEntry added September 20, 2016\n\n**CoreCrypto**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to execute arbitrary code\n\nDescription: An out-of-bounds write issue was addressed by removing the vulnerable code.\n\nCVE-2016-4712: Gergo Koteles\n\nEntry added September 20, 2016\n\n**FontParser**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.\n\nCVE-2016-4718: Apple\n\nEntry added September 20, 2016\n\n**GeoServices**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to read sensitive location information\n\nDescription: A permissions issue existed in PlaceData. This issue was addressed through improved permission validation.\n\nCVE-2016-4719: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)\n\n**IOAcceleratorFamily**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4725: Rodger Combs of Plex, Inc.\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4726: An anonymous researcher\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A lock handling issue was addressed through improved lock handling.\n\nCVE-2016-4772: Marc Heuse of mh-sec\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to determine kernel memory layout\n\nDescription: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.\n\nCVE-2016-4773: Brandon Azad\n\nCVE-2016-4774: Brandon Azad\n\nCVE-2016-4776: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: A local user may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4775: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An untrusted pointer dereference was addressed by removing the affected code.\n\nCVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4778: CESG\n\nEntry added September 20, 2016\n\n**libxml2**\n\nAvailable for: All Apple Watch models\n\nImpact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4658: Nick Wellnhofer\n\nCVE-2016-5131: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**libxslt**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4738: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**Security**\n\nAvailable for: All Apple Watch models\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in signed disk images. This issue was addressed through improved size validation.\n\nCVE-2016-4753: Mark Mentovai of Google Inc.\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4737: Apple\n\nEntry added September 20, 2016\n\n**Wi-Fi Manager**\n\n****Available for: All Apple Watch models\n\nImpact: App extensions may obtain internet access\n\nDescription: Multiple policy enforcement issues with Wi-Fi sharing. These issues were addressed with improved entitlement checks.\n\nCVE-2016-7699: Proteas of Qihoo 360 Nirvan Team\n\nEntry added May 17, 2017\n", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-07-27T08:13:37", "title": "About the security content of watchOS 3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4737", "CVE-2016-4753", "CVE-2016-4773", "CVE-2016-4712", "CVE-2016-4708", "CVE-2016-4776", "CVE-2016-4719", "CVE-2016-5131", "CVE-2016-4718", "CVE-2016-4777", "CVE-2016-4738", "CVE-2016-4725", "CVE-2016-4772", "CVE-2016-4726", "CVE-2016-4658", "CVE-2016-4775", "CVE-2016-4774", "CVE-2016-4778", "CVE-2016-4702", "CVE-2016-7699"], "modified": "2020-07-27T08:13:37", "id": "APPLE:HT207141", "href": "https://support.apple.com/kb/HT207141", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T03:29:59", "description": "# About the security content of watchOS 3\n\nThis document describes the security content of watchOS 3.\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## watchOS 3\n\nReleased September 13, 2016\n\n**Audio**\n\nAvailable for: All Apple Watch models\n\nImpact: A remote attacker may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University\n\nEntry added September 20, 2016\n\n**CFNetwork**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may compromise user information\n\nDescription: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.\n\nCVE-2016-4708: Dawid Czagan of Silesia Security Lab\n\nEntry added September 20, 2016\n\n**CoreCrypto**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to execute arbitrary code\n\nDescription: An out-of-bounds write issue was addressed by removing the vulnerable code.\n\nCVE-2016-4712: Gergo Koteles\n\nEntry added September 20, 2016\n\n**FontParser**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.\n\nCVE-2016-4718: Apple\n\nEntry added September 20, 2016\n\n**GeoServices**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to read sensitive location information\n\nDescription: A permissions issue existed in PlaceData. This issue was addressed through improved permission validation.\n\nCVE-2016-4719: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)\n\n**IOAcceleratorFamily**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4725: Rodger Combs of Plex, Inc.\n\nEntry added September 20, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4726: An anonymous researcher\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A lock handling issue was addressed through improved lock handling.\n\nCVE-2016-4772: Marc Heuse of mh-sec\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to determine kernel memory layout\n\nDescription: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.\n\nCVE-2016-4773: Brandon Azad\n\nCVE-2016-4774: Brandon Azad\n\nCVE-2016-4776: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: A local user may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4775: Brandon Azad\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An untrusted pointer dereference was addressed by removing the affected code.\n\nCVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team\n\nEntry added September 20, 2016\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4778: CESG\n\nEntry added September 20, 2016\n\n**libxml2**\n\nAvailable for: All Apple Watch models\n\nImpact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4658: Nick Wellnhofer\n\nCVE-2016-5131: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**libxslt**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4738: Nick Wellnhofer\n\nEntry added September 20, 2016\n\n**Security**\n\nAvailable for: All Apple Watch models\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in signed disk images. This issue was addressed through improved size validation.\n\nCVE-2016-4753: Mark Mentovai of Google Inc.\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4737: Apple\n\nEntry added September 20, 2016\n\n**Wi-Fi Manager**\n\n****Available for: All Apple Watch models\n\nImpact: App extensions may obtain internet access\n\nDescription: Multiple policy enforcement issues with Wi-Fi sharing. These issues were addressed with improved entitlement checks.\n\nCVE-2016-7699: Proteas of Qihoo 360 Nirvan Team\n\nEntry added May 17, 2017\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 27, 2020\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-13T00:00:00", "type": "apple", "title": "About the security content of watchOS 3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2016-4702", "CVE-2016-4708", "CVE-2016-4712", "CVE-2016-4718", "CVE-2016-4719", "CVE-2016-4725", "CVE-2016-4726", "CVE-2016-4737", "CVE-2016-4738", "CVE-2016-4753", "CVE-2016-4772", "CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4775", "CVE-2016-4776", "CVE-2016-4777", "CVE-2016-4778", "CVE-2016-5131", "CVE-2016-7699"], "modified": "2016-09-13T00:00:00", "id": "APPLE:D5F409F7AFA37FCEB99438F892D4A5CB", "href": "https://support.apple.com/kb/HT207141", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T19:31:36", "description": "# About the security content of Safari 10\n\nThis document describes the security content of Safari 10.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## Safari 10\n\nReleased September 20, 2016\n\n**Safari Reader**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting\n\nDescription: Multiple validation issues were addressed through improved input sanitization.\n\nCVE-2016-4618: Erling Ellingsen\n\nEntry updated September 23, 2016\n\n**Safari Tabs**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A state management issue existed in the handling of tab sessions. This issue was addressed through session state management.\n\nCVE-2016-4751: Daniel Chatfield of Monzo Bank\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.\n\nCVE-2016-4728: Daniel Divricean\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Visiting a maliciously crafted website may leak sensitive data\n\nDescription: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.\n\nCVE-2016-4758: Masato Kinugawa of Cure53\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4611: Apple\n\nCVE-2016-4729: Apple\n\nCVE-2016-4730: Apple\n\nCVE-2016-4731: Apple\n\nCVE-2016-4734: natashenka of Google Project Zero\n\nCVE-2016-4735: Andr\u00e9 Bargull\n\nCVE-2016-4737: Apple\n\nCVE-2016-4759: Tongbo Luo of Palo Alto Networks\n\nCVE-2016-4762: Zheng Huang of Baidu Security Lab\n\nCVE-2016-4766: Apple\n\nCVE-2016-4767: Apple\n\nCVE-2016-4768: Anonymous working with Trend Micro's Zero Day Initiative\n\nCVE-2016-4769: Tongbo Luo of Palo Alto Networks\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: A malicious website may be able to access non-HTTP services\n\nDescription: Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a different HTTP protocol version.\n\nCVE-2016-4760: Jordan Milne\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4733: natashenka of Google Project Zero\n\nCVE-2016-4765: Apple\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: An attacker in a privileged network position may be able to intercept and alter network traffic to applications using WKWebView with HTTPS\n\nDescription: A certificate validation issue existed in the handling of WKWebView. This issue was addressed through improved validation.\n\nCVE-2016-4763: an anonymous researcher\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4764: Apple\n\nEntry added November 3, 2016\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 6.0}, "published": "2016-09-20T00:00:00", "type": "apple", "title": "About the security content of Safari 10", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4618", "CVE-2016-4728", "CVE-2016-4729", "CVE-2016-4730", "CVE-2016-4731", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4737", "CVE-2016-4751", "CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4762", "CVE-2016-4763", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769"], "modified": "2016-09-20T00:00:00", "id": "APPLE:E8A8DC8CCD4F1D9B949D4589378AF1BF", "href": "https://support.apple.com/kb/HT207157", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:41:55", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## Safari 10\n\nReleased September 20, 2016\n\n**Safari Reader**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting\n\nDescription: Multiple validation issues were addressed through improved input sanitization.\n\nCVE-2016-4618: Erling Ellingsen\n\nEntry updated September 23, 2016\n\n**Safari Tabs**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A state management issue existed in the handling of tab sessions. This issue was addressed through session state management.\n\nCVE-2016-4751: Daniel Chatfield of Monzo Bank\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.\n\nCVE-2016-4728: Daniel Divricean\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Visiting a maliciously crafted website may leak sensitive data\n\nDescription: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.\n\nCVE-2016-4758: Masato Kinugawa of Cure53\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4611: Apple\n\nCVE-2016-4729: Apple\n\nCVE-2016-4730: Apple\n\nCVE-2016-4731: Apple\n\nCVE-2016-4734: Natalie Silvanovich of Google Project Zero\n\nCVE-2016-4735: Andr\u00e9 Bargull\n\nCVE-2016-4737: Apple\n\nCVE-2016-4759: Tongbo Luo of Palo Alto Networks\n\nCVE-2016-4762: Zheng Huang of Baidu Security Lab\n\nCVE-2016-4766: Apple\n\nCVE-2016-4767: Apple\n\nCVE-2016-4768: Anonymous working with Trend Micro's Zero Day Initiative\n\nCVE-2016-4769: Tongbo Luo of Palo Alto Networks\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: A malicious website may be able to access non-HTTP services\n\nDescription: Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a different HTTP protocol version.\n\nCVE-2016-4760: Jordan Milne\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4733: Natalie Silvanovich of Google Project Zero\n\nCVE-2016-4765: Apple\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: An attacker in a privileged network position may be able to intercept and alter network traffic to applications using WKWebView with HTTPS\n\nDescription: A certificate validation issue existed in the handling of WKWebView. This issue was addressed through improved validation.\n\nCVE-2016-4763: an anonymous researcher\n\n**WebKit**\n\nAvailable for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4764: Apple\n\nEntry added November 3, 2016\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-23T05:36:07", "title": "About the security content of Safari 10 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4762", "CVE-2016-4767", "CVE-2016-4734", "CVE-2016-4759", "CVE-2016-4733", "CVE-2016-4730", "CVE-2016-4737", "CVE-2016-4769", "CVE-2016-4731", "CVE-2016-4768", "CVE-2016-4728", "CVE-2016-4751", "CVE-2016-4618", "CVE-2016-4729", "CVE-2016-4611", "CVE-2016-4758", "CVE-2016-4763", "CVE-2016-4766", "CVE-2016-4764", "CVE-2016-4735", "CVE-2016-4760", "CVE-2016-4765"], "modified": "2017-01-23T05:36:07", "id": "APPLE:HT207157", "href": "https://support.apple.com/kb/HT207157", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:18", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iTunes 12.5.1 for Windows\n\nReleased September 13, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.\n\nCVE-2016-4728: Daniel Divricean\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Visiting a maliciously crafted website may leak sensitive data\n\nDescription: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.\n\nCVE-2016-4758: Masato Kinugawa of Cure53\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4759: Tongbo Luo of Palo Alto Networks\n\nCVE-2016-4762: Zheng Huang of Baidu Security Lab\n\nCVE-2016-4766: Apple\n\nCVE-2016-4767: Apple\n\nCVE-2016-4768: Anonymous working with Trend Micro's Zero Day Initiative\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may be able to access non-HTTP services\n\nDescription: Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a different HTTP protocol version.\n\nCVE-2016-4760: Jordan Milne\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved state management.\n\nCVE-2016-4765: Apple\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: An attacker in a privileged network position may be able to intercept and alter network traffic to applications using WKWebView with HTTPS\n\nDescription: A certificate validation issue existed in the handling of WKWebView. This issue was addressed through improved validation.\n\nCVE-2016-4763: an anonymous researcher\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4769: Tongbo Luo of Palo Alto Networks\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Available for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4764: Apple\n\nEntry added November 3, 2016\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-23T05:36:06", "title": "About the security content of iTunes 12.5.1 for Windows - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4762", "CVE-2016-4767", "CVE-2016-4759", "CVE-2016-4769", "CVE-2016-4768", "CVE-2016-4728", "CVE-2016-4758", "CVE-2016-4763", "CVE-2016-4766", "CVE-2016-4764", "CVE-2016-4760", "CVE-2016-4765"], "modified": "2017-01-23T05:36:06", "id": "APPLE:HT207158", "href": "https://support.apple.com/kb/HT207158", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:01:01", "description": "# About the security content of iTunes 12.5.1 for Windows\n\nThis document describes the security content of iTunes 12.5.1 for Windows.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iTunes 12.5.1 for Windows\n\nReleased September 13, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.\n\nCVE-2016-4728: Daniel Divricean\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Visiting a maliciously crafted website may leak sensitive data\n\nDescription: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.\n\nCVE-2016-4758: Masato Kinugawa of Cure53\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4759: Tongbo Luo of Palo Alto Networks\n\nCVE-2016-4762: Zheng Huang of Baidu Security Lab\n\nCVE-2016-4766: Apple\n\nCVE-2016-4767: Apple\n\nCVE-2016-4768: Anonymous working with Trend Micro's Zero Day Initiative\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may be able to access non-HTTP services\n\nDescription: Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a different HTTP protocol version.\n\nCVE-2016-4760: Jordan Milne\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved state management.\n\nCVE-2016-4765: Apple\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: An attacker in a privileged network position may be able to intercept and alter network traffic to applications using WKWebView with HTTPS\n\nDescription: A certificate validation issue existed in the handling of WKWebView. This issue was addressed through improved validation.\n\nCVE-2016-4763: an anonymous researcher\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4769: Tongbo Luo of Palo Alto Networks\n\nEntry added September 20, 2016\n\n**WebKit**\n\nAvailable for: Available for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved state management.\n\nCVE-2016-4764: Apple\n\nEntry added November 3, 2016\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: January 23, 2017\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-13T00:00:00", "type": "apple", "title": "About the security content of iTunes 12.5.1 for Windows", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4728", "CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4762", "CVE-2016-4763", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769"], "modified": "2016-09-13T00:00:00", "id": "APPLE:E15F1D56474446ED53D46A6CF591BFD7", "href": "https://support.apple.com/kb/HT207158", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:41:42", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## macOS Sierra 10.12\n\nReleased September 20, 2016\n\n**apache**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may be able to proxy traffic through an arbitrary server\n\nDescription: An issue existed in the handling of the HTTP_PROXY environment variable. This issue was addressed by not setting the HTTP_PROXY environment variable from CGI.\n\nCVE-2016-4694: Dominic Scheirlinck and Scott Geary of Vend\n\n**apache_mod_php**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.\n\nDescription: Multiple issues in PHP were addressed by updating PHP to version 5.6.24.\n\nCVE-2016-5768\n\nCVE-2016-5769\n\nCVE-2016-5770\n\nCVE-2016-5771\n\nCVE-2016-5772\n\nCVE-2016-5773\n\nCVE-2016-6174\n\nCVE-2016-6288\n\nCVE-2016-6289\n\nCVE-2016-6290\n\nCVE-2016-6291\n\nCVE-2016-6292\n\nCVE-2016-6294\n\nCVE-2016-6295\n\nCVE-2016-6296\n\nCVE-2016-6297\n\n**Apple HSSPI Support**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4697: Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative\n\n**AppleEFIRuntime**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A null pointer dereference was addressed through improved input validation.\n\nCVE-2016-4696: Shrek_wzw of Qihoo 360 Nirvan Team\n\n**AppleMobileFileIntegrity**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in the task port inheritance policy. This issue was addressed through improved validation of the process entitlement and Team ID.\n\nCVE-2016-4698: Pedro Vila\u00e7a\n\n**AppleUUC**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved input validation.\n\nCVE-2016-4699: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro's Zero Day Initiative\n\nCVE-2016-4700: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro\u2019s Zero Day Initiative\n\n**Application Firewall**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to cause a denial of service\n\nDescription: A validation issue existed in the handling of firewall prompts. This issue was addressed through improved validation of SO_EXECPATH.\n\nCVE-2016-4701: Meder Kydyraliev Google Security Team\n\n**ATS**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4779: riusksk of Tencent Security Platform Department\n\n**Audio**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University.\n\n**Bluetooth**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4703: Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\n**cd9660**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed through improved memory handling.\n\nCVE-2016-4706: Recurity Labs on behalf of BSI (German Federal Office for Information Security)\n\n**CFNetwork**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to discover websites a user has visited\n\nDescription: An issue existed in Local Storage deletion. This issue was addressed through improved Local Storage cleanup.\n\nCVE-2016-4707: an anonymous researcher\n\n**CFNetwork**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing maliciously crafted web content may compromise user information\n\nDescription: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.\n\nCVE-2016-4708: Dawid Czagan of Silesia Security Lab\n\n**CommonCrypto**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application using CCrypt may disclose sensitive plaintext if the output and input buffer are the same\n\nDescription: An input validation issue existed in corecrypto. This issue was addressed through improved input validation.\n\nCVE-2016-4711: Max Lohrmann\n\n**CoreCrypto**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code\n\nDescription: An out-of-bounds write issue was addressed by removing the vulnerable code.\n\nCVE-2016-4712: Gergo Koteles\n\n**CoreDisplay**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A user with screen sharing access may be able to view another user's screen\n\nDescription: A session management issue existed in the handling of screen sharing sessions. This issue was addressed through improved session tracking.\n\nCVE-2016-4713: Ruggero Alberti\n\n**curl**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Multiple issues in curl\n\nDescription: Multiple security issues existed in curl prior to version 7.49.1. These issues were addressed by updating curl to version 7.49.1.\n\nCVE-2016-0755: Isaac Boukris\n\n**Date & Time Pref Pane**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A malicious application may be able to determine a user's current location\n\nDescription: An issue existed in the handling of the .GlobalPreferences file. This was addressed though improved validation.\n\nCVE-2016-4715: Taiki (@Taiki__San) at ESIEA (Paris)\n\n**DiskArbitration**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to execute arbitrary code with system privileges\n\nDescription: An access issue existed in diskutil. This issue was addressed through improved permissions checking.\n\nCVE-2016-4716: Alexander Allen of The North Carolina School of Science and Mathematics\n\n**File Bookmark**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local application may be able to cause a denial of service\n\nDescription: A resource management issue existed in the handling of scoped bookmarks. This issue was addressed through improved file descriptor handling.\n\nCVE-2016-4717: Tom Bradley of 71Squared Ltd\n\n**FontParser**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.\n\nCVE-2016-4718: Apple\n\n**IDS - Connectivity**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An attacker in a privileged network position may be able to cause a denial of service\n\nDescription: A spoofing issue existed in the handling of Call Relay. This issue was addressed through improved input validation.\n\nCVE-2016-4722: Martin Vigo (@martin_vigo) of salesforce.com\n\n**ImageIO**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing maliciously crafted image may result in the disclosure of process memory\n\nDescription: An out-of-bounds read issue existed in the SGI image parsing. This issue was addressed through improved bounds checking.\n\nCVE-2016-4682: Ke Liu of Tencent's Xuanwu Lab\n\nEntry added October 24, 2016\n\n**Intel Graphics Driver**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4723: daybreaker of Minionz\n\n**Intel Graphics Driver**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed through improved memory management.\n\nCVE-2016-7582: Liang Chen of Tencent KeenLab\n\nEntry added November 14, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A null pointer dereference was addressed through improved input validation.\n\nCVE-2016-4724: Cererdlong, Eakerqiu of Team OverSky\n\n**IOAcceleratorFamily**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4725: Rodger Combs of Plex, Inc\n\n**IOAcceleratorFamily**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4726: an anonymous researcher\n\n**IOThunderboltFamily**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4727: wmin working with Trend Micros Zero Day Initiative\n\n**Kerberos v5 PAM module**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may determine the existence of user accounts\n\nDescription: A timing side channel allowed an attacker to determine the existence of user accounts on a system. This issue was addressed by introducing constant time checks.\n\nCVE-2016-4745: an anonymous researcher\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local application may be able to access restricted files\n\nDescription: A parsing issue in the handling of directory paths was addressed through improved path validation.\n\nCVE-2016-4771: Balazs Bucsay, Research Director of MRG Effitas\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A lock handling issue was addressed through improved lock handling.\n\nCVE-2016-4772: Marc Heuse of mh-sec\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to determine kernel memory layout\n\nDescription: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.\n\nCVE-2016-4773: Brandon Azad\n\nCVE-2016-4774: Brandon Azad\n\nCVE-2016-4776: Brandon Azad\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4775: Brandon Azad\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An untrusted pointer dereference was addressed by removing the affected code.\n\nCVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4778: CESG\n\n**libarchive**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Multiple issues in libarchive\n\nDescription: Multiple memory corruption issues existed in libarchive. These issues were addressed through improved input validation.\n\nCVE-2016-4736: Proteas of Qihoo 360 Nirvan Team\n\n**libxml2**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4658: Nick Wellnhofer\n\nCVE-2016-5131: Nick Wellnhofer\n\n**libxpc**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to break out of its sandbox\n\nDescription: Multiple weaknesses existed with spawning new processes using launchctl. These issues were addressed through improved policy enforcement.\n\nCVE-2016-4617: Gregor Kopf of Recurity Labs on behalf of BSI (German Federal Office for Information Security)\n\nEntry added October 24, 2016\n\n**libxslt**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4738: Nick Wellnhofer\n\n**Mail**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A malicious website may be able to cause a denial-of-service\n\nDescription: A denial of service issue was addressed through improved URL handling.\n\nCVE-2016-7580: Sabri Haddouche (@pwnsdx)\n\nEntry added December 1, 2016\n\n**mDNSResponder**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: Applications using VMnet.framework enabled a DNS proxy listening on all network interfaces. This issue was addressed by restricting DNS query responses to local interfaces.\n\nCVE-2016-4739: Magnus Skjegstad, David Scott and Anil Madhavapeddy from Docker, Inc.\n\n**NSSecureTextField**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A malicious application may be able to leak a user's credentials\n\nDescription: A state management issue existed in NSSecureTextField, which failed to enable Secure Input. This issue was addressed through improved window management.\n\nCVE-2016-4742: Rick Fillion of AgileBits, Daniel Jalkut of Red Sweater Software\n\n**Perl**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to bypass the taint protection mechanism\n\nDescription: An issue existed in the parsing of environment variables. This issue was addressed through improved validation of environment variables.\n\nCVE-2016-4748: Stephane Chazelas\n\n**S2 Camera**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4750: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro\u2019s Zero Day Initiative\n\n**Security**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application using SecKeyDeriveFromPassword may leak memory\n\nDescription: A resource management issue existed in the handling of key derivation. This issue was addressed by adding CF_RETURNS_RETAINED to SecKeyDeriveFromPassword.\n\nCVE-2016-4752: Mark Rogers of PowerMapper Software\n\n**Security**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in signed disk images. This issue was addressed through improved size validation.\n\nCVE-2016-4753: Mark Mentovai of Google Inc.\n\n**Terminal**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to leak sensitive user information\n\nDescription: A permissions issue existed in .bash_history and .bash_session. This issue was addressed through improved access restrictions.\n\nCVE-2016-4755: Axel Luttgens\n\n**WindowServer**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to gain root privileges\n\nDescription: A type confusion issue was addressed through improved memory handling.\n\nCVE-2016-4709: an anonymous researcher working with Trend Micro's Zero Day Initiative\n\nCVE-2016-4710: an anonymous researcher working with Trend Micro's Zero Day Initiative\n\nEntry updated November 15, 2016\n\nmacOS Sierra 10.12 includes the security content of [Safari 10](<https://support.apple.com/kb/HT207157>).\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-23T05:36:06", "title": "About the security content of macOS Sierra 10.12 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4727", "CVE-2016-5771", "CVE-2016-6288", "CVE-2016-6290", "CVE-2016-4713", "CVE-2016-4750", "CVE-2016-4716", "CVE-2016-4703", "CVE-2016-5772", "CVE-2016-4722", "CVE-2016-4753", "CVE-2016-4752", "CVE-2016-4773", "CVE-2016-4694", "CVE-2016-4696", "CVE-2016-4701", "CVE-2016-0755", "CVE-2016-4715", "CVE-2016-4712", "CVE-2016-4708", "CVE-2016-4709", "CVE-2016-4748", "CVE-2016-4617", "CVE-2016-4755", "CVE-2016-5770", "CVE-2016-5768", "CVE-2016-7582", "CVE-2016-4717", "CVE-2016-4710", "CVE-2016-4745", "CVE-2016-4776", "CVE-2016-6174", "CVE-2016-4711", "CVE-2016-4699", "CVE-2016-6295", "CVE-2016-7580", "CVE-2016-4697", "CVE-2016-6297", "CVE-2016-4739", "CVE-2016-6292", "CVE-2016-4698", "CVE-2016-4736", "CVE-2016-4682", "CVE-2016-4707", "CVE-2016-5131", "CVE-2016-6289", "CVE-2016-4718", "CVE-2016-4777", "CVE-2016-4738", "CVE-2016-4723", "CVE-2016-4724", "CVE-2016-5769", "CVE-2016-6294", "CVE-2016-4725", "CVE-2016-4742", "CVE-2016-4706", "CVE-2016-5773", "CVE-2016-4772", "CVE-2016-4779", "CVE-2016-4771", "CVE-2016-4726", "CVE-2016-4658", "CVE-2016-4700", "CVE-2016-4775", "CVE-2016-6291", "CVE-2016-4774", "CVE-2016-4778", "CVE-2016-4702", "CVE-2016-6296"], "modified": "2017-01-23T05:36:06", "id": "APPLE:HT207170", "href": "https://support.apple.com/kb/HT207170", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-10T17:01:07", "description": "# About the security content of macOS Sierra 10.12\n\nThis document describes the security content of macOS Sierra 10.12.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## macOS Sierra 10.12\n\nReleased September 20, 2016\n\n**apache**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may be able to proxy traffic through an arbitrary server\n\nDescription: An issue existed in the handling of the HTTP_PROXY environment variable. This issue was addressed by not setting the HTTP_PROXY environment variable from CGI.\n\nCVE-2016-4694: Dominic Scheirlinck and Scott Geary of Vend\n\n**apache_mod_php**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.\n\nDescription: Multiple issues in PHP were addressed by updating PHP to version 5.6.24.\n\nCVE-2016-5768\n\nCVE-2016-5769\n\nCVE-2016-5770\n\nCVE-2016-5771\n\nCVE-2016-5772\n\nCVE-2016-5773\n\nCVE-2016-6174\n\nCVE-2016-6288\n\nCVE-2016-6289\n\nCVE-2016-6290\n\nCVE-2016-6291\n\nCVE-2016-6292\n\nCVE-2016-6294\n\nCVE-2016-6295\n\nCVE-2016-6296\n\nCVE-2016-6297\n\n**Apple HSSPI Support**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4697: Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative\n\n**AppleEFIRuntime**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A null pointer dereference was addressed through improved input validation.\n\nCVE-2016-4696: Shrek_wzw of Qihoo 360 Nirvan Team\n\n**AppleMobileFileIntegrity**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in the task port inheritance policy. This issue was addressed through improved validation of the process entitlement and Team ID.\n\nCVE-2016-4698: Pedro Vila\u00e7a\n\n**AppleUUC**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved input validation.\n\nCVE-2016-4699: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro's Zero Day Initiative\n\nCVE-2016-4700: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro\u2019s Zero Day Initiative\n\n**Application Firewall**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to cause a denial of service\n\nDescription: A validation issue existed in the handling of firewall prompts. This issue was addressed through improved validation of SO_EXECPATH.\n\nCVE-2016-4701: Meder Kydyraliev Google Security Team\n\n**ATS**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4779: riusksk of Tencent Security Platform Department\n\n**Audio**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University.\n\n**Bluetooth**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4703: Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\n**cd9660**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed through improved memory handling.\n\nCVE-2016-4706: Recurity Labs on behalf of BSI (German Federal Office for Information Security)\n\n**CFNetwork**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to discover websites a user has visited\n\nDescription: An issue existed in Local Storage deletion. This issue was addressed through improved Local Storage cleanup.\n\nCVE-2016-4707: an anonymous researcher\n\n**CFNetwork**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing maliciously crafted web content may compromise user information\n\nDescription: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.\n\nCVE-2016-4708: Dawid Czagan of Silesia Security Lab\n\n**CommonCrypto**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application using CCrypt may disclose sensitive plaintext if the output and input buffer are the same\n\nDescription: An input validation issue existed in corecrypto. This issue was addressed through improved input validation.\n\nCVE-2016-4711: Max Lohrmann\n\n**CoreCrypto**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code\n\nDescription: An out-of-bounds write issue was addressed by removing the vulnerable code.\n\nCVE-2016-4712: Gergo Koteles\n\n**CoreDisplay**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A user with screen sharing access may be able to view another user's screen\n\nDescription: A session management issue existed in the handling of screen sharing sessions. This issue was addressed through improved session tracking.\n\nCVE-2016-4713: Ruggero Alberti\n\n**curl**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Multiple issues in curl\n\nDescription: Multiple security issues existed in curl prior to version 7.49.1. These issues were addressed by updating curl to version 7.49.1.\n\nCVE-2016-0755: Isaac Boukris\n\n**Date & Time Pref Pane**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A malicious application may be able to determine a user's current location\n\nDescription: An issue existed in the handling of the .GlobalPreferences file. This was addressed though improved validation.\n\nCVE-2016-4715: Taiki (@Taiki__San) at ESIEA (Paris)\n\n**DiskArbitration**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to execute arbitrary code with system privileges\n\nDescription: An access issue existed in diskutil. This issue was addressed through improved permissions checking.\n\nCVE-2016-4716: Alexander Allen of The North Carolina School of Science and Mathematics\n\n**File Bookmark**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local application may be able to cause a denial of service\n\nDescription: A resource management issue existed in the handling of scoped bookmarks. This issue was addressed through improved file descriptor handling.\n\nCVE-2016-4717: Tom Bradley of 71Squared Ltd\n\n**FontParser**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.\n\nCVE-2016-4718: Apple\n\n**IDS - Connectivity**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An attacker in a privileged network position may be able to cause a denial of service\n\nDescription: A spoofing issue existed in the handling of Call Relay. This issue was addressed through improved input validation.\n\nCVE-2016-4722: Martin Vigo (@martin_vigo) of salesforce.com\n\n**ImageIO**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing maliciously crafted image may result in the disclosure of process memory\n\nDescription: An out-of-bounds read issue existed in the SGI image parsing. This issue was addressed through improved bounds checking.\n\nCVE-2016-4682: Ke Liu of Tencent's Xuanwu Lab\n\nEntry added October 24, 2016\n\n**Intel Graphics Driver**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4723: daybreaker of Minionz\n\n**Intel Graphics Driver**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed through improved memory management.\n\nCVE-2016-7582: Liang Chen of Tencent KeenLab\n\nEntry added November 14, 2016\n\n**IOAcceleratorFamily**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A null pointer dereference was addressed through improved input validation.\n\nCVE-2016-4724: Cererdlong, Eakerqiu of Team OverSky\n\n**IOAcceleratorFamily**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed through improved input validation.\n\nCVE-2016-4725: Rodger Combs of Plex, Inc\n\n**IOAcceleratorFamily**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4726: an anonymous researcher\n\n**IOThunderboltFamily**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4727: wmin working with Trend Micros Zero Day Initiative\n\n**Kerberos v5 PAM module**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may determine the existence of user accounts\n\nDescription: A timing side channel allowed an attacker to determine the existence of user accounts on a system. This issue was addressed by introducing constant time checks.\n\nCVE-2016-4745: an anonymous researcher\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local application may be able to access restricted files\n\nDescription: A parsing issue in the handling of directory paths was addressed through improved path validation.\n\nCVE-2016-4771: Balazs Bucsay, Research Director of MRG Effitas\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A lock handling issue was addressed through improved lock handling.\n\nCVE-2016-4772: Marc Heuse of mh-sec\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to determine kernel memory layout\n\nDescription: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.\n\nCVE-2016-4773: Brandon Azad\n\nCVE-2016-4774: Brandon Azad\n\nCVE-2016-4776: Brandon Azad\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4775: Brandon Azad\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An untrusted pointer dereference was addressed by removing the affected code.\n\nCVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team\n\n**Kernel**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4778: CESG\n\n**libarchive**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Multiple issues in libarchive\n\nDescription: Multiple memory corruption issues existed in libarchive. These issues were addressed through improved input validation.\n\nCVE-2016-4736: Proteas of Qihoo 360 Nirvan Team\n\n**libxml2**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed through improved memory handling.\n\nCVE-2016-4658: Nick Wellnhofer\n\nCVE-2016-5131: Nick Wellnhofer\n\n**libxpc**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to break out of its sandbox\n\nDescription: Multiple weaknesses existed with spawning new processes using launchctl. These issues were addressed through improved policy enforcement.\n\nCVE-2016-4617: Gregor Kopf of Recurity Labs on behalf of BSI (German Federal Office for Information Security)\n\nEntry added October 24, 2016\n\n**libxslt**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4738: Nick Wellnhofer\n\n**Mail**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A malicious website may be able to cause a denial-of-service\n\nDescription: A denial of service issue was addressed through improved URL handling.\n\nCVE-2016-7580: Sabri Haddouche (@pwnsdx)\n\nEntry added December 1, 2016\n\n**mDNSResponder**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: Applications using VMnet.framework enabled a DNS proxy listening on all network interfaces. This issue was addressed by restricting DNS query responses to local interfaces.\n\nCVE-2016-4739: Magnus Skjegstad, David Scott and Anil Madhavapeddy from Docker, Inc.\n\n**NSSecureTextField**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A malicious application may be able to leak a user's credentials\n\nDescription: A state management issue existed in NSSecureTextField, which failed to enable Secure Input. This issue was addressed through improved window management.\n\nCVE-2016-4742: Rick Fillion of AgileBits, Daniel Jalkut of Red Sweater Software\n\n**Perl**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to bypass the taint protection mechanism\n\nDescription: An issue existed in the parsing of environment variables. This issue was addressed through improved validation of environment variables.\n\nCVE-2016-4748: Stephane Chazelas\n\n**S2 Camera**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4750: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro\u2019s Zero Day Initiative\n\n**Security**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: An application using SecKeyDeriveFromPassword may leak memory\n\nDescription: A resource management issue existed in the handling of key derivation. This issue was addressed by adding CF_RETURNS_RETAINED to SecKeyDeriveFromPassword.\n\nCVE-2016-4752: Mark Rogers of PowerMapper Software\n\n**Security**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in signed disk images. This issue was addressed through improved size validation.\n\nCVE-2016-4753: Mark Mentovai of Google Inc.\n\n**Terminal**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to leak sensitive user information\n\nDescription: A permissions issue existed in .bash_history and .bash_session. This issue was addressed through improved access restrictions.\n\nCVE-2016-4755: Axel Luttgens\n\n**WindowServer**\n\nAvailable for: OS X Lion v10.7.5 and later\n\nImpact: A local user may be able to gain root privileges\n\nDescription: A type confusion issue was addressed through improved memory handling.\n\nCVE-2016-4709: an anonymous researcher working with Trend Micro's Zero Day Initiative\n\nCVE-2016-4710: an anonymous researcher working with Trend Micro's Zero Day Initiative\n\nEntry updated November 15, 2016\n\nmacOS Sierra 10.12 includes the security content of [Safari 10](<https://support.apple.com/kb/HT207157>).\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: January 23, 2017\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-20T00:00:00", "type": "apple", "title": "About the security content of macOS Sierra 10.12", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0755", "CVE-2016-4617", "CVE-2016-4658", "CVE-2016-4682", "CVE-2016-4694", "CVE-2016-4696", "CVE-2016-4697", "CVE-2016-4698", "CVE-2016-4699", "CVE-2016-4700", "CVE-2016-4701", "CVE-2016-4702", "CVE-2016-4703", "CVE-2016-4706", "CVE-2016-4707", "CVE-2016-4708", "CVE-2016-4709", "CVE-2016-4710", "CVE-2016-4711", "CVE-2016-4712", "CVE-2016-4713", "CVE-2016-4715", "CVE-2016-4716", "CVE-2016-4717", "CVE-2016-4718", "CVE-2016-4722", "CVE-2016-4723", "CVE-2016-4724", "CVE-2016-4725", "CVE-2016-4726", "CVE-2016-4727", "CVE-2016-4736", "CVE-2016-4738", "CVE-2016-4739", "CVE-2016-4742", "CVE-2016-4745", "CVE-2016-4748", "CVE-2016-4750", "CVE-2016-4752", "CVE-2016-4753", "CVE-2016-4755", "CVE-2016-4771", "CVE-2016-4772", "CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4775", "CVE-2016-4776", "CVE-2016-4777", "CVE-2016-4778", "CVE-2016-4779", "CVE-2016-5131", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5770", "CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5773", "CVE-2016-6174", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6292", "CVE-2016-6294", "CVE-2016-6295", "CVE-2016-6296", "CVE-2016-6297", "CVE-2016-7580", "CVE-2016-7582"], "modified": "2016-09-20T00:00:00", "id": "APPLE:57CA287E3904ED3B654944A45A76249B", "href": "https://support.apple.com/kb/HT207170", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:28", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iCloud for Windows 6.0\n\nReleased September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4762: Zheng Huang of Baidu Security Lab\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-23T05:30:00", "title": "About the security content of iCloud for Windows 6.0 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4762"], "modified": "2017-01-23T05:30:00", "id": "APPLE:HT207147", "href": "https://support.apple.com/kb/HT207147", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:01:00", "description": "# About the security content of iCloud for Windows 6.0\n\nThis document describes the security content of iCloud for Windows 6.0.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://www.apple.com/support/security/>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iCloud for Windows 6.0\n\nReleased September 20, 2016\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed through improved memory handling.\n\nCVE-2016-4762: Zheng Huang of Baidu Security Lab\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: January 23, 2017\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-20T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 6.0", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4762"], "modified": "2016-09-20T00:00:00", "id": "APPLE:BA84CE34B313752A4A2E2BEDDE354B55", "href": "https://support.apple.com/kb/HT207147", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-12-08T14:54:10", "description": "According to its banner, the version of Apple TV on the remote device is prior to 10. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Audio\n - CFNetwork\n - CoreCrypto\n - FontParser\n - IOAcceleratorFamily\n - Kernel\n - libxml2\n - libxslt\n - Security\n - WebKit\n\nNote that only 4th generation models are affected by these vulnerabilities.", "cvss3": {}, "published": "2016-09-28T00:00:00", "type": "nessus", "title": "Apple TV < 10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4611", "CVE-2016-4658", "CVE-2016-4702", "CVE-2016-4708", "CVE-2016-4712", "CVE-2016-4718", "CVE-2016-4725", "CVE-2016-4726", "CVE-2016-4728", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4737", "CVE-2016-4738", "CVE-2016-4753", "CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4772", "CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4775", "CVE-2016-4776", "CVE-2016-4777", "CVE-2016-4778", "CVE-2016-5131"], "modified": "2019-11-14T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_10.NASL", "href": "https://www.tenable.com/plugins/nessus/93776", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93776);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2016-4611\",\n \"CVE-2016-4658\",\n \"CVE-2016-4702\",\n \"CVE-2016-4708\",\n \"CVE-2016-4712\",\n \"CVE-2016-4718\",\n \"CVE-2016-4725\",\n \"CVE-2016-4726\",\n \"CVE-2016-4728\",\n \"CVE-2016-4730\",\n \"CVE-2016-4733\",\n \"CVE-2016-4734\",\n \"CVE-2016-4735\",\n \"CVE-2016-4737\",\n \"CVE-2016-4738\",\n \"CVE-2016-4753\",\n \"CVE-2016-4759\",\n \"CVE-2016-4765\",\n \"CVE-2016-4766\",\n \"CVE-2016-4767\",\n \"CVE-2016-4768\",\n \"CVE-2016-4772\",\n \"CVE-2016-4773\",\n \"CVE-2016-4774\",\n \"CVE-2016-4775\",\n \"CVE-2016-4776\",\n \"CVE-2016-4777\",\n \"CVE-2016-4778\",\n \"CVE-2016-5131\"\n );\n script_bugtraq_id(\n 92053,\n 93054,\n 93057,\n 93059,\n 93063,\n 93064,\n 93065,\n 93067\n );\n\n script_name(english:\"Apple TV < 10 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apple TV device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apple TV on the remote device\nis prior to 10. It is, therefore, affected by multiple vulnerabilities\nin the following components :\n\n - Audio\n - CFNetwork\n - CoreCrypto\n - FontParser\n - IOAcceleratorFamily\n - Kernel\n - libxml2\n - libxslt\n - Security\n - WebKit\n\nNote that only 4th generation models are affected by these\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207142\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple TV version 10 or later. Note that this update is only\navailable for 4th generation models.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4702\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"appletv_version.nasl\");\n script_require_keys(\"AppleTV/Version\", \"AppleTV/Model\", \"AppleTV/URL\", \"AppleTV/Port\");\n script_require_ports(\"Services/www\", 7000);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"appletv_func.inc\");\n\nurl = get_kb_item('AppleTV/URL');\nif (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');\nport = get_kb_item('AppleTV/Port');\nif (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');\n\nbuild = get_kb_item('AppleTV/Version');\nif (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');\n\nmodel = get_kb_item('AppleTV/Model');\nif (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');\n\nfixed_build = \"14T330\";\ntvos_ver = '10';\n\n# determine gen from the model\ngen = APPLETV_MODEL_GEN[model];\n\nappletv_check_version(\n build : build,\n fix : fixed_build,\n affected_gen : 4,\n fix_tvos_ver : tvos_ver,\n model : model,\n gen : gen,\n port : port,\n url : url,\n severity : SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:53:45", "description": "The version of Apple Safari installed on the remote Mac OS X or macOS host is prior to 10.0. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple memory corruption issues exist in WebKit that allow an unauthenticated, remote attacker to cause a denial of service condition or execute arbitrary code via specially a crafted website. (CVE-2016-4611, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4759, CVE-2016-4762, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4769)\n\n - A cross-site scripting (XSS) vulnerability exists in the Reader feature due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to follow a specially crafted link, to execute arbitrary script code in a user's browser session. (CVE-2016-4618)\n\n - A flaw exists in WebKit due to improper handling of error prototypes. An unauthenticated, remote attacker can exploit this, via a specially crafted website, to execute arbitrary code. (CVE-2016-4728)\n\n - Multiple flaws exist in WebKit due to improper state management. An unauthenticated, remote attacker can exploit this, via a specially crafted website, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-4733, CVE-2016-4765)\n\n - An address bar spoofing vulnerability exists due to a state management flaw related to sessions in tabs. An unauthenticated, remote attacker can exploit this, via a specially crafted website, to spoof an address in the address bar. (CVE-2016-4751)\n\n - A flaw exists in WebKit due to improper handling of the location variable. An unauthenticated, remote attacker can exploit this, via a crafted website, to disclose sensitive information. (CVE-2016-4758)\n\n - A flaw exists in WebKit that allows an unauthenticated, remote attacker to conduct DNS rebinding attacks against non-HTTP Safari sessions by leveraging HTTP/0.9 support.\n (CVE-2016-4760)\n\n - A flaw exists in WebKit in the WKWebView component due to improper validation of X.509 certificates from HTTPS servers. A man-in-the-middle attacker can exploit this, via a crafted certificate, to disclose sensitive information. (CVE-2016-4763)", "cvss3": {}, "published": "2016-09-26T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 10.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4611", "CVE-2016-4618", "CVE-2016-4728", "CVE-2016-4729", "CVE-2016-4730", "CVE-2016-4731", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4737", "CVE-2016-4751", "CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4762", "CVE-2016-4763", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI10_0.NASL", "href": "https://www.tenable.com/plugins/nessus/93721", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93721);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2016-4611\",\n \"CVE-2016-4618\",\n \"CVE-2016-4728\",\n \"CVE-2016-4729\",\n \"CVE-2016-4730\",\n \"CVE-2016-4731\",\n \"CVE-2016-4733\",\n \"CVE-2016-4734\",\n \"CVE-2016-4735\",\n \"CVE-2016-4737\",\n \"CVE-2016-4751\",\n \"CVE-2016-4758\",\n \"CVE-2016-4759\",\n \"CVE-2016-4760\",\n \"CVE-2016-4762\",\n \"CVE-2016-4763\",\n \"CVE-2016-4765\",\n \"CVE-2016-4766\",\n \"CVE-2016-4767\",\n \"CVE-2016-4768\",\n \"CVE-2016-4769\"\n );\n script_bugtraq_id(\n 93053,\n 93057,\n 93058,\n 93062,\n 93064,\n 93065,\n 93066,\n 93067\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-09-20-2\");\n\n script_name(english:\"Mac OS X : Apple Safari < 10.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X or macOS\nhost is prior to 10.0. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple memory corruption issues exist in WebKit that\n allow an unauthenticated, remote attacker to cause a\n denial of service condition or execute arbitrary code\n via specially a crafted website. (CVE-2016-4611,\n CVE-2016-4729, CVE-2016-4730, CVE-2016-4731,\n CVE-2016-4734, CVE-2016-4735, CVE-2016-4737,\n CVE-2016-4759, CVE-2016-4762, CVE-2016-4766,\n CVE-2016-4767, CVE-2016-4768, CVE-2016-4769)\n\n - A cross-site scripting (XSS) vulnerability exists in the\n Reader feature due to improper validation of\n user-supplied input before returning it to users. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to follow a specially crafted link, to\n execute arbitrary script code in a user's browser\n session. (CVE-2016-4618)\n\n - A flaw exists in WebKit due to improper handling of\n error prototypes. An unauthenticated, remote attacker\n can exploit this, via a specially crafted website, to\n execute arbitrary code. (CVE-2016-4728)\n\n - Multiple flaws exist in WebKit due to improper state\n management. An unauthenticated, remote attacker\n can exploit this, via a specially crafted website, to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-4733, CVE-2016-4765)\n\n - An address bar spoofing vulnerability exists due to a\n state management flaw related to sessions in tabs. An\n unauthenticated, remote attacker can exploit this, via a\n specially crafted website, to spoof an address in the\n address bar. (CVE-2016-4751)\n\n - A flaw exists in WebKit due to improper handling of the\n location variable. An unauthenticated, remote attacker\n can exploit this, via a crafted website, to disclose\n sensitive information. (CVE-2016-4758)\n\n - A flaw exists in WebKit that allows an unauthenticated,\n remote attacker to conduct DNS rebinding attacks against\n non-HTTP Safari sessions by leveraging HTTP/0.9 support.\n (CVE-2016-4760)\n\n - A flaw exists in WebKit in the WKWebView component due\n to improper validation of X.509 certificates from HTTPS\n servers. A man-in-the-middle attacker can exploit this,\n via a crafted certificate, to disclose sensitive\n information. (CVE-2016-4763)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207157\");\n # http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1c557615\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari version 10.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X / macOS\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.1([0-2])([^0-9]|$)\", string:os))\n audit(AUDIT_OS_NOT, \"Mac OS X 10.10 / 10.11 or macOS 10.12\");\n\ninstalled = get_kb_item_or_exit(\"MacOSX/Safari/Installed\", exit_code:0);\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"10.0\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n report = report_items_str(\n report_items:make_array(\n \"Path\", path,\n \"Installed version\", version,\n \"Fixed version\", fixed_version\n ),\n ordered_fields:make_list(\"Path\", \"Installed version\", \"Fixed version\")\n );\n security_report_v4(port:0, severity:SECURITY_HOLE, xss:TRUE, extra:report);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:11", "description": "Versions of Safari prior to 10 are affected by multiple vulnerabilities in the following components :\n\n - Reader (CVE-2016-4618) \n - Tabs (CVE-2016-4751) \n - Webkit (CVE-2016-4611, CVE-2016-4728, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4733, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4758, CVE-2016-4759, CVE-2016-4760, CVE-2016-4762, CVE-2016-4763, CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4769)", "cvss3": {}, "published": "2016-10-21T00:00:00", "type": "nessus", "title": "Safari < 10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4611", "CVE-2016-4618", "CVE-2016-4728", "CVE-2016-4729", "CVE-2016-4730", "CVE-2016-4731", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4737", "CVE-2016-4751", "CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4762", "CVE-2016-4763", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "9708.PRM", "href": "https://www.tenable.com/plugins/nnm/9708", "sourceData": "Binary data 9708.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:12", "description": "Versions of Apple TV earlier than 10.0 are vulnerable to the following issues :\n\n - A flaw exists in libxml2 that is triggered as certain input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-4658)\n - A flaw exists in FontParser that is triggered during the handling of a specially crafted font file. This may allow a context-dependent attacker to disclose information in process memory. (CVE-2016-4718)\n - An unspecified flaw exists in IOAcceleratorFamily that may allow a context-dependent attacker to disclose arbitrary contents of the memory. No further details have been provided. (CVE-2016-4725)\n - A flaw exists in IOAcceleratorFamily that is triggered as certain input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-4726)\n - A flaw exists in libxslt that is triggered as certain input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-4738)\n - A flaw exists that is triggered during the handling of a signed disk image. This may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor. (CVE-2016-4753)\n - A flaw exists in the kernel that is triggered as the system fails to properly handle locking. This may allow a remote attacker to cause a denial of service. (CVE-2016-4772)\n - An out-of-bounds read flaw exists in the Kernel that that may allow a local attacker to disclose the contents of memory. No further details have been provided. (CVE-2016-4773)\n - An out-of-bounds read flaw exists in the Kernel that that may allow a local attacker to disclose the contents of memory. No further details have been provided. (CVE-2016-4774)\n - A flaw exists in the Kernel that is triggered as certain input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-4775)\n - An out-of-bounds read flaw exists in the Kernel that that may allow a local attacker to disclose the contents of memory. No further details have been provided. (CVE-2016-4776)\n - An untrusted pointer dereference flaw exists in the Kernel that may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor. (CVE-2016-4777)\n - A flaw exists in the Kernel that is triggered as certain input is not properly validated. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (CVE-2016-4778)", "cvss3": {}, "published": "2016-10-03T00:00:00", "type": "nessus", "title": "Apple TV < 10.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658", "CVE-2016-4718", "CVE-2016-4725", "CVE-2016-4726", "CVE-2016-4738", "CVE-2016-4753", "CVE-2016-4772", "CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4775", "CVE-2016-4776", "CVE-2016-4777", "CVE-2016-4778"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "9621.PRM", "href": "https://www.tenable.com/plugins/nnm/9621", "sourceData": "Binary data 9621.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-27T15:24:01", "description": "The version of iOS running on the mobile device is prior to 10. It is, therefore, affected by multiple vulnerabilities :\n\n - An access control issue exists in the Sandbox Profiles component in SMS draft directories that allows a local attacker to determine who a user is texting by using the 'stat' command on a directory. (CVE-2016-4620)\n\n - An unspecified permissions issue exists in PlaceData in the GeoServices component that allows a local attacker, via a crafted application, to disclose sensitive information. (CVE-2016-4719)\n\n - A flaw exists in the Messages component in the Handoff for Messages functionality due to incorrectly exposing messages even while signed out. A physically present attacker can exploit this to disclose sensitive information. (CVE-2016-4740)\n\n - A flaw exists in the Assets component due to updates being sent over unencrypted channels. A man-in-the-middle attacker can exploit this to block a device from receiving software updates. (CVE-2016-4741)\n\n - A flaw exists in the Keyboards component due to the Keyboard Autocorrect Suggestion feature inadvertently caching sensitive information. A physically present attacker can exploit this to disclose sensitive information. (CVE-2016-4746)\n\n - A flaw exists in the Mail component due to improper handling of untrusted certificates. A man-in-the-middle attacker can exploit this to disclose credential information. (CVE-2016-4747)\n\n - A flaw exists in the Printing UIKit component when writing an unencrypted document to a temporary file when using AirPrint preview. A local attacker can exploit this to disclose sensitive information. (CVE-2016-4749)\n\n - A flaw exists in the Springboard component due to cached application snapshots being displayed in the task switcher. A local attacker can exploit this to disclose sensitive information. (CVE-2016-7759)\n\n - A flaw exists related to the BlueTooth subsystem that could allow remote code execution as well as man-in-the-middle attacks. This issue is also known as 'BlueBorne'.", "cvss3": {}, "published": "2016-09-15T00:00:00", "type": "nessus", "title": "Apple iOS < 10 Multiple Vulnerabilities (BlueBorne)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4620", "CVE-2016-4719", "CVE-2016-4740", "CVE-2016-4741", "CVE-2016-4746", "CVE-2016-4747", "CVE-2016-4749", "CVE-2016-7759"], "modified": "2023-09-25T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_100_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/93515", "sourceData": "Binary data apple_ios_100_check.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:56:22", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.5.1. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists due to improper handling of error prototypes. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a maliciously crafted website, to execute arbitrary code. (CVE-2016-4728)\n\n - An information disclosure vulnerability exists in WebKit due to a permission issue caused by improper handling of the location variable. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a maliciously crafted website, to disclose sensitive information. (CVE-2016-4758)\n\n - Multiple memory corruption errors exist in WebKit due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues, by convincing a user to visit a maliciously crafted website, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-4759, CVE-2016-4762, CVE-2016-4764, CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4769)\n\n - A rebinding flaw exists in WebKit due to a failure to restrict HTTP/0.9 responses to default ports and cancel resource loads if a document is loaded with a different HTTP protocol version. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a maliciously crafted website, to access non-HTTP services. (CVE-2016-4760)\n\n - A security bypass vulnerability exists in WebKit in the WKWebView component due to a failure to properly verify X.509 certificates from HTTPS servers. A man-in-the-middle attacker can exploit this, via a specially crafted certificate, to spoof servers and disclose or manipulate network traffic. (CVE-2016-4763)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2016-11-16T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.5.1 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4728", "CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4762", "CVE-2016-4763", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769"], "modified": "2019-11-14T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_5_1.NASL", "href": "https://www.tenable.com/plugins/nessus/94914", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94914);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2016-4728\",\n \"CVE-2016-4758\",\n \"CVE-2016-4759\",\n \"CVE-2016-4760\",\n \"CVE-2016-4762\",\n \"CVE-2016-4763\",\n \"CVE-2016-4764\",\n \"CVE-2016-4765\",\n \"CVE-2016-4766\",\n \"CVE-2016-4767\",\n \"CVE-2016-4768\",\n \"CVE-2016-4769\"\n );\n script_bugtraq_id(\n 93062,\n 93064,\n 93066,\n 93067\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-09-20-7\");\n\n script_name(english:\"Apple iTunes < 12.5.1 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.5.1. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A remote code execution vulnerability exists due to\n improper handling of error prototypes. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to visit a maliciously crafted\n website, to execute arbitrary code. (CVE-2016-4728)\n\n - An information disclosure vulnerability exists in WebKit\n due to a permission issue caused by improper handling of\n the location variable. An unauthenticated, remote\n attacker can exploit this, by convincing a user to visit\n a maliciously crafted website, to disclose sensitive\n information. (CVE-2016-4758)\n\n - Multiple memory corruption errors exist in WebKit due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these\n issues, by convincing a user to visit a maliciously\n crafted website, to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-4759,\n CVE-2016-4762, CVE-2016-4764, CVE-2016-4765,\n CVE-2016-4766, CVE-2016-4767, CVE-2016-4768,\n CVE-2016-4769)\n\n - A rebinding flaw exists in WebKit due to a failure to\n restrict HTTP/0.9 responses to default ports and\n cancel resource loads if a document is loaded with a \n different HTTP protocol version. An unauthenticated,\n remote attacker can exploit this, by convincing a user\n to visit a maliciously crafted website, to access\n non-HTTP services. (CVE-2016-4760)\n\n - A security bypass vulnerability exists in WebKit in the\n WKWebView component due to a failure to properly verify\n X.509 certificates from HTTPS servers. A\n man-in-the-middle attacker can exploit this, via a\n specially crafted certificate, to spoof servers and\n disclose or manipulate network traffic. (CVE-2016-4763)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207158\");\n # https://lists.apple.com/archives/security-announce/2016/Sep/msg00012.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?77ef6d0c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.5.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4769\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_id = 'iTunes Version';\ninstall = get_single_install(app_name:app_id, exit_if_unknown_ver:TRUE);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nfixed_version = \"12.5.1\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (isnull(port)) port = 445;\n\n order = make_list('Version source', 'Installed version', 'Fixed version');\n report = make_array(\n order[0], path,\n order[1], version,\n order[2], fixed_version\n );\n report = report_items_str(report_items:report, ordered_fields:order);\n\n security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:55:49", "description": "The version of Apple iTunes running on the remote Windows host is prior to 12.5.1. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists due to improper handling of error prototypes. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a maliciously crafted website, to execute arbitrary code. (CVE-2016-4728)\n\n - An information disclosure vulnerability exists in WebKit due to a permission issue caused by improper handling of the location variable. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a maliciously crafted website, to disclose sensitive information. (CVE-2016-4758)\n\n - Multiple memory corruption errors exist in WebKit due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues, by convincing a user to visit a maliciously crafted website, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-4759, CVE-2016-4762, CVE-2016-4764, CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4769)\n\n - A rebinding flaw exists in WebKit due to a failure to restrict HTTP/0.9 responses to default ports and cancel resource loads if a document is loaded with a different HTTP protocol version. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a maliciously crafted website, to access non-HTTP services. (CVE-2016-4760)\n\n - A security bypass vulnerability exists in WebKit in the WKWebView component due to a failure to properly verify X.509 certificates from HTTPS servers. A man-in-the-middle attacker can exploit this, via a specially crafted certificate, to spoof servers and disclose or manipulate network traffic. (CVE-2016-4763)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2016-11-18T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.5.1 Multiple Vulnerabilities (uncredentialed Check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4728", "CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4762", "CVE-2016-4763", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769"], "modified": "2019-11-14T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_5_1_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/94971", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94971);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2016-4728\",\n \"CVE-2016-4758\",\n \"CVE-2016-4759\",\n \"CVE-2016-4760\",\n \"CVE-2016-4762\",\n \"CVE-2016-4763\",\n \"CVE-2016-4764\",\n \"CVE-2016-4765\",\n \"CVE-2016-4766\",\n \"CVE-2016-4767\",\n \"CVE-2016-4768\",\n \"CVE-2016-4769\"\n );\n script_bugtraq_id(\n 93062,\n 93064,\n 93066,\n 93067\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-09-20-7\");\n\n script_name(english:\"Apple iTunes < 12.5.1 Multiple Vulnerabilities (uncredentialed Check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote Windows host is\nprior to 12.5.1. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A remote code execution vulnerability exists due to\n improper handling of error prototypes. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to visit a maliciously crafted\n website, to execute arbitrary code. (CVE-2016-4728)\n\n - An information disclosure vulnerability exists in WebKit\n due to a permission issue caused by improper handling of\n the location variable. An unauthenticated, remote\n attacker can exploit this, by convincing a user to visit\n a maliciously crafted website, to disclose sensitive\n information. (CVE-2016-4758)\n\n - Multiple memory corruption errors exist in WebKit due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these\n issues, by convincing a user to visit a maliciously\n crafted website, to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-4759,\n CVE-2016-4762, CVE-2016-4764, CVE-2016-4765,\n CVE-2016-4766, CVE-2016-4767, CVE-2016-4768,\n CVE-2016-4769)\n\n - A rebinding flaw exists in WebKit due to a failure to\n restrict HTTP/0.9 responses to default ports and\n cancel resource loads if a document is loaded with a\n different HTTP protocol version. An unauthenticated,\n remote attacker can exploit this, by convincing a user\n to visit a maliciously crafted website, to access\n non-HTTP services. (CVE-2016-4760)\n\n - A security bypass vulnerability exists in WebKit in the\n WKWebView component due to a failure to properly verify\n X.509 certificates from HTTPS servers. A\n man-in-the-middle attacker can exploit this, via a\n specially crafted certificate, to spoof servers and\n disclose or manipulate network traffic. (CVE-2016-4763)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207158\");\n # https://lists.apple.com/archives/security-announce/2016/Sep/msg00012.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?77ef6d0c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.5.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4769\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"12.5.1\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0)\n{\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:48:44", "description": "A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-01-11T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3166-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4613", "CVE-2016-4657", "CVE-2016-4666", "CVE-2016-4707", "CVE-2016-4728", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4761", "CVE-2016-4762", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769", "CVE-2016-7578"], "modified": "2023-10-20T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-bin", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-dev", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37-gtk2", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-dev", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.0", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.0"], "id": "UBUNTU_USN-3166-1.NASL", "href": "https://www.tenable.com/plugins/nessus/96406", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3166-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96406);\n script_version(\"3.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/20\");\n\n script_cve_id(\n \"CVE-2016-4613\",\n \"CVE-2016-4657\",\n \"CVE-2016-4666\",\n \"CVE-2016-4707\",\n \"CVE-2016-4728\",\n \"CVE-2016-4733\",\n \"CVE-2016-4734\",\n \"CVE-2016-4735\",\n \"CVE-2016-4759\",\n \"CVE-2016-4760\",\n \"CVE-2016-4761\",\n \"CVE-2016-4762\",\n \"CVE-2016-4764\",\n \"CVE-2016-4765\",\n \"CVE-2016-4767\",\n \"CVE-2016-4768\",\n \"CVE-2016-4769\",\n \"CVE-2016-7578\"\n );\n script_xref(name:\"USN\", value:\"3166-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/14\");\n\n script_name(english:\"Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3166-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"A large number of security issues were discovered in the WebKitGTK+\nWeb and JavaScript engines. If a user were tricked into viewing a\nmalicious website, a remote attacker could exploit a variety of issues\nrelated to web browser security, including cross-site scripting\nattacks, denial of service attacks, and arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-3166-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4735\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-4734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'WebKit not_number defineProperties UAF');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.0', 'pkgver': '2.14.2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'gir1.2-webkit2-4.0', 'pkgver': '2.14.2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'libjavascriptcoregtk-4.0-18', 'pkgver': '2.14.2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'libjavascriptcoregtk-4.0-bin', 'pkgver': '2.14.2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'libjavascriptcoregtk-4.0-dev', 'pkgver': '2.14.2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'libwebkit2gtk-4.0-37', 'pkgver': '2.14.2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'libwebkit2gtk-4.0-37-gtk2', 'pkgver': '2.14.2-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'libwebkit2gtk-4.0-dev', 'pkgver': '2.14.2-0ubuntu0.16.04.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gir1.2-javascriptcoregtk-4.0 / gir1.2-webkit2-4.0 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:56:03", "description": "CVE-2016-4658 Namespace nodes must be copied to avoid use-after-free errors. But they don't necessarily have a physical representation in a document, so simply disallow them in XPointer ranges.\n\nCVE-2016-5131 The old code would invoke the broken xmlXPtrRangeToFunction. range-to isn't really a function but a special kind of location step. Remove this function and always handle range-to in the XPath code. The old xmlXPtrRangeToFunction could also be abused to trigger a use-after-free error with the potential for remote code execution.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 2.8.0+dfsg1-7+wheezy7.\n\nWe recommend that you upgrade your libxml2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-01T00:00:00", "type": "nessus", "title": "Debian DLA-691-1 : libxml2 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:libxml2-utils-dbg", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-691.NASL", "href": "https://www.tenable.com/plugins/nessus/94448", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-691-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94448);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4658\", \"CVE-2016-5131\");\n\n script_name(english:\"Debian DLA-691-1 : libxml2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2016-4658 Namespace nodes must be copied to avoid use-after-free\nerrors. But they don't necessarily have a physical representation in a\ndocument, so simply disallow them in XPointer ranges.\n\nCVE-2016-5131 The old code would invoke the broken\nxmlXPtrRangeToFunction. range-to isn't really a function but a special\nkind of location step. Remove this function and always handle range-to\nin the XPath code. The old xmlXPtrRangeToFunction could also be abused\nto trigger a use-after-free error with the potential for remote code\nexecution.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n2.8.0+dfsg1-7+wheezy7.\n\nWe recommend that you upgrade your libxml2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/10/msg00048.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libxml2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libxml2\", reference:\"2.8.0+dfsg1-7+wheezy7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-dbg\", reference:\"2.8.0+dfsg1-7+wheezy7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-dev\", reference:\"2.8.0+dfsg1-7+wheezy7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-doc\", reference:\"2.8.0+dfsg1-7+wheezy7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-utils\", reference:\"2.8.0+dfsg1-7+wheezy7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-utils-dbg\", reference:\"2.8.0+dfsg1-7+wheezy7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxml2\", reference:\"2.8.0+dfsg1-7+wheezy7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxml2-dbg\", reference:\"2.8.0+dfsg1-7+wheezy7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:57:35", "description": "Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the application, or potentially, the execution of arbitrary code with the privileges of the user running the application.", "cvss3": {}, "published": "2016-12-27T00:00:00", "type": "nessus", "title": "Debian DSA-3744-1 : libxml2 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3744.NASL", "href": "https://www.tenable.com/plugins/nessus/96101", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3744. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96101);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4658\", \"CVE-2016-5131\");\n script_xref(name:\"DSA\", value:\"3744\");\n\n script_name(english:\"Debian DSA-3744-1 : libxml2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in libxml2, a library\nproviding support to read, modify and write XML and HTML files. A\nremote attacker could provide a specially crafted XML or HTML file\nthat, when processed by an application using libxml2, would cause a\ndenial-of-service against the application, or potentially, the\nexecution of arbitrary code with the privileges of the user running\nthe application.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libxml2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3744\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libxml2 packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 2.9.1+dfsg1-5+deb8u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libxml2\", reference:\"2.9.1+dfsg1-5+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-dbg\", reference:\"2.9.1+dfsg1-5+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-dev\", reference:\"2.9.1+dfsg1-5+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-doc\", reference:\"2.9.1+dfsg1-5+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-utils\", reference:\"2.9.1+dfsg1-5+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-utils-dbg\", reference:\"2.9.1+dfsg1-5+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxml2\", reference:\"2.9.1+dfsg1-5+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxml2-dbg\", reference:\"2.9.1+dfsg1-5+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:21", "description": "The remote host is running a version of Mac OS X version 10.x prior to 10.12, and is affected by multiple vulnerabilities in the following components :\n\n - apache (CVE-2016-4694)\n - apache_mod_php (CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6174, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297)\n - Apple HSSPI Support (CVE-2016-4697)\n - AppleEFIRuntime (CVE-2016-4696)\n - AppleMobileFileIntegrity (CVE-2016-4698)\n - AppleUUC (CVE-2016-4699, CVE-2016-4700)\n - Application Firewall (CVE-2016-4701)\n - ATS (CVE-2016-4779)\n - Audio (CVE-2016-4702)\n - Bluetooth (CVE-2016-4703)\n - cd9660 (CVE-2016-4706)\n - CFNetwork (CVE-2016-4707, CVE-2016-4708)\n - CommonCrypto (CVE-2016-4711)\n - CoreCrypto (CVE-2016-4712)\n - CoreDisplay (CVE-2016-4713)\n - curl (CVE-2016-0755, CVE-2016-4606)\n - Date & Time Pref Pane (CVE-2016-4715)\n - DiskArbitration (CVE-2016-4716)\n - File Bookmark (CVE-2016-4717)\n - FontParser (CVE-2016-4718)\n - IDS - Connectivity (CVE-2016-4722)\n - Intel Graphics Driver (CVE-2016-4723, CVE-2016-7582)\n - IOAcceleratorFamily (CVE-2016-4724, CVE-2016-4725, CVE-2016-4726)\n - IOThunderboltFamily (CVE-2016-4727)\n - Kerberos v5 PAM module (CVE-2016-4745)\n - Kernel (CVE-2016-4771, CVE-2016-4772, CVE-2016-4773, CVE-2016-4774, CVE-2016-4775, CVE-2016-4776, CVE-2016-4777, CVE-2016-4778)\n - lib archive (CVE-2016-4736)\n - libxml2 (CVE-2016-4658, CVE-2016-5131)\n - libxpc (CVE-2016-4617)\n - libxslt (CVE-2016-4738)\n - mDNSResponder (CVE-2016-4739)\n - NSSecureTextField (CVE-2016-4742)\n - Perl (CVE-2016-4748, CVE-2016-4750)\n - Security (CVE-2016-4752, CVE-2016-4753)\n - Terminal (CVE-2016-4755)\n - WindowServer (CVE-2016-4709, CVE-2016-4710)", "cvss3": {}, "published": "2016-10-21T00:00:00", "type": "nessus", "title": "Mac OS X 10.x < 10.12 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0755", "CVE-2016-4606", "CVE-2016-4617", "CVE-2016-4658", "CVE-2016-4694", "CVE-2016-4696", "CVE-2016-4697", "CVE-2016-4698", "CVE-2016-4699", "CVE-2016-4700", "CVE-2016-4701", "CVE-2016-4702", "CVE-2016-4703", "CVE-2016-4706", "CVE-2016-4707", "CVE-2016-4708", "CVE-2016-4709", "CVE-2016-4710", "CVE-2016-4711", "CVE-2016-4712", "CVE-2016-4713", "CVE-2016-4715", "CVE-2016-4716", "CVE-2016-4717", "CVE-2016-4718", "CVE-2016-4722", "CVE-2016-4723", "CVE-2016-4724", "CVE-2016-4725", "CVE-2016-4726", "CVE-2016-4727", "CVE-2016-4736", "CVE-2016-4738", "CVE-2016-4739", "CVE-2016-4742", "CVE-2016-4745", "CVE-2016-4748", "CVE-2016-4750", "CVE-2016-4752", "CVE-2016-4753", "CVE-2016-4755", "CVE-2016-4771", "CVE-2016-4772", "CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4775", "CVE-2016-4776", "CVE-2016-4777", "CVE-2016-4778", "CVE-2016-4779", "CVE-2016-5131", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5770", "CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5773", "CVE-2016-6174", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6292", "CVE-2016-6294", "CVE-2016-6295", "CVE-2016-6296", "CVE-2016-6297", "CVE-2016-7582"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "9620.PRM", "href": "https://www.tenable.com/plugins/nnm/9620", "sourceData": "Binary data 9620.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:54:16", "description": "The remote host is running a version of Mac OS X that is prior to 10.10.5, 10.11.x prior to 10.11.6, or is not macOS 10.12. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - apache\n - apache_mod_php\n - Apple HSSPI Support\n - AppleEFIRuntime\n - AppleMobileFileIntegrity\n - AppleUCC\n - Application Firewall\n - ATS\n - Audio\n - Bluetooth\n - cd9660\n - CFNetwork\n - CommonCrypto\n - CoreCrypto\n - CoreDisplay\n - curl\n - Date & Time Pref Pane\n - DiskArbitration\n - File Bookmark\n - FontParser\n - IDS - Connectivity\n - ImageIO\n - Intel Graphics Driver\n - IOAcceleratorFamily\n - IOThunderboltFamily\n - Kerberos v5 PAM module\n - Kernel\n - libarchive\n - libxml2\n - libxpc\n - libxslt\n - mDNSResponder\n - NSSecureTextField\n - Perl\n - S2 Camera\n - Security\n - Terminal\n - WindowServer\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {}, "published": "2016-09-23T00:00:00", "type": "nessus", "title": "macOS < 10.12 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0755", "CVE-2016-4617", "CVE-2016-4658", "CVE-2016-4682", "CVE-2016-4694", "CVE-2016-4696", "CVE-2016-4697", "CVE-2016-4698", "CVE-2016-4699", "CVE-2016-4700", "CVE-2016-4701", "CVE-2016-4702", "CVE-2016-4703", "CVE-2016-4706", "CVE-2016-4707", "CVE-2016-4708", "CVE-2016-4709", "CVE-2016-4710", "CVE-2016-4711", "CVE-2016-4712", "CVE-2016-4713", "CVE-2016-4715", "CVE-2016-4716", "CVE-2016-4717", "CVE-2016-4718", "CVE-2016-4722", "CVE-2016-4723", "CVE-2016-4724", "CVE-2016-4725", "CVE-2016-4726", "CVE-2016-4727", "CVE-2016-4736", "CVE-2016-4738", "CVE-2016-4739", "CVE-2016-4742", "CVE-2016-4745", "CVE-2016-4748", "CVE-2016-4750", "CVE-2016-4752", "CVE-2016-4753", "CVE-2016-4755", "CVE-2016-4771", "CVE-2016-4772", "CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4775", "CVE-2016-4776", "CVE-2016-4777", "CVE-2016-4778", "CVE-2016-4779", "CVE-2016-5131", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5770", "CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5773", "CVE-2016-6174", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6292", "CVE-2016-6294", "CVE-2016-6295", "CVE-2016-6296", "CVE-2016-6297", "CVE-2016-7580", "CVE-2016-7582"], "modified": "2019-06-19T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_10_12.NASL", "href": "https://www.tenable.com/plugins/nessus/93685", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93685);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/06/19 15:17:43\");\n\n script_cve_id(\n \"CVE-2016-0755\",\n \"CVE-2016-4617\",\n \"CVE-2016-4658\",\n \"CVE-2016-4682\",\n \"CVE-2016-4694\",\n \"CVE-2016-4696\",\n \"CVE-2016-4697\",\n \"CVE-2016-4698\",\n \"CVE-2016-4699\",\n \"CVE-2016-4700\",\n \"CVE-2016-4701\",\n \"CVE-2016-4702\",\n \"CVE-2016-4703\",\n \"CVE-2016-4706\",\n \"CVE-2016-4707\",\n \"CVE-2016-4708\",\n \"CVE-2016-4709\",\n \"CVE-2016-4710\",\n \"CVE-2016-4711\",\n \"CVE-2016-4712\",\n \"CVE-2016-4713\",\n \"CVE-2016-4715\",\n \"CVE-2016-4716\",\n \"CVE-2016-4717\",\n \"CVE-2016-4718\",\n \"CVE-2016-4722\",\n \"CVE-2016-4723\",\n \"CVE-2016-4724\",\n \"CVE-2016-4725\",\n \"CVE-2016-4726\",\n \"CVE-2016-4727\",\n \"CVE-2016-4736\",\n \"CVE-2016-4738\",\n \"CVE-2016-4739\",\n \"CVE-2016-4742\",\n \"CVE-2016-4745\",\n \"CVE-2016-4748\",\n \"CVE-2016-4750\",\n \"CVE-2016-4752\",\n \"CVE-2016-4753\",\n \"CVE-2016-4755\",\n \"CVE-2016-4771\",\n \"CVE-2016-4772\",\n \"CVE-2016-4773\",\n \"CVE-2016-4774\",\n \"CVE-2016-4775\",\n \"CVE-2016-4776\",\n \"CVE-2016-4777\",\n \"CVE-2016-4778\",\n \"CVE-2016-4779\",\n \"CVE-2016-5131\",\n \"CVE-2016-5768\",\n \"CVE-2016-5769\",\n \"CVE-2016-5770\",\n \"CVE-2016-5771\",\n \"CVE-2016-5772\",\n \"CVE-2016-5773\",\n \"CVE-2016-6174\",\n \"CVE-2016-6288\",\n \"CVE-2016-6289\",\n \"CVE-2016-6290\",\n \"CVE-2016-6291\",\n \"CVE-2016-6292\",\n \"CVE-2016-6294\",\n \"CVE-2016-6295\",\n \"CVE-2016-6296\",\n \"CVE-2016-6297\",\n \"CVE-2016-7580\",\n \"CVE-2016-7582\"\n );\n script_bugtraq_id(\n 82307,\n 91396,\n 91397,\n 91398,\n 91399,\n 91401,\n 91403,\n 91732,\n 92053,\n 92073,\n 92074,\n 92078,\n 92094,\n 92095,\n 92097,\n 92099,\n 92111,\n 92115,\n 93054,\n 93055,\n 93056,\n 93059,\n 93060,\n 93063,\n 93852,\n 94434,\n 94435,\n 96329\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-09-20\");\n\n script_name(english:\"macOS < 10.12 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Mac OS X / macOS.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS update that fixes multiple security\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is prior to\n10.10.5, 10.11.x prior to 10.11.6, or is not macOS 10.12. It is,\ntherefore, affected by multiple vulnerabilities in the following\ncomponents :\n\n - apache\n - apache_mod_php\n - Apple HSSPI Support\n - AppleEFIRuntime\n - AppleMobileFileIntegrity\n - AppleUCC\n - Application Firewall\n - ATS\n - Audio\n - Bluetooth\n - cd9660\n - CFNetwork\n - CommonCrypto\n - CoreCrypto\n - CoreDisplay\n - curl\n - Date & Time Pref Pane\n - DiskArbitration\n - File Bookmark\n - FontParser\n - IDS - Connectivity\n - ImageIO\n - Intel Graphics Driver\n - IOAcceleratorFamily\n - IOThunderboltFamily\n - Kerberos v5 PAM module\n - Kernel\n - libarchive\n - libxml2\n - libxpc\n - libxslt\n - mDNSResponder\n - NSSecureTextField\n - Perl\n - S2 Camera\n - Security\n - Terminal\n - WindowServer\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207170\");\n # https://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c49c769b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS version 10.12 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4658\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"IPS Community Suite RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"macOS / Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"macOS / Mac OS X\");\n\nmatches = pregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(matches)) exit(1, \"Failed to parse the macOS / Mac OS X version ('\" + os + \"').\");\n\nversion = matches[1];\nfixed_version = \"10.12\";\n\n# Patches exist for OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6\n# https://support.apple.com/en-us/HT207275\n# Do NOT mark them as vuln\nif (\n # No 10.x patch below 10.10.5\n ver_compare(ver:version, fix:'10.10.5', strict:FALSE) == -1\n ||\n # No 10.11.x patch below 10.11.6\n (\n version =~\"^10\\.11($|[^0-9])\"\n &&\n ver_compare(ver:version, fix:'10.11.6', strict:FALSE) == -1\n )\n)\n{\n security_report_v4(\n port:0,\n severity:SECURITY_HOLE,\n extra:\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n'\n );\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"macOS / Mac OS X\", version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:07", "description": "It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 16.04 LTS. (CVE-2016-4448)\n\nIt was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2016-4658)\n\nNick Wellnhofer discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-5131).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-03-17T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS : libxml2 vulnerabilities (USN-3235-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4448", "CVE-2016-4658", "CVE-2016-5131"], "modified": "2023-10-23T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxml2", "p-cpe:/a:canonical:ubuntu_linux:libxml2-dev", "p-cpe:/a:canonical:ubuntu_linux:libxml2-udeb", "p-cpe:/a:canonical:ubuntu_linux:libxml2-utils", "p-cpe:/a:canonical:ubuntu_linux:python-libxml2", "cpe:/o:canonical:ubuntu_linux:14.04:-:lts", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts"], "id": "UBUNTU_USN-3235-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97793", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3235-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97793);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/23\");\n\n script_cve_id(\"CVE-2016-4448\", \"CVE-2016-4658\", \"CVE-2016-5131\");\n script_xref(name:\"USN\", value:\"3235-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS : libxml2 vulnerabilities (USN-3235-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"It was discovered that libxml2 incorrectly handled format strings. If\na user or automated system were tricked into opening a specially\ncrafted document, an attacker could possibly cause libxml2 to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 16.04 LTS. (CVE-2016-4448)\n\nIt was discovered that libxml2 incorrectly handled certain malformed\ndocuments. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could cause libxml2 to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2016-4658)\n\nNick Wellnhofer discovered that libxml2 incorrectly handled certain\nmalformed documents. If a user or automated system were tricked into\nopening a specially crafted document, an attacker could cause libxml2\nto crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2016-5131).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-3235-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4658\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('14.04' >< os_release || '16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04 / 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '14.04', 'pkgname': 'libxml2', 'pkgver': '2.9.1+dfsg1-3ubuntu4.9'},\n {'osver': '14.04', 'pkgname': 'libxml2-dev', 'pkgver': '2.9.1+dfsg1-3ubuntu4.9'},\n {'osver': '14.04', 'pkgname': 'libxml2-udeb', 'pkgver': '2.9.1+dfsg1-3ubuntu4.9'},\n {'osver': '14.04', 'pkgname': 'libxml2-utils', 'pkgver': '2.9.1+dfsg1-3ubuntu4.9'},\n {'osver': '14.04', 'pkgname': 'python-libxml2', 'pkgver': '2.9.1+dfsg1-3ubuntu4.9'},\n {'osver': '16.04', 'pkgname': 'libxml2', 'pkgver': '2.9.3+dfsg1-1ubuntu0.2'},\n {'osver': '16.04', 'pkgname': 'libxml2-dev', 'pkgver': '2.9.3+dfsg1-1ubuntu0.2'},\n {'osver': '16.04', 'pkgname': 'libxml2-udeb', 'pkgver': '2.9.3+dfsg1-1ubuntu0.2'},\n {'osver': '16.04', 'pkgname': 'libxml2-utils', 'pkgver': '2.9.3+dfsg1-1ubuntu0.2'},\n {'osver': '16.04', 'pkgname': 'python-libxml2', 'pkgver': '2.9.3+dfsg1-1ubuntu0.2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-dev / libxml2-udeb / libxml2-utils / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:34:54", "description": "Update to 2.9.7 which hopefully fixes all security issues\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-02-15T00:00:00", "type": "nessus", "title": "Fedora 26 : libxml2 (2018-a6b59d8f78)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131", "CVE-2017-8872", "CVE-2017-9047"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxml2", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-A6B59D8F78.NASL", "href": "https://www.tenable.com/plugins/nessus/106828", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-a6b59d8f78.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106828);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-4658\", \"CVE-2016-5131\", \"CVE-2017-8872\", \"CVE-2017-9047\");\n script_xref(name:\"FEDORA\", value:\"2018-a6b59d8f78\");\n\n script_name(english:\"Fedora 26 : libxml2 (2018-a6b59d8f78)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.9.7 which hopefully fixes all security issues\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-a6b59d8f78\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"libxml2-2.9.7-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:32:33", "description": "Update to 2.9.7 which hopefully fixes all security issues\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-01-31T00:00:00", "type": "nessus", "title": "Fedora 27 : libxml2 (2018-db610fff5b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131", "CVE-2017-8872", "CVE-2017-9047"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxml2", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-DB610FFF5B.NASL", "href": "https://www.tenable.com/plugins/nessus/106521", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-db610fff5b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106521);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-4658\", \"CVE-2016-5131\", \"CVE-2017-8872\", \"CVE-2017-9047\");\n script_xref(name:\"FEDORA\", value:\"2018-db610fff5b\");\n\n script_name(english:\"Fedora 27 : libxml2 (2018-db610fff5b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.9.7 which hopefully fixes all security issues\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-db610fff5b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"libxml2-2.9.7-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:21", "description": "According to the version of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-02-04T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libxslt (EulerOS-SA-2021-1211)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2021-02-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1211.NASL", "href": "https://www.tenable.com/plugins/nessus/146123", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146123);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/08\");\n\n script_cve_id(\n \"CVE-2016-4738\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libxslt (EulerOS-SA-2021-1211)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS\n before 10, and watchOS before 3 allows remote attackers\n to execute arbitrary code or cause a denial of service\n (memory corruption) via a crafted web\n site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1211\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f428851e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h8.eulerosv2r7\",\n \"libxslt-devel-1.1.28-5.h8.eulerosv2r7\",\n \"libxslt-python-1.1.28-5.h8.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:50", "description": "According to the version of the libxslt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-03-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : libxslt (EulerOS-SA-2021-1496)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2021-03-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2021-1496.NASL", "href": "https://www.tenable.com/plugins/nessus/147117", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147117);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/08\");\n\n script_cve_id(\n \"CVE-2016-4738\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : libxslt (EulerOS-SA-2021-1496)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libxslt packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS\n before 10, and watchOS before 3 allows remote attackers\n to execute arbitrary code or cause a denial of service\n (memory corruption) via a crafted web\n site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1496\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c174bd4a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h8.eulerosv2r7\",\n \"libxslt-devel-1.1.28-5.h8.eulerosv2r7\",\n \"libxslt-python-1.1.28-5.h8.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:14", "description": "According to the version of the libxslt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.6 : libxslt (EulerOS-SA-2021-1442)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2021-03-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:uvp:3.0.2.6"], "id": "EULEROS_SA-2021-1442.NASL", "href": "https://www.tenable.com/plugins/nessus/147590", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147590);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/16\");\n\n script_cve_id(\n \"CVE-2016-4738\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.6 : libxslt (EulerOS-SA-2021-1442)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libxslt packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS\n before 10, and watchOS before 3 allows remote attackers\n to execute arbitrary code or cause a denial of service\n (memory corruption) via a crafted web site.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1442\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e6a60f34\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h8.eulerosv2r7\",\n \"libxslt-python-1.1.28-5.h8.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:31:09", "description": "According to the version of the libxslt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-07-02T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : libxslt (EulerOS-SA-2021-2080)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-2080.NASL", "href": "https://www.tenable.com/plugins/nessus/151326", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151326);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2016-4738\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : libxslt (EulerOS-SA-2021-2080)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libxslt packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS\n before 10, and watchOS before 3 allows remote attackers\n to execute arbitrary code or cause a denial of service\n (memory corruption) via a crafted web\n site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2080\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0ac9ea9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h8\",\n \"libxslt-python-1.1.28-5.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:56:28", "description": "A heap overread bug was found in libxslt, which can cause arbitrary code execution or denial of service.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 1.1.26-14.1+deb7u2.\n\nWe recommend that you upgrade your libxslt packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-07T00:00:00", "type": "nessus", "title": "Debian DLA-700-1 : libxslt security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxslt1-dbg", "p-cpe:/a:debian:debian_linux:libxslt1-dev", "p-cpe:/a:debian:debian_linux:libxslt1.1", "p-cpe:/a:debian:debian_linux:python-libxslt1", "p-cpe:/a:debian:debian_linux:python-libxslt1-dbg", "p-cpe:/a:debian:debian_linux:xsltproc", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-700.NASL", "href": "https://www.tenable.com/plugins/nessus/94583", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-700-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94583);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4738\");\n\n script_name(english:\"Debian DLA-700-1 : libxslt security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap overread bug was found in libxslt, which can cause arbitrary\ncode execution or denial of service.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.1.26-14.1+deb7u2.\n\nWe recommend that you upgrade your libxslt packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/11/msg00008.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libxslt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxslt1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxslt1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxslt1.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxslt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxslt1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xsltproc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libxslt1-dbg\", reference:\"1.1.26-14.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxslt1-dev\", reference:\"1.1.26-14.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxslt1.1\", reference:\"1.1.26-14.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxslt1\", reference:\"1.1.26-14.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxslt1-dbg\", reference:\"1.1.26-14.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xsltproc\", reference:\"1.1.26-14.1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:17", "description": "According to the version of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-02-22T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : libxslt (EulerOS-SA-2021-1324)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2021-02-24T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1324.NASL", "href": "https://www.tenable.com/plugins/nessus/146663", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146663);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/24\");\n\n script_cve_id(\n \"CVE-2016-4738\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : libxslt (EulerOS-SA-2021-1324)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS\n before 10, and watchOS before 3 allows remote attackers\n to execute arbitrary code or cause a denial of service\n (memory corruption) via a crafted web\n site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1324\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?281749c4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h8\",\n \"libxslt-devel-1.1.28-5.h8\",\n \"libxslt-python-1.1.28-5.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:25", "description": "According to the version of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-01-20T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2021-1094)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2021-01-22T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1094.NASL", "href": "https://www.tenable.com/plugins/nessus/145183", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145183);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/22\");\n\n script_cve_id(\n \"CVE-2016-4738\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2021-1094)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - libxslt in Apple iOS before 10, OS X before 10.12, tvOS\n before 10, and watchOS before 3 allows remote attackers\n to execute arbitrary code or cause a denial of service\n (memory corruption) via a crafted web\n site.(CVE-2016-4738)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1094\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?22c37789\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h8\",\n \"libxslt-devel-1.1.28-5.h8\",\n \"libxslt-python-1.1.28-5.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:56:29", "description": "Nick Wellnhofer discovered that the xsltFormatNumberConversion function in libxslt, an XSLT processing runtime library, does not properly check for a zero byte terminating the pattern string. This flaw can be exploited to leak a couple of bytes after the buffer that holds the pattern string.", "cvss3": {}, "published": "2016-11-09T00:00:00", "type": "nessus", "title": "Debian DSA-3709-1 : libxslt - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxslt", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3709.NASL", "href": "https://www.tenable.com/plugins/nessus/94645", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3709. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94645);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4738\");\n script_xref(name:\"DSA\", value:\"3709\");\n\n script_name(english:\"Debian DSA-3709-1 : libxslt - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Nick Wellnhofer discovered that the xsltFormatNumberConversion\nfunction in libxslt, an XSLT processing runtime library, does not\nproperly check for a zero byte terminating the pattern string. This\nflaw can be exploited to leak a couple of bytes after the buffer that\nholds the pattern string.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842570\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libxslt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3709\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libxslt packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.1.28-2+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libxslt1-dbg\", reference:\"1.1.28-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxslt1-dev\", reference:\"1.1.28-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxslt1.1\", reference:\"1.1.28-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxslt1\", reference:\"1.1.28-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxslt1-dbg\", reference:\"1.1.28-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xsltproc\", reference:\"1.1.28-2+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:55:24", "description": "This update for libxml2 fixes the following issues :\n\n - CVE-2016-4658: Use after free via namespace node in XPointer ranges (bsc#1005544).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-27T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:2650-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxml2", "p-cpe:/a:novell:suse_linux:libxml2-2", "p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo", "p-cpe:/a:novell:suse_linux:libxml2-debugsource", "p-cpe:/a:novell:suse_linux:libxml2-tools", "p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2", "p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2650-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94319", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2650-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94319);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-4658\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:2650-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libxml2 fixes the following issues :\n\n - CVE-2016-4658: Use after free via namespace node in\n XPointer ranges (bsc#1005544).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4658/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162650-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a989c7fd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2016-1555=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1555=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1555=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-debuginfo-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-debugsource-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-tools-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-tools-debuginfo-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-debuginfo-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-debugsource-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-32bit-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-debugsource-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-tools-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-tools-debuginfo-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-debuginfo-2.9.1-26.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-debugsource-2.9.1-26.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:56:38", "description": "This update for libxml2 fixes the following issues :\n\n - CVE-2016-4658: Use after free via namespace node in XPointer ranges (bsc#1005544).\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2016-11-04T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2016-1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2", "p-cpe:/a:novell:opensuse:python-libxml2-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-debugsource", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1259.NASL", "href": "https://www.tenable.com/plugins/nessus/94529", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1259.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94529);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-4658\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2016-1259)\");\n script_summary(english:\"Check for the openSUSE-2016-1259 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libxml2 fixes the following issues :\n\n - CVE-2016-4658: Use after free via namespace node in\n XPointer ranges (bsc#1005544).\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005544\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-2-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-2-debuginfo-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-debugsource-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-devel-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-tools-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-tools-debuginfo-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-debuginfo-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-debugsource-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.1-22.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:56:37", "description": "This update for libxml2 fixes the following issues :\n\n - CVE-2016-4658: libxml2 allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document (boo#1005544).", "cvss3": {}, "published": "2016-11-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2016-1265)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2", "p-cpe:/a:novell:opensuse:python-libxml2-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-debugsource", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1265.NASL", "href": "https://www.tenable.com/plugins/nessus/94598", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1265.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94598);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-4658\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2016-1265)\");\n script_summary(english:\"Check for the openSUSE-2016-1265 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libxml2 fixes the following issues :\n\n - CVE-2016-4658: libxml2 allowed remote attackers to\n execute arbitrary code or cause a denial of service\n (memory corruption) via a crafted XML document\n (boo#1005544).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005544\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-2-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-2-debuginfo-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-debugsource-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-devel-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-tools-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-tools-debuginfo-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-debuginfo-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-debugsource-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.4-7.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.4-7.20.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:24:05", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3810 advisory.\n\n - libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-13T00:00:00", "type": "nessus", "title": "RHEL 7 : libxml2 (RHSA-2021:3810)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:libxml2-python", "p-cpe:/a:redhat:enterprise_linux:libxml2-static"], "id": "REDHAT-RHSA-2021-3810.NASL", "href": "https://www.tenable.com/plugins/nessus/154074", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3810. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154074);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\"CVE-2016-4658\");\n script_xref(name:\"RHSA\", value:\"2021:3810\");\n\n script_name(english:\"RHEL 7 : libxml2 (RHSA-2021:3810)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:3810 advisory.\n\n - libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2016-4658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1384424\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4658\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-static\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libxml2-2.9.1-6.el7_9.6', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.1-6.el7_9.6', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.el7_9.6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.el7_9.6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.el7_9.6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.el7_9.6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-static-2.9.1-6.el7_9.6', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / libxml2-python / libxml2-static');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:49", "description": "The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3810 advisory.\n\n - libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "CentOS 7 : libxml2 (CESA-2021:3810)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658"], "modified": "2021-11-17T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libxml2", "p-cpe:/a:centos:centos:libxml2-devel", "p-cpe:/a:centos:centos:libxml2-python", "p-cpe:/a:centos:centos:libxml2-static", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2021-3810.NASL", "href": "https://www.tenable.com/plugins/nessus/155543", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3810 and\n# CentOS Errata and Security Advisory 2021:3810 respectively.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155543);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/17\");\n\n script_cve_id(\"CVE-2016-4658\");\n script_xref(name:\"RHSA\", value:\"2021:3810\");\n\n script_name(english:\"CentOS 7 : libxml2 (CESA-2021:3810)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2021:3810 advisory.\n\n - libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2021-November/048378.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fe8fe227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4658\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'libxml2-2.9.1-6.el7_9.6', 'sp':'9', 'cpu':'i686', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.1-6.el7_9.6', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.1-6.el7_9.6', 'sp':'9', 'cpu':'i686', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.1-6.el7_9.6', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.el7_9.6', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-static-2.9.1-6.el7_9.6', 'sp':'9', 'cpu':'i686', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-static-2.9.1-6.el7_9.6', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / libxml2-python / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:07", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libxml2 packages installed that are affected by a vulnerability:\n\n - xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document. (CVE-2016-4658)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : libxml2 Vulnerability (NS-SA-2022-0015)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4658"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:libxml2", "p-cpe:/a:zte:cgsl_core:libxml2-debuginfo", "p-cpe:/a:zte:cgsl_core:libxml2-devel", "p-cpe:/a:zte:cgsl_core:libxml2-python", "p-cpe:/a:zte:cgsl_core:libxml2-static", "p-cpe:/a:zte:cgsl_main:libxml2", "p-cpe:/a:zte:cgsl_main:libxml2-debuginfo", "p-cpe:/a:zte:cgsl_main:libxml2-devel", "p-cpe:/a:zte:cgsl_main:libxml2-python", "p-cpe:/a:zte:cgsl_main:libxml2-static", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2022-0015_LIBXML2.NASL", "href": "https://www.tenable.com/plugins/nessus/160782", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2022-0015. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160782);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\"CVE-2016-4658\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : libxml2 Vulnerability (NS-SA-2022-0015)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libxml2 packages installed that are affected\nby a vulnerability:\n\n - xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and\n watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows\n remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory\n corruption) via a crafted XML document. (CVE-2016-4658)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2022-0015\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2016-4658\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL libxml2 packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4658\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.04': [\n 'libxml2-2.9.1-6.el7_9.6',\n 'libxml2-debuginfo-2.9.1-6.el7_9.6',\n 'libxml2-devel-2.9.1-6.el7_9.6',\n 'libxml2-python-2.9.1-6.el7_9.6',\n 'libxml2-static-2.9.1-6.el7_9.6'\n ],\n 'CGSL MAIN 5.04': [\n 'libxml2-2.9.1-6.el7_9.6',\n 'libxml2-debuginfo-2.9.1-6.el7_9.6',\n 'libxml2-devel-2.9.1-6.el7_9.6',\n 'libxml2-python-2.9.1-6.el7_9.6',\n 'libxml2-static-2.9.1-6.el7_9.6'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2019-07-17T14:25:03", "description": "This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-28T00:00:00", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities September16 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4762", "CVE-2016-4767", "CVE-2016-4734", "CVE-2016-4759", "CVE-2016-4733", "CVE-2016-4730", "CVE-2016-4737", "CVE-2016-4769", "CVE-2016-4731", "CVE-2016-4768", "CVE-2016-4728", "CVE-2016-4751", "CVE-2016-4618", "CVE-2016-4729", "CVE-2016-4611", "CVE-2016-4758", "CVE-2016-4763", "CVE-2016-4766", "CVE-2016-4735", "CVE-2016-4760", "CVE-2016-4765"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310807889", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807889", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities September16 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807889\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2016-4618\", \"CVE-2016-4751\", \"CVE-2016-4728\", \"CVE-2016-4758\",\n \"CVE-2016-4611\", \"CVE-2016-4729\", \"CVE-2016-4730\", \"CVE-2016-4731\",\n \"CVE-2016-4734\", \"CVE-2016-4735\", \"CVE-2016-4737\", \"CVE-2016-4759\",\n \"CVE-2016-4762\", \"CVE-2016-4766\", \"CVE-2016-4767\", \"CVE-2016-4768\",\n \"CVE-2016-4769\", \"CVE-2016-4760\", \"CVE-2016-4733\", \"CVE-2016-4765\",\n \"CVE-2016-4763\");\n script_bugtraq_id(93053, 93057, 93067, 93066, 93065, 93064, 93062, 93058);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-28 12:58:27 +0530 (Wed, 28 Sep 2016)\");\n script_name(\"Apple Safari Multiple Vulnerabilities September16 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A state management issue in the handling of tab sessions.\n\n - Multiple input validation issues.\n\n - A parsing issue in the handling of error prototypes.\n\n - A permissions issue in the handling of the location variable.\n\n - Multiple memory corruption issues.\n\n - An error in safari's support of HTTP/0.9.\n\n - A certificate validation issue in the handling of WKWebView.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct cross-site scripting attacks, spoofing attacks, arbitrary\n code execution, access to potentially sensitive data, intercept and alter\n network traffic.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 10\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari version 10 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207157\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!safVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:safVer, test_version:\"10\"))\n{\n report = report_fixed_ver(installed_version:safVer, fixed_version:\"10\");\n security_message(data:report);\n exit(0);\n}\n\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-03T20:51:23", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-28T00:00:00", "type": "openvas", "title": "Apple iTunes Multiple Vulnerabilities Sep16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4762", "CVE-2016-4767", "CVE-2016-4759", "CVE-2016-4769", "CVE-2016-4768", "CVE-2016-4728", "CVE-2016-4758", "CVE-2016-4763", "CVE-2016-4766", "CVE-2016-4760", "CVE-2016-4765"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310807890", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807890", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Multiple Vulnerabilities Sep16 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807890\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2016-4728\", \"CVE-2016-4758\", \"CVE-2016-4759\", \"CVE-2016-4762\",\n \"CVE-2016-4766\", \"CVE-2016-4767\", \"CVE-2016-4768\", \"CVE-2016-4760\",\n \"CVE-2016-4765\", \"CVE-2016-4763\", \"CVE-2016-4769\");\n script_bugtraq_id(93064, 93066, 93067, 93062);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-09-28 15:03:42 +0530 (Wed, 28 Sep 2016)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities Sep16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - A parsing issue in the handling of error prototypes.\n\n - A permissions issue in the handling of the location variable.\n\n - Multiple memory corruption issues.\n\n - Cross-protocol exploitation of non-HTTP services using DNS rebinding.\n\n - A certificate validation issue in the handling of WKWebView.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code, intercept and alter network traffic, access\n non-HTTP services and gain access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.5.1\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.5.1 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207158\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"12.5.1\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"12.5.1\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-01-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for webkit2gtk USN-3166-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4762", "CVE-2016-4767", "CVE-2016-4734", "CVE-2016-4761", "CVE-2016-4759", "CVE-2016-4733", "CVE-2016-7578", "CVE-2016-4769", "CVE-2016-4768", "CVE-2016-4728", "CVE-2016-4613", "CVE-2016-4707", "CVE-2016-4764", "CVE-2016-4735", "CVE-2016-4760", "CVE-2016-4657", "CVE-2016-4666", "CVE-2016-4765"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for webkit2gtk USN-3166-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843008\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-11 05:38:31 +0100 (Wed, 11 Jan 2017)\");\n script_cve_id(\"CVE-2016-4613\", \"CVE-2016-4657\", \"CVE-2016-4666\", \"CVE-2016-4707\",\n\t\t\"CVE-2016-4728\", \"CVE-2016-4733\", \"CVE-2016-4734\", \"CVE-2016-4735\",\n\t\t\"CVE-2016-4759\", \"CVE-2016-4760\", \"CVE-2016-4761\", \"CVE-2016-4762\",\n\t\t\"CVE-2016-4764\", \"CVE-2016-4765\", \"CVE-2016-4767\", \"CVE-2016-4768\",\n\t\t\"CVE-2016-4769\", \"CVE-2016-7578\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for webkit2gtk USN-3166-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A large number of security issues were\n discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked\n into viewing a malicious website, a remote attacker could exploit a variety of\n issues related to web browser security, including cross-site scripting attacks,\n denial of service attacks, and arbitrary code execution.\");\n script_tag(name:\"affected\", value:\"webkit2gtk on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3166-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3166-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libjavascriptcoregtk-4.0-18\", ver:\"2.14.2-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libwebkit2gtk-4.0-37\", ver:\"2.14.2-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:01", "description": "This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-28T00:00:00", "type": "openvas", "title": "Apple Mac OS X Multiple Vulnerabilities-01 September-2016", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4727", "CVE-2016-5771", "CVE-2016-6288", "CVE-2016-6290", "CVE-2016-4713", "CVE-2016-4750", "CVE-2016-4716", "CVE-2016-4703", "CVE-2016-5772", "CVE-2016-4722", "CVE-2016-4753", "CVE-2016-4752", "CVE-2016-4773", "CVE-2016-4694", "CVE-2016-4696", "CVE-2016-4701", "CVE-2016-0755", "CVE-2016-4715", "CVE-2016-4712", "CVE-2016-4708", "CVE-2016-4709", "CVE-2016-4748", "CVE-2016-4755", "CVE-2016-5770", "CVE-2016-5768", "CVE-2016-4717", "CVE-2016-4710", "CVE-2016-4745", "CVE-2016-4776", "CVE-2016-6174", "CVE-2016-4711", "CVE-2016-4699", "CVE-2016-6295", "CVE-2016-4697", "CVE-2016-6297", "CVE-2016-4739", "CVE-2016-6292", "CVE-2016-4698", "CVE-2016-4736", "CVE-2016-4707", "CVE-2016-5131", "CVE-2016-6289", "CVE-2016-4718", "CVE-2016-4777", "CVE-2016-4738", "CVE-2016-4723", "CVE-2016-4724", "CVE-2016-5769", "CVE-2016-6294", "CVE-2016-4725", "CVE-2016-4742", "CVE-2016-4706", "CVE-2016-5773", "CVE-2016-4772", "CVE-2016-4779", "CVE-2016-4771", "CVE-2016-4726", "CVE-2016-4658", "CVE-2016-4700", "CVE-2016-4775", "CVE-2016-6291", "CVE-2016-4774", "CVE-2016-4778", "CVE-2016-4702", "CVE-2016-6296"], "modified": "2019-05-03T00:00:00", "id": "OPENVAS:1361412562310807888", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807888", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Mac OS X Multiple Vulnerabilities-01 September-2016\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807888\");\n script_version(\"2019-05-03T08:55:39+0000\");\n script_cve_id(\"CVE-2016-4694\", \"CVE-2016-5768\", \"CVE-2016-5769\", \"CVE-2016-5770\",\n \"CVE-2016-5771\", \"CVE-2016-5772\", \"CVE-2016-5773\", \"CVE-2016-6174\",\n \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\",\n \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\", \"CVE-2016-6296\",\n \"CVE-2016-6297\", \"CVE-2016-4697\", \"CVE-2016-4696\", \"CVE-2016-4698\",\n \"CVE-2016-4699\", \"CVE-2016-4700\", \"CVE-2016-4701\", \"CVE-2016-4779\",\n \"CVE-2016-4702\", \"CVE-2016-4703\", \"CVE-2016-4706\", \"CVE-2016-4707\",\n \"CVE-2016-4708\", \"CVE-2016-4711\", \"CVE-2016-4712\", \"CVE-2016-4713\",\n \"CVE-2016-0755\", \"CVE-2016-4715\", \"CVE-2016-4716\", \"CVE-2016-4717\",\n \"CVE-2016-4718\", \"CVE-2016-4722\", \"CVE-2016-4723\", \"CVE-2016-4724\",\n \"CVE-2016-4725\", \"CVE-2016-4726\", \"CVE-2016-4727\", \"CVE-2016-4745\",\n \"CVE-2016-4771\", \"CVE-2016-4772\", \"CVE-2016-4773\", \"CVE-2016-4774\",\n \"CVE-2016-4776\", \"CVE-2016-4775\", \"CVE-2016-4777\", \"CVE-2016-4778\",\n \"CVE-2016-4736\", \"CVE-2016-4658\", \"CVE-2016-5131\", \"CVE-2016-4738\",\n \"CVE-2016-4739\", \"CVE-2016-4742\", \"CVE-2016-4748\", \"CVE-2016-4750\",\n \"CVE-2016-4752\", \"CVE-2016-4753\", \"CVE-2016-4755\", \"CVE-2016-4709\",\n \"CVE-2016-4710\");\n script_bugtraq_id(93063, 91396, 92074, 92073, 93054, 93055, 92095, 92094, 92097,\n 93059, 92078, 92053, 91732, 91399, 91398, 91397, 92099, 82307,\n 92111, 91403, 92115, 91401, 93060, 93056);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 08:55:39 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-28 12:22:55 +0530 (Wed, 28 Sep 2016)\");\n script_name(\"Apple Mac OS X Multiple Vulnerabilities-01 September-2016\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists. For details\n refer the reference links.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to execute arbitrary code or cause a denial of service (memory corruption),\n gain access to potentially sensitive information, bypass certain protection\n mechanism and have other impacts.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X versions 10.7.5 through 10.11.x\n prior to 10.12\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X version\n 10.12 or later. Please see the references for more information.\n\n Note: According to the vendor an upgrade to version 10.12 is required to\n mitigate this vulnerabilities. Please see the advisory (HT207170) for more info.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207170\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.([7-9]|1[01])\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer)\n exit(0);\n\nif(\"Mac OS X\" >< osName && osVer =~ \"^10\\.([7-9]|1[01])\"){\n if(version_in_range(version:osVer, test_version: \"10.7.5\", test_version2:\"10.11.6\")){\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"According to the vendor an upgrade to version 10.12 is required to mitigate this vulnerabilities. Please see the advisory (HT207170) for more info.\");\n security_message(port:0, data:report);\n exit(0);\n }\n}\n\nexit(99);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:54:49", "description": "Several vulnerabilities were discovered\nin libxml2, a library providing support to read, modify and write XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML file that,\nwhen processed by an application using libxml2, would cause a denial-of-service\nagainst the application, or potentially, the execution of arbitrary code with\nthe privileges of the user running the application.", "cvss3": {}, "published": "2016-12-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3744-1 (libxml2 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5131", "CVE-2016-4658"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703744", "href": "http://plugins.openvas.org/nasl.php?oid=703744", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3744.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3744-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703744);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-4658\", \"CVE-2016-5131\");\n script_name(\"Debian Security Advisory DSA 3744-1 (libxml2 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-12-23 00:00:00 +0100 (Fri, 23 Dec 2016)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3744.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"libxml2 on Debian Linux\");\n script_tag(name: \"insight\", value: \"XML is a metalanguage to let you\ndesign your own markup language. A regular markup language defines a way to\ndescribe information in a certain class of documents (eg HTML). XML lets you\ndefine your own customized markup languages for many classes of document. It\ncan do this because it's written in SGML, the international standard\nmetalanguage for markup languages.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 2.9.1+dfsg1-5+deb8u4.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.4+dfsg1-2.1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.4+dfsg1-2.1.\n\nWe recommend that you upgrade your libxml2 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered\nin libxml2, a library providing support to read, modify and write XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML file that,\nwhen processed by an application using libxml2, would cause a denial-of-service\nagainst the application, or potentially, the execution of arbitrary code with\nthe privileges of the user running the application.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxml2-dbg:amd64\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dbg:i386\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxml2-dev:amd64\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dev:i386\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxml2-dbg:amd64\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dbg:i386\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxml2-dev:amd64\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dev:i386\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-libxml2\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-libxml2-dbg\", ver:\"2.9.4+dfsg1-2.1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:25", "description": "Several vulnerabilities were discovered\nin libxml2, a library providing support to read, modify and write XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML file that,\nwhen processed by an application using libxml2, would cause a denial-of-service\nagainst the application, or potentially, the execution of arbitrary code with\nthe privileges of the user running the application.", "cvss3": {}, "published": "2016-12-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3744-1 (libxml2 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5131", "CVE-2016-4658"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703744", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703744", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3744.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3744-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703744\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-4658\", \"CVE-2016-5131\");\n script_name(\"Debian Security Advisory DSA 3744-1 (libxml2 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-23 00:00:00 +0100 (Fri, 23 Dec 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3744.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(8|9)\");\n script_tag(name:\"affected\", value:\"libxml2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 2.9.1+dfsg1-5+deb8u4.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.4+dfsg1-2.1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.4+dfsg1-2.1.\n\nWe recommend that you upgrade your libxml2 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered\nin libxml2, a library providing support to read, modify and write XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML file that,\nwhen processed by an application using libxml2, would cause a denial-of-service\nagainst the application, or potentially, the execution of arbitrary code with\nthe privileges of the user running the application.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxml2-dbg:amd64\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-dbg:i386\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxml2-dev:amd64\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-dev:i386\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.9.1+dfsg1-5+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxml2-dbg:amd64\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-dbg:i386\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxml2-dev:amd64\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-dev:i386\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxml2-doc\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-utils\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml2-utils-dbg\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxml2\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxml2-dbg\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-libxml2\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-libxml2-dbg\", ver:\"2.9.4+dfsg1-2.1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for libxml2 USN-3235-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4448", "CVE-2016-5131", "CVE-2016-4658"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843097", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843097", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for libxml2 USN-3235-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843097\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-17 06:32:18 +0100 (Fri, 17 Mar 2017)\");\n script_cve_id(\"CVE-2016-4448\", \"CVE-2016-4658\", \"CVE-2016-5131\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for libxml2 USN-3235-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxml2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that libxml2 incorrectly\n handled format strings. If a user or automated system were tricked into opening\n a specially crafted document, an attacker could possibly cause libxml2 to crash,\n resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS,\n Ubuntu 14.04 LTS, and Ubuntu 16.04 LTS. (CVE-2016-4448) It was discovered that\n libxml2 incorrectly handled certain malformed documents. If a user or automated\n system were tricked into opening a specially crafted document, an attacker could\n cause libxml2 to crash, resulting in a denial of service, or possibly execute\n arbitrary code. (CVE-2016-4658) Nick Wellnhofer discovered that libxml2\n incorrectly handled certain malformed documents. If a user or automated system\n were tricked into opening a specially crafted document, an attacker could cause\n libxml2 to crash, resulting in a denial of service, or possibly execute\n arbitrary code. (CVE-2016-5131)\");\n script_tag(name:\"affected\", value:\"libxml2 on Ubuntu 16.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3235-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3235-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.10|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.1+dfsg1-3ubuntu4.9\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.1+dfsg1-3ubuntu4.9\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.4+dfsg1-2ubuntu0.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.4+dfsg1-2ubuntu0.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.7.8.dfsg-5.1ubuntu4.17\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.7.8.dfsg-5.1ubuntu4.17\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxml2:i386\", ver:\"2.9.3+dfsg1-1ubuntu0.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libxml2:amd64\", ver:\"2.9.3+dfsg1-1ubuntu0.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:54:45", "description": "Nick Wellnhofer discovered that the\nxsltFormatNumberConversion function in libxslt, an XSLT processing runtime library,\ndoes not properly check for a zero byte terminating the pattern string. This flaw\ncan be exploited to leak a couple of bytes after the buffer that holds the\npattern string.", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3709-1 (libxslt - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703709", "href": "http://plugins.openvas.org/nasl.php?oid=703709", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3709.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3709-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703709);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-4738\");\n script_name(\"Debian Security Advisory DSA 3709-1 (libxslt - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:18 +0530 (Mon, 14 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3709.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"libxslt on Debian Linux\");\n script_tag(name: \"insight\", value: \"XSLT is an XML language for defining\ntransformations of XML files from XML to some other arbitrary format, such as\nXML, HTML, plain text, etc. using standard XSLT stylesheets. libxslt is a C\nlibrary which implements XSLT version 1.0.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 1.1.28-2+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 1.1.29-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.29-2.\n\nWe recommend that you upgrade your libxslt packages.\");\n script_tag(name: \"summary\", value: \"Nick Wellnhofer discovered that the\nxsltFormatNumberConversion function in libxslt, an XSLT processing runtime library,\ndoes not properly check for a zero byte terminating the pattern string. This flaw\ncan be exploited to leak a couple of bytes after the buffer that holds the\npattern string.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxslt1-dbg:amd64\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxslt1-dbg:i386\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxslt1-dev:amd64\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxslt1-dev:i386\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxslt1.1:amd64\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxslt1.1:i386\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"python-libxslt1\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxslt1-dbg\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xsltproc\", ver:\"1.1.29-2\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxslt1-dbg:amd64\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxslt1-dbg:i386\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxslt1-dev:amd64\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxslt1-dev:i386\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libxslt1.1:amd64\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxslt1.1:i386\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"python-libxslt1\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libxslt1-dbg\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xsltproc\", ver:\"1.1.28-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:32", "description": "Nick Wellnhofer discovered that the\nxsltFormatNumberConversion function in libxslt, an XSLT processing runtime library,\ndoes not properly check for a zero byte terminating the pattern string. This flaw\ncan be exploited to leak a couple of bytes after the buffer that holds the\npattern string.", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3709-1 (libxslt - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4738"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703709", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703709", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3709.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3709-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703709\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-4738\");\n script_name(\"Debian Security Advisory DSA 3709-1 (libxslt - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:18 +0530 (Mon, 14 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3709.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"libxslt on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 1.1.28-2+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 1.1.29-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.29-2.\n\nWe recommend that you upgrade your libxslt packages.\");\n script_tag(name:\"summary\", value:\"Nick Wellnhofer discovered that the\nxsltFormatNumberConversion function in libxslt, an XSLT processing runtime library,\ndoes not properly check for a zero byte terminating the pattern string. This flaw\ncan be exploited to leak a couple of bytes after the buffer that holds the\npattern string.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libxslt1-dbg:amd64\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxslt1-dbg:i386\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxslt1-dev:amd64\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxslt1-dev:i386\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxslt1.1:amd64\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxslt1.1:i386\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"python-libxslt1\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxslt1-dbg\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xsltproc\", ver:\"1.1.29-2\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxslt1-dbg:amd64\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxslt1-dbg:i386\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxslt1-dev:amd64\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxslt1-dev:i386\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libxslt1.1:amd64\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxslt1.1:i386\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"python-libxslt1\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libxslt1-dbg\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xsltproc\", ver:\"1.1.28-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2023-12-08T23:54:38", "description": "### *Detect date*:\n09/25/2016\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information.\n\n### *Affected products*:\nApple iTunes versions earlier than 12.5.1 on Windows\n\n### *Solution*:\nUpdate to the latest version \n[Get iTunes](<http://www.apple.com/itunes/>)\n\n### *Original advisories*:\n[Apple advisory](<https://support.apple.com/en-us/HT207158>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iTunes](<https://threats.kaspersky.com/en/product/Apple-iTunes/>)\n\n### *CVE-IDS*:\n[CVE-2016-4769](<https://vulners.com/cve/CVE-2016-4769>)6.8High \n[CVE-2016-4768](<https://vulners.com/cve/CVE-2016-4768>)6.8High \n[CVE-2016-4767](<https://vulners.com/cve/CVE-2016-4767>)6.8High \n[CVE-2016-4766](<https://vulners.com/cve/CVE-2016-4766>)6.8High \n[CVE-2016-4765](<https://vulners.com/cve/CVE-2016-4765>)6.8High \n[CVE-2016-4763](<https://vulners.com/cve/CVE-2016-4763>)4.9Warning \n[CVE-2016-4762](<https://vulners.com/cve/CVE-2016-4762>)6.8High \n[CVE-2016-4760](<https://vulners.com/cve/CVE-2016-4760>)4.3Warning \n[CVE-2016-4759](<https://vulners.com/cve/CVE-2016-4759>)6.8High \n[CVE-2016-4758](<https://vulners.com/cve/CVE-2016-4758>)4.3Warning", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "kaspersky", "title": "KLA10877 Multiple vulnerabilities in iTunes", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4762", "CVE-2016-4763", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769"], "modified": "2020-06-03T00:00:00", "id": "KLA10877", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10877/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T03:34:10", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-11T17:38:00", "id": "PRION:CVE-2016-4766", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4766", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:34:11", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-11T18:26:00", "id": "PRION:CVE-2016-4765", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4765", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:34:09", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-11T18:28:00", "id": "PRION:CVE-2016-4759", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4759", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:34:11", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-11T18:29:00", "id": "PRION:CVE-2016-4768", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4768", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:34:11", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-13T14:10:00", "id": "PRION:CVE-2016-4767", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4767", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:33:52", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-13T13:27:00", "id": "PRION:CVE-2016-4611", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4611", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:34:07", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-11T18:17:00", "id": "PRION:CVE-2016-4730", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4730", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:06", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-13T13:31:00", "id": "PRION:CVE-2016-4735", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4735", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:07", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-13T13:40:00", "id": "PRION:CVE-2016-4733", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4733", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:07", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4735.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-12T19:30:00", "id": "PRION:CVE-2016-4734", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4734", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:11", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Out-of-bounds", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4776"], "modified": "2019-03-13T15:05:00", "id": "PRION:CVE-2016-4776", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4776", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-11-22T03:34:11", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Out-of-bounds", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4776"], "modified": "2019-03-13T14:00:00", "id": "PRION:CVE-2016-4773", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4773", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-11-22T03:34:11", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Out-of-bounds", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4776"], "modified": "2019-03-13T14:58:00", "id": "PRION:CVE-2016-4774", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4774", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-11-22T03:34:06", "description": "WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4731.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4729", "CVE-2016-4731"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4729", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4729", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:06", "description": "WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4729.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4729", "CVE-2016-4731"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4731", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4731", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:39:29", "description": "An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the \"Springboard\" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-20T08:59:00", "type": "prion", "title": "Information disclosure", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7759"], "modified": "2017-02-22T15:11:00", "id": "PRION:CVE-2016-7759", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-7759", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:07", "description": "The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-18T22:59:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4741"], "modified": "2017-08-13T01:29:00", "id": "PRION:CVE-2016-4741", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4741", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T03:34:05", "description": "CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Out-of-bounds", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4712"], "modified": "2019-03-13T13:39:00", "id": "PRION:CVE-2016-4712", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4712", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:05", "description": "IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4725"], "modified": "2019-03-13T15:06:00", "id": "PRION:CVE-2016-4725", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4725", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-11-22T03:34:05", "description": "The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified vectors.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Spoofing", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4722"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4722", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4722", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-11-22T03:34:04", "description": "CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Information disclosure", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4708"], "modified": "2019-03-13T14:31:00", "id": "PRION:CVE-2016-4708", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4708", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:10", "description": "Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4753"], "modified": "2019-03-13T14:14:00", "id": "PRION:CVE-2016-4753", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4753", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:09", "description": "Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4747"], "modified": "2017-08-13T01:29:00", "id": "PRION:CVE-2016-4747", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4747", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:03", "description": "Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4702"], "modified": "2019-03-13T14:34:00", "id": "PRION:CVE-2016-4702", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4702", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:08", "description": "The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4746"], "modified": "2017-08-13T01:29:00", "id": "PRION:CVE-2016-4746", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4746", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:06", "description": "IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Null pointer dereference", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4724"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4724", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4724", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:06", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4728"], "modified": "2019-03-11T17:56:00", "id": "PRION:CVE-2016-4728", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4728", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:33:53", "description": "Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka \"Universal XSS (UXSS).\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Cross site scripting", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4618"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4618", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4618", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-22T03:34:03", "description": "CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Input validation", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4711"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4711", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4711", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:05", "description": "The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-18T22:59:00", "type": "prion", "title": "Information disclosure", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4719"], "modified": "2017-08-13T01:29:00", "id": "PRION:CVE-2016-4719", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4719", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:06", "description": "IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4726"], "modified": "2019-03-09T00:45:00", "id": "PRION:CVE-2016-4726", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4726", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:12", "description": "WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4763"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4763", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4763", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-11-22T03:34:08", "description": "Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors.", "cvss3": {"exploitabilityScore": 1.4, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 2.9, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4740"], "modified": "2017-08-13T01:29:00", "id": "PRION:CVE-2016-4740", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4740", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:04", "description": "Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Buffer overflow", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4718"], "modified": "2019-03-13T14:24:00", "id": "PRION:CVE-2016-4718", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4718", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:10", "description": "WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive information via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4758"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4758", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4758", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:09", "description": "S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4750"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4750", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4750", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:12", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Null pointer dereference", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4777"], "modified": "2019-03-13T15:11:00", "id": "PRION:CVE-2016-4777", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4777", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:04", "description": "CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Session fixation", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4707"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4707", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4707", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T03:34:08", "description": "WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4737"], "modified": "2019-03-12T19:30:00", "id": "PRION:CVE-2016-4737", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4737", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:07", "description": "libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2023-11-07T02:32:00", "id": "PRION:CVE-2016-4738", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4738", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:01", "description": "AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4698"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4698", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4698", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:10", "description": "WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud before 6.0 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4762"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4762", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4762", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:34:12", "description": "The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4771"], "modified": "2017-07-30T01:29:00", "id": "PRION:CVE-2016-4771", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4771", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:34:12", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4778"], "modified": "2019-03-13T13:57:00", "id": "PRION:CVE-2016-4778", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4778", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:34:10", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-25T11:00:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4772"], "modified": "2019-03-13T15:10:00", "id": "PRION:CVE-2016-4772", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4772", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T03:33:58", "description": "xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658"], "modified": "2019-03-13T14:05:00", "id": "PRION:CVE-2016-4658", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4658", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:33:53", "description": "The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4620"], "modified": "2017-08-13T01:29:00", "id": "PRION:CVE-2016-4620", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-4620", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2023-12-06T15:48:40", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on\nWindows, and Safari before 10 allows remote attackers to execute arbitrary\ncode or cause a denial of service (memory corruption) via a crafted web\nsite, a different vulnerability than CVE-2016-4759, CVE-2016-4765,\nCVE-2016-4766, and CVE-2016-4768.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4767", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4767", "href": "https://ubuntu.com/security/CVE-2016-4767", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:48:32", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on\nWindows, and Safari before 10 allows remote attackers to execute arbitrary\ncode or cause a denial of service (memory corruption) via a crafted web\nsite, a different vulnerability than CVE-2016-4759, CVE-2016-4765,\nCVE-2016-4767, and CVE-2016-4768.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4766", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4766", "href": "https://ubuntu.com/security/CVE-2016-4766", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:48:38", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on\nWindows, and Safari before 10 allows remote attackers to execute arbitrary\ncode or cause a denial of service (memory corruption) via a crafted web\nsite, a different vulnerability than CVE-2016-4759, CVE-2016-4765,\nCVE-2016-4766, and CVE-2016-4767.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4768", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4768", "href": "https://ubuntu.com/security/CVE-2016-4768", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:48:41", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on\nWindows, and Safari before 10 allows remote attackers to execute arbitrary\ncode or cause a denial of service (memory corruption) via a crafted web\nsite, a different vulnerability than CVE-2016-4765, CVE-2016-4766,\nCVE-2016-4767, and CVE-2016-4768.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4759", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4759", "href": "https://ubuntu.com/security/CVE-2016-4759", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:48:39", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on\nWindows, and Safari before 10 allows remote attackers to execute arbitrary\ncode or cause a denial of service (memory corruption) via a crafted web\nsite, a different vulnerability than CVE-2016-4759, CVE-2016-4766,\nCVE-2016-4767, and CVE-2016-4768.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4765", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4765", "href": "https://ubuntu.com/security/CVE-2016-4765", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:48:43", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption) via a crafted web site, a different vulnerability than\nCVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4735.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4734", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4734", "href": "https://ubuntu.com/security/CVE-2016-4734", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:48:42", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption) via a crafted web site, a different vulnerability than\nCVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4734.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4735", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4735", "href": "https://ubuntu.com/security/CVE-2016-4735", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:48:35", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption) via a crafted web site, a different vulnerability than\nCVE-2016-4611, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4730", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4730", "href": "https://ubuntu.com/security/CVE-2016-4730", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:48:36", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption) via a crafted web site, a different vulnerability than\nCVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4611", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4611", "href": "https://ubuntu.com/security/CVE-2016-4611", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:48:54", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption) via a crafted web site, a different vulnerability than\nCVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4733", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4733", "href": "https://ubuntu.com/security/CVE-2016-4733", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:48:34", "description": "WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers\nto execute arbitrary code or cause a denial of service (memory corruption)\nvia a crafted web site, a different vulnerability than CVE-2016-4731.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4729", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4729", "CVE-2016-4731"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4729", "href": "https://ubuntu.com/security/CVE-2016-4729", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:48:34", "description": "WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers\nto execute arbitrary code or cause a denial of service (memory corruption)\nvia a crafted web site, a different vulnerability than CVE-2016-4729.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4731", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4729", "CVE-2016-4731"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4731", "href": "https://ubuntu.com/security/CVE-2016-4731", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:48:41", "description": "libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and\nwatchOS before 3 allows remote attackers to execute arbitrary code or cause\na denial of service (memory corruption) via a crafted web site.\n\n#### Bugs\n\n * <https://bugs.chromium.org/p/chromium/issues/detail?id=619006>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | PoC in the chromium bug\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4738", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4738", "href": "https://ubuntu.com/security/CVE-2016-4738", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:48:32", "description": "WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on\nWindows, and Safari before 10 does not properly verify X.509 certificates\nfrom HTTPS servers, which allows man-in-the-middle attackers to spoof\nservers and obtain sensitive information via a crafted certificate.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4763", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4763"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4763", "href": "https://ubuntu.com/security/CVE-2016-4763", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T15:48:32", "description": "WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari\nbefore 10 does not properly restrict access to the location variable, which\nallows remote attackers to obtain sensitive information via a crafted web\nsite.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4758", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4758"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4758", "href": "https://ubuntu.com/security/CVE-2016-4758", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T15:48:44", "description": "CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local\nStorage deletion, which allows local users to discover the visited web\nsites of arbitrary users via unspecified vectors.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4707", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4707"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4707", "href": "https://ubuntu.com/security/CVE-2016-4707", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T15:48:43", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on\nWindows, and Safari before 10 mishandles error prototypes, which allows\nremote attackers to execute arbitrary code via a crafted web site.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4728", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4728"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4728", "href": "https://ubuntu.com/security/CVE-2016-4728", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:48:39", "description": "WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud\nbefore 6.0 on Windows, and Safari before 10 allows remote attackers to\nexecute arbitrary code or cause a denial of service (memory corruption) via\na crafted web site.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4762", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4762"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4762", "href": "https://ubuntu.com/security/CVE-2016-4762", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:48:33", "description": "WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and\nwatchOS before 3 allows remote attackers to execute arbitrary code or cause\na denial of service (memory corruption) via a crafted web site.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4737", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4737"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4737", "href": "https://ubuntu.com/security/CVE-2016-4737", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:48:41", "description": "WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari\nbefore 10 allows remote attackers to conduct DNS rebinding attacks against\nnon-HTTP Safari sessions by leveraging HTTP/0.9 support.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4760", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4760"], "modified": "2016-09-25T00:00:00", "id": "UB:CVE-2016-4760", "href": "https://ubuntu.com/security/CVE-2016-4760", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2023-12-08T14:42:55", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4768", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-11T18:29:00", "cpe": [], "id": "CVE-2016-4768", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4768", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:52", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4765", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-11T18:26:00", "cpe": [], "id": "CVE-2016-4765", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4765", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:52", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4767", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-13T14:10:00", "cpe": [], "id": "CVE-2016-4767", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4767", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:52", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4759", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-11T18:28:00", "cpe": [], "id": "CVE-2016-4759", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4759", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:56", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4766", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4759", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768"], "modified": "2019-03-11T17:38:00", "cpe": [], "id": "CVE-2016-4766", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4766", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:43", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4735", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-13T13:31:00", "cpe": [], "id": "CVE-2016-4735", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4735", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:06", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4611", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-13T13:27:00", "cpe": [], "id": "CVE-2016-4611", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4611", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:46", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4735.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4734", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-12T19:30:00", "cpe": [], "id": "CVE-2016-4734", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4734", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:40", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4730", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-11T18:17:00", "cpe": ["cpe:/o:apple:tvos:10.0"], "id": "CVE-2016-4730", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4730", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:apple:tvos:10.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-08T14:42:45", "description": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4733", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4730", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735"], "modified": "2019-03-13T13:40:00", "cpe": [], "id": "CVE-2016-4733", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4733", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:55", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4776", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4776"], "modified": "2019-03-13T15:05:00", "cpe": [], "id": "CVE-2016-4776", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4776", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:57", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4773", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4776"], "modified": "2019-03-13T14:00:00", "cpe": [], "id": "CVE-2016-4773", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4773", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:57", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4774", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4773", "CVE-2016-4774", "CVE-2016-4776"], "modified": "2019-03-13T14:58:00", "cpe": [], "id": "CVE-2016-4774", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4774", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}, "cpe23": []}, {"lastseen": "2023-12-08T14:42:42", "description": "WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4729.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4731", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4729", "CVE-2016-4731"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5", "cpe:/a:apple:safari:9.1.3"], "id": "CVE-2016-4731", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4731", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:apple:safari:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-08T14:42:40", "description": "WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4731.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4729", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4729", "CVE-2016-4731"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5", "cpe:/a:apple:safari:9.1.3"], "id": "CVE-2016-4729", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4729", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:apple:safari:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:59:27", "description": "An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the \"Springboard\" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-20T08:59:00", "type": "cve", "title": "CVE-2016-7759", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7759"], "modified": "2017-02-22T15:11:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-7759", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7759", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:00", "description": "CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4712", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4712"], "modified": "2019-03-13T13:39:00", "cpe": [], "id": "CVE-2016-4712", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4712", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:01", "description": "The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-18T22:59:00", "type": "cve", "title": "CVE-2016-4719", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4719"], "modified": "2017-08-13T01:29:00", "cpe": ["cpe:/o:apple:watchos:2.2", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4719", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4719", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:watchos:2.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:05", "description": "IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4725", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4725"], "modified": "2019-03-13T15:06:00", "cpe": [], "id": "CVE-2016-4725", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4725", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:12", "description": "The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "cve", "title": "CVE-2016-4746", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4746"], "modified": "2017-08-13T01:29:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4746", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4746", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:10", "description": "Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors.", "cvss3": {"exploitabilityScore": 1.4, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 2.9, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "cve", "title": "CVE-2016-4740", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4740"], "modified": "2017-08-13T01:29:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4740", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4740", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:05", "description": "IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4724", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4724"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:mac_os_x:10.11.6", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4724", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4724", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:10", "description": "The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-18T22:59:00", "type": "cve", "title": "CVE-2016-4741", "cwe": ["CWE-254"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4741"], "modified": "2017-08-13T01:29:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4741", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4741", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:15", "description": "S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4750", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4750"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:mac_os_x:10.11.6", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4750", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4750", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:40:59", "description": "CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4711", "cwe": ["CWE-200", "CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4711"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:mac_os_x:10.11.6", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4711", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4711", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:16", "description": "Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4753", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4753"], "modified": "2019-03-13T14:14:00", "cpe": [], "id": "CVE-2016-4753", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4753", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:19", "description": "WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4763", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4763"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/a:apple:itunes:12.4.3", "cpe:/a:apple:safari:9.1.3", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4763", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4763", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apple:itunes:12.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:9.1.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:40:56", "description": "CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4708", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4708"], "modified": "2019-03-13T14:31:00", "cpe": [], "id": "CVE-2016-4708", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4708", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:13", "description": "Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "cve", "title": "CVE-2016-4747", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4747"], "modified": "2017-08-13T01:29:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4747", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4747", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:05", "description": "IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4726", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4726"], "modified": "2019-03-09T00:45:00", "cpe": [], "id": "CVE-2016-4726", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4726", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:06", "description": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4728", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4728"], "modified": "2019-03-11T17:56:00", "cpe": [], "id": "CVE-2016-4728", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4728", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:01", "description": "The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified vectors.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4722", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4722"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:mac_os_x:10.11.6", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4722", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4722", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:18", "description": "WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive information via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4758", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4758"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/a:apple:itunes:12.4.3", "cpe:/a:apple:safari:9.1.3", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4758", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4758", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:apple:itunes:12.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:9.1.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:40:58", "description": "Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4702", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4702"], "modified": "2019-03-13T14:34:00", "cpe": [], "id": "CVE-2016-4702", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4702", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:09", "description": "libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4738", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2023-11-07T02:32:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2016-4738", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4738", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:40:58", "description": "CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4707", "cwe": ["CWE-19", "CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4707"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:mac_os_x:10.11.6", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4707", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4707", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:40:32", "description": "Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka \"Universal XSS (UXSS).\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4618", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4618"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/a:apple:safari:9.1.3", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4618", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4618", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:9.1.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:18", "description": "WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud before 6.0 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4762", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4762"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/a:apple:itunes:12.4.3", "cpe:/a:apple:icloud:5.2.1", "cpe:/a:apple:safari:9.1.3", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4762", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4762", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apple:itunes:12.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:icloud:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:9.1.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:22", "description": "WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4737", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4737"], "modified": "2019-03-12T19:30:00", "cpe": ["cpe:/o:apple:tvos:10.0"], "id": "CVE-2016-4737", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4737", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:apple:tvos:10.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:02", "description": "Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4718", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4718"], "modified": "2019-03-13T14:24:00", "cpe": [], "id": "CVE-2016-4718", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4718", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:27", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4778", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4778"], "modified": "2019-03-13T13:57:00", "cpe": [], "id": "CVE-2016-4778", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4778", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:24", "description": "The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4771", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4771"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:mac_os_x:10.11.6", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4771", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4771", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:40:57", "description": "AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "cve", "title": "CVE-2016-4698", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4698"], "modified": "2017-07-30T01:29:00", "cpe": ["cpe:/o:apple:mac_os_x:10.11.6", "cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4698", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4698", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:23", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4772", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4772"], "modified": "2019-03-13T15:10:00", "cpe": [], "id": "CVE-2016-4772", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4772", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2023-12-06T14:41:25", "description": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T11:00:00", "type": "cve", "title": "CVE-2016-4777", "cwe": ["CWE-476", "CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4777"], "modified": "2019-03-13T15:11:00", "cpe": [], "id": "CVE-2016-4777", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4777", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-06T14:40:33", "description": "The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "cve", "title": "CVE-2016-4620", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4620"], "modified": "2017-08-13T01:29:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4620", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4620", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:41:20", "description": "Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-18T22:59:00", "type": "cve", "title": "CVE-2016-4749", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4749"], "modified": "2017-08-13T01:29:00", "cpe": ["cpe:/o:apple:iphone_os:9.3.5"], "id": "CVE-2016-4749", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4749", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2023-12-09T02:30:28", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * webkit2gtk \\- JavaScript engine library from WebKitGTK+ - GObject introspection\n\nA large number of security issues were discovered in the WebKitGTK+ Web and \nJavaScript engines. If a user were tricked into viewing a malicious \nwebsite, a remote attacker could exploit a variety of issues related to web \nbrowser security, including cross-site scripting attacks, denial of service \nattacks, and arbitrary code execution.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2017-01-10T00:00:00", "type": "ubuntu", "title": "WebKitGTK+ vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4613", "CVE-2016-4657", "CVE-2016-4666", "CVE-2016-4707", "CVE-2016-4728", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4761", "CVE-2016-4762", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769", "CVE-2016-7578"], "modified": "2017-01-10T00:00:00", "id": "USN-3166-1", "href": "https://ubuntu.com/security/notices/USN-3166-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T16:14:55", "description": "## Releases\n\n * Ubuntu 16.10 \n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * libxml2 \\- GNOME XML library\n\nIt was discovered that libxml2 incorrectly handled format strings. If a \nuser or automated system were tricked into opening a specially crafted \ndocument, an attacker could possibly cause libxml2 to crash, resulting in a \ndenial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 \nLTS, and Ubuntu 16.04 LTS. (CVE-2016-4448)\n\nIt was discovered that libxml2 incorrectly handled certain malformed \ndocuments. If a user or automated system were tricked into opening a \nspecially crafted document, an attacker could cause libxml2 to crash, \nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2016-4658)\n\nNick Wellnhofer discovered that libxml2 incorrectly handled certain \nmalformed documents. If a user or automated system were tricked into \nopening a specially crafted document, an attacker could cause libxml2 to \ncrash, resulting in a denial of service, or possibly execute arbitrary \ncode. (CVE-2016-5131)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-16T00:00:00", "type": "ubuntu", "title": "libxml2 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4448", "CVE-2016-4658", "CVE-2016-5131"], "modified": "2017-03-16T00:00:00", "id": "USN-3235-1", "href": "https://ubuntu.com/security/notices/USN-3235-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2021-10-21T22:10:04", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3744-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 23, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxml2\nCVE ID : CVE-2016-4658 CVE-2016-5131\nDebian Bug : 840553 840554\n\nSeveral vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause a denial-of-service against\nthe application, or potentially, the execution of arbitrary code with\nthe privileges of the user running the application.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.9.1+dfsg1-5+deb8u4.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.4+dfsg1-2.1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.4+dfsg1-2.1.\n\nWe recommend that you upgrade your libxml2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-12-23T18:31:42", "type": "debian", "title": "[SECURITY] [DSA 3744-1] libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131"], "modified": "2016-12-23T18:31:42", "id": "DEBIAN:DSA-3744-1:AE7DC", "href": "https://lists.debian.org/debian-security-announce/2016/msg00328.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:08:02", "description": "Package : libxml2\nVersion : 2.8.0+dfsg1-7+wheezy7\nCVE ID : CVE-2016-4658 CVE-2016-5131\n\nCVE-2016-4658\n Namespace nodes must be copied to avoid use-after-free errors.\n But they don't necessarily have a physical representation in a\n document, so simply disallow them in XPointer ranges.\n\nCVE-2016-5131\n The old code would invoke the broken xmlXPtrRangeToFunction.\n range-to isn't really a function but a special kind of\n location step. Remove this function and always handle range-to\n in the XPath code.\n The old xmlXPtrRangeToFunction could also be abused to trigger\n a use-after-free error with the potential for remote code\n execution.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n2.8.0+dfsg1-7+wheezy7.\n\nWe recommend that you upgrade your libxml2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-31T17:09:55", "type": "debian", "title": "[SECURITY] [DLA 691-1] libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131"], "modified": "2016-10-31T17:09:55", "id": "DEBIAN:DLA-691-1:EF9E0", "href": "https://lists.debian.org/debian-lts-announce/2016/10/msg00048.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T11:33:29", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3744-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 23, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxml2\nCVE ID : CVE-2016-4658 CVE-2016-5131\nDebian Bug : 840553 840554\n\nSeveral vulnerabilities were discovered in libxml2, a library providing\nsupport to read, modify and write XML and HTML files. A remote attacker\ncould provide a specially crafted XML or HTML file that, when processed\nby an application using libxml2, would cause a denial-of-service against\nthe application, or potentially, the execution of arbitrary code with\nthe privileges of the user running the application.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.9.1+dfsg1-5+deb8u4.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 2.9.4+dfsg1-2.1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.9.4+dfsg1-2.1.\n\nWe recommend that you upgrade your libxml2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-23T18:31:42", "type": "debian", "title": "[SECURITY] [DSA 3744-1] libxml2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131"], "modified": "2016-12-23T18:31:42", "id": "DEBIAN:DSA-3744-1:D44DC", "href": "https://lists.debian.org/debian-security-announce/2016/msg00328.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T11:34:58", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3709-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nNovember 08, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxslt\nCVE ID : CVE-2016-4738\nDebian Bug : 842570\n\nNick Wellnhofer discovered that the xsltFormatNumberConversion function\nin libxslt, an XSLT processing runtime library, does not properly check\nfor a zero byte terminating the pattern string. This flaw can be\nexploited to leak a couple of bytes after the buffer that holds the\npattern string.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.1.28-2+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 1.1.29-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.29-2.\n\nWe recommend that you upgrade your libxslt packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-08T21:41:31", "type": "debian", "title": "[SECURITY] [DSA 3709-1] libxslt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2016-11-08T21:41:31", "id": "DEBIAN:DSA-3709-1:FEEAC", "href": "https://lists.debian.org/debian-security-announce/2016/msg00292.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T22:16:47", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3709-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nNovember 08, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxslt\nCVE ID : CVE-2016-4738\nDebian Bug : 842570\n\nNick Wellnhofer discovered that the xsltFormatNumberConversion function\nin libxslt, an XSLT processing runtime library, does not properly check\nfor a zero byte terminating the pattern string. This flaw can be\nexploited to leak a couple of bytes after the buffer that holds the\npattern string.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.1.28-2+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 1.1.29-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.29-2.\n\nWe recommend that you upgrade your libxslt packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-08T21:41:31", "type": "debian", "title": "[SECURITY] [DSA 3709-1] libxslt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2016-11-08T21:41:31", "id": "DEBIAN:DSA-3709-1:8E6EB", "href": "https://lists.debian.org/debian-security-announce/2016/msg00292.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-23T21:47:03", "description": "Package : libxslt\nVersion : 1.1.26-14.1+deb7u2\nCVE ID : CVE-2016-4738\nDebian Bug : 842570\n\nA heap overread bug was found in libxslt, which can cause arbitrary\ncode execution or denial of service.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.1.26-14.1+deb7u2.\n\nWe recommend that you upgrade your libxslt packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-05T13:34:15", "type": "debian", "title": "[SECURITY] [DLA 700-1] libxslt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2016-11-05T13:34:15", "id": "DEBIAN:DLA-700-1:181E4", "href": "https://lists.debian.org/debian-lts-announce/2016/11/msg00008.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:07:42", "description": "Package : libxslt\nVersion : 1.1.26-14.1+deb7u2\nCVE ID : CVE-2016-4738\nDebian Bug : 842570\n\nA heap overread bug was found in libxslt, which can cause arbitrary\ncode execution or denial of service.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.1.26-14.1+deb7u2.\n\nWe recommend that you upgrade your libxslt packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-05T13:34:15", "type": "debian", "title": "[SECURITY] [DLA 700-1] libxslt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2016-11-05T13:34:15", "id": "DEBIAN:DLA-700-1:98A8E", "href": "https://lists.debian.org/debian-lts-announce/2016/11/msg00008.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2023-12-06T15:37:42", "description": "Arch Linux Security Advisory ASA-201611-2\n=========================================\n\nSeverity: Critical\nDate : 2016-11-01\nCVE-ID : CVE-2016-4658 CVE-2016-5131\nPackage : libxml2\nType : arbitrary code execution\nRemote : Yes\nLink : https://wiki.archlinux.org/index.php/CVE\n\nSummary\n=======\n\nThe package libxml2 before version 2.9.4+12+ge905f08-1 is vulnerable to\narbitrary code execution.\n\nResolution\n==========\n\nUpgrade to 2.9.4+12+ge905f08-1.\n\n# pacman -Syu \"libxml2>=2.9.4+12+ge905f08-1\"\n\nThe problems have been fixed upstream but no release is available yet.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2016-4658 (arbitrary code execution)\n\nA use-after-free vulnerability via namespace nodes in XPointer ranges\nwas found in libxml2.\n\n- CVE-2016-5131 (arbitrary code execution)\n\nBugs in xmlXPathEvalExpr and xmlXPtrRangeToFunction can lead to a use-\nafter-free and allow control of the instruction pointer.\n\nImpact\n======\n\nA remote attacker is able to use a specially crafted XPath payload to\nexecute arbitrary code.\n\nReferences\n==========\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1384424\nhttps://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b\nhttps://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=623378\nhttps://access.redhat.com/security/cve/CVE-2016-4658\nhttps://access.redhat.com/security/cve/CVE-2016-5131", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-01T00:00:00", "type": "archlinux", "title": "[ASA-201611-2] libxml2: arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131"], "modified": "2016-11-01T00:00:00", "id": "ASA-201611-2", "href": "https://security.archlinux.org/ASA-201611-2", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "veracode": [{"lastseen": "2023-04-18T16:13:02", "description": "nokogiri has a copied version of the libxml2 library. The copy that nokogiri includes is vulnerable to the following issues: 1\\. CVE-2016-4658 - Use after free vulnerability via the namespace nodes in XPointer 2\\. CVE-2016-5131 - Use-after-free vulnerability via the XPointer range-to function.\n", "cvss3": {}, "published": "2017-03-23T01:10:27", "type": "veracode", "title": "Copy-Paste Vulnerability (CPV) Through Libxml2", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2016-4658", "CVE-2016-5131"], "modified": "2018-08-01T04:01:15", "id": "VERACODE:3746", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3746/summary", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2022-07-21T08:12:48", "description": "\n* [CVE-2016-4658](https://security-tracker.debian.org/tracker/CVE-2016-4658)\nNamespace nodes must be copied to avoid use-after-free errors.\n But they don't necessarily have a physical representation in a\n document, so simply disallow them in XPointer ranges.\n* [CVE-2016-5131](https://security-tracker.debian.org/tracker/CVE-2016-5131)\nThe old code would invoke the broken xmlXPtrRangeToFunction.\n range-to isn't really a function but a special kind of\n location step. Remove this function and always handle range-to\n in the XPath code.\n The old xmlXPtrRangeToFunction could also be abused to trigger\n a use-after-free error with the potential for remote code\n execution.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n2.8.0+dfsg1-7+wheezy7.\n\n\nWe recommend that you upgrade your libxml2 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-31T00:00:00", "type": "osv", "title": "libxml2 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5131", "CVE-2016-4658"], "modified": "2022-07-21T05:54:43", "id": "OSV:DLA-691-1", "href": "https://osv.dev/vulnerability/DLA-691-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-21T08:12:45", "description": "\nA heap overread bug was found in libxslt, which can cause arbitrary\ncode execution or denial of service.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n1.1.26-14.1+deb7u2.\n\n\nWe recommend that you upgrade your libxslt packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-05T00:00:00", "type": "osv", "title": "libxslt - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2022-07-21T05:54:43", "id": "OSV:DLA-700-1", "href": "https://osv.dev/vulnerability/DLA-700-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-04-11T01:25:48", "description": "xpointer.c in libxml2 before 2.9.5 (as used in nokogiri before 1.7.1 amongst other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-21T19:03:26", "type": "osv", "title": "Nokogiri does not forbid namespace nodes in XPointer ranges", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658"], "modified": "2023-04-11T01:25:44", "id": "OSV:GHSA-FR52-4HQW-P27F", "href": "https://osv.dev/vulnerability/GHSA-fr52-4hqw-p27f", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "rubygems": [{"lastseen": "2023-12-02T20:45:58", "description": "Nokogiri version 1.7.1 has been released, pulling in several upstream\npatches to the vendored libxml2 to address the following CVEs:\n\nCVE-2016-4658\nCVSS v3 Base Score: 9.8 (Critical)\nlibxml2 in Apple iOS before 10, OS X before 10.12, tvOS before 10, and\nwatchOS before 3 allows remote attackers to execute arbitrary code or cause\na denial of service (memory corruption) via a crafted XML document.\n\nCVE-2016-5131\nCVSS v3 Base Score: 8.8 (HIGH)\nUse-after-free vulnerability in libxml2 through 2.9.4, as used in Google\nChrome before 52.0.2743.82, allows remote attackers to cause a denial of\nservice or possibly have unspecified other impact via vectors related to\nthe XPointer range-to function.\n", "cvss3": {}, "published": "2017-03-10T21:00:00", "type": "rubygems", "title": "Nokogiri gem contains several vulnerabilities in libxml2 and libxslt", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2016-4658", "CVE-2016-4658", "CVE-2016-5131"], "modified": "2017-03-10T21:00:00", "id": "RUBY:NOKOGIRI-2016-4658", "href": "https://rubysec.com/advisories/2016-4658/", "cvss": {"score": 0.0, "vector": "NONE"}}], "cloudfoundry": [{"lastseen": "2023-12-06T16:48:45", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nIt was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. ([CVE-2016-4448](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-4448>))\n\nIt was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-4658](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-4658>))\n\nNick Wellnhofer discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-5131](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-5131>))\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including: \n * 3151.x versions prior to 3151.14\n * 3233.x versions prior to 3233.16\n * 3263.x versions prior to 3263.22\n * 3312.x versions prior to 3312.22\n * 3363.x versions prior to 3363.14\n * All other stemcells not listed.\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.108.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH stemcells: \n * Upgrade 3151.x versions to 3151.14 or later\n * Upgrade 3233.x versions to 3233.16 or later\n * Upgrade 3263.x versions to 3263.22 or later\n * Upgrade 3312.x versions to 3312.22 or later\n * Upgrade 3363.x versions to 3363.14 or later\n * All other stemcells should be upgraded to the latest version.\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 versions 1.108.0 or later.\n\n# References\n\n * [USN-3235-1](<http://www.ubuntu.com/usn/usn-3235-1/>)\n * [CVE-2016-4448](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-4448>)\n * [CVE-2016-4658](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-4658>)\n * [CVE-2016-5131](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-5131>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-31T00:00:00", "type": "cloudfoundry", "title": "USN-3235-1: libxml2 vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4448", "CVE-2016-4658", "CVE-2016-5131"], "modified": "2017-03-31T00:00:00", "id": "CFOUNDRY:7021C5270A461D6FC34DE4CA651C34EE", "href": "https://www.cloudfoundry.org/blog/usn-3235-1/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T22:54:43", "description": "With the release of macOS Sierra 10.12 Tuesday, Apple snuffed out dozens of lingering security vulnerabilities in OS X El Capitan and Yosemite. Along with updates to its OS, Apple addressed security bugs in its Safari web browser and macOS Server in separate security bulletins, also released Tuesday.\n\nSixty-eight security issues were tackled with the release of macOS Sierra 10.12. Bugs ranged from a critical audio vulnerability (CVE-2016-4702) that allowed a remote attacker to execute arbitrary code, to a kernel flaw (CVE-2016-4778) that allowed applications to execute arbitrary code giving an attacker kernel privileges.\n\nMore than 16 security patches addressed issues related to El Capitan\u2019s implementation of Apache and its \u201capache_mod_php\u201d module used for interpreting PHP code. The most significant of the \u201capache_mod_php\u201d security issues could lead to unexpected application termination or arbitrary code execution, according to [the Apple advisory](<https://support.apple.com/en-us/HT207170>).\n\nRoughly 19 of the OS X patches address vulnerabilities that could ultimately lead to code execution. Five code-execution issues, Apple said, could trigger a denial of service and 12 related security issues were fixed that permitted an application to execute arbitrary code, also with kernel privileges.\n\nOne Bluetooth vulnerability (CVE-2016-4703) allowed an attacker to use an application to execute arbitrary code with kernel privileges. The flaw was tied to a memory corruption issue that Apple says was addressed through improved input validation.\n\nAlso on Tuesday, Apple separately shipped Safari 10 as an upgrade for those running Yosemite or El Capitan. The release addressed [21 security issues](<https://support.apple.com/en-us/HT207157>) lingering in previous versions of Safari.\n\nA swath of memory corruption bugs tied to Safari WebKit were patched, and each allowed an attacker to use maliciously crafted web content to trigger arbitrary code execution. Five other WebKit vulnerabilities were patched and tied to certificate validation and parsing issues.\n\nAlso fixed with the release of Safari 10 is a Safari Tabs vulnerability (CVE-2016-4751) that could allow an attacker to spoof the browser\u2019s address bar just by a user visiting a malicious website. Another bug was fixed in Safari Reader (CVE-2016-4618) that allowed a maliciously crafted webpage to lead to a universal cross site scripting vulnerability.\n\nApple\u2019s macOS Server also received security updates [with the release of Server 5.2](<https://support.apple.com/en-us/HT207171>). The update included only two fixes. One (CVE-2016-4694) that allowed a remote attacker to proxy traffic through an arbitrary server. The second (CVE-2016-4754) made it easy for an attacker to exploit weaknesses in the RC4 cryptographic algorithm.\n", "cvss3": {}, "published": "2016-09-20T17:14:52", "type": "threatpost", "title": "Apple Squashes 68 Security Bugs With Sierra Release", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2016-4618", "CVE-2016-4694", "CVE-2016-4702", "CVE-2016-4703", "CVE-2016-4751", "CVE-2016-4754", "CVE-2016-4778"], "modified": "2016-09-20T21:14:52", "id": "THREATPOST:84BEB71356589C603FD187DD0D85903E", "href": "https://threatpost.com/apple-squashes-68-security-bugs-with-sierra-release/120738/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mageia": [{"lastseen": "2023-12-08T20:54:10", "description": "The webkit2 package has been updated to version 2.14.5, fixing several security issues and other bugs. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2017-03-02T18:11:17", "type": "mageia", "title": "Updated webkit2 packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4611", "CVE-2016-4613", "CVE-2016-4657", "CVE-2016-4666", "CVE-2016-4692", "CVE-2016-4707", "CVE-2016-4728", "CVE-2016-4729", "CVE-2016-4730", "CVE-2016-4731", "CVE-2016-4733", "CVE-2016-4734", "CVE-2016-4735", "CVE-2016-4743", "CVE-2016-4758", "CVE-2016-4759", "CVE-2016-4760", "CVE-2016-4761", "CVE-2016-4762", "CVE-2016-4764", "CVE-2016-4765", "CVE-2016-4766", "CVE-2016-4767", "CVE-2016-4768", "CVE-2016-4769", "CVE-2016-7578", "CVE-2016-7586", "CVE-2016-7587", "CVE-2016-7589", "CVE-2016-7592", "CVE-2016-7598", "CVE-2016-7599", "CVE-2016-7610", "CVE-2016-7611", "CVE-2016-7623", "CVE-2016-7632", "CVE-2016-7635", "CVE-2016-7639", "CVE-2016-7640", "CVE-2016-7641", "CVE-2016-7642", "CVE-2016-7645", "CVE-2016-7646", "CVE-2016-7648", "CVE-2016-7649", "CVE-2016-7652", "CVE-2016-7654", "CVE-2016-7656", "CVE-2017-2350", "CVE-2017-2354", "CVE-2017-2355", "CVE-2017-2356", "CVE-2017-2362", "CVE-2017-2363", "CVE-2017-2364", "CVE-2017-2365", "CVE-2017-2366", "CVE-2017-2369", "CVE-2017-2371", "CVE-2017-2373"], "modified": "2017-03-02T18:11:17", "id": "MGASA-2017-0069", "href": "https://advisories.mageia.org/MGASA-2017-0069.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T16:56:00", "description": "A heap overread bug was found in libxslt, which can cause arbitrary code execution or denial of service (CVE-2016-4738). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-22T01:18:01", "type": "mageia", "title": "Updated libxslt packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2016-11-22T01:18:01", "id": "MGASA-2016-0394", "href": "https://advisories.mageia.org/MGASA-2016-0394.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhatcve": [{"lastseen": "2021-09-02T22:52:59", "description": "libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-26T08:17:25", "type": "redhatcve", "title": "CVE-2016-4738", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2020-08-18T14:02:28", "id": "RH:CVE-2016-4738", "href": "https://access.redhat.com/security/cve/cve-2016-4738", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T12:03:34", "description": "This article translated from:\n\n * http://mksben.l0.cm/2016/09/safari-uxss-showModalDialog.html \uff08English version\uff09\n * http://masatokinugawa.l0.cm/2016/09/safari-uxss-showModalDialog.html \uff08Japanese version\uff09\n\nAuthor\uff1a**Masato Kinugawa**\n\nTranslator: **Holic (know Chong Yu 404 security lab)**\n\nTranslator's note: as the translation date, the Japanese version and updated some content, this article is based on the English version of the original translation, part of the increase in the content of the turn from the Japanese original Edition.\n\nThe present article share the Safari UXSS Vulnerability, CVE-2016-4758 about the details of the vulnerability in Safari 10 to be repaired.\n\nOfficial link: https://support.apple.com/en-us/HT207157\n\n> WebKit Available for: OS X Yosemite v10. 10. 5, OS X Yosemite v10. 11. 6, and macOS Sierra 10.12 Impact: Visiting a maliciously crafted website may leak sensitive data Description: A permissions issue existed in the handling of the location variable. This was addressed though the additional ownership checks. CVE-2016-4758: Masato Kinugawa of Cure53\n\nVulnerability conditions for reference, the mobile version of Safari is not affected by the vulnerabilities, because there is no `showModalDialog `method. IE showModalDialog possible to use the XSS protection mechanism, related to the content you can refer to the following link: http://masatokinugawa.l0.cm/2015/06/xss6.html\n\nOriginal author's note:\n\n> By the way,on finishing a blog surrounding the behavior, noticed a more serious problem, the following started to write is this\u201dserious problem\u201c\n\n### The exploit conditions\n\nIn exploit this vulnerability prior to attack, there are two prerequisites: 1\\. The target page using the JavaScript Guide to the relative URL. Such as `location=\"/\"`, `window. open(\"/\",\"_blank\", a`) 2\\. Jump on page load after\n\nThe original author set up a test page: https://vulnerabledoma.in/safari_uxss_showModalDialog/target.html\n\n`javascript the <script> function go_top(){ location=\"/index.html\"; } </script> <button onclick=go_top()>Top Page</button>` This page is for the user to click on\"Top Page\"of the time jump to https://vulnerabledoma.in/index.html the. I think pages like this are everywhere, and in this case we can use this BUG to expand the XSS attack.\n\n### Vulnerability details\n\nNow use `the showModalDialog `method. The following page in the modal dialog\uff08mode window opens.\n\nhttps://l0.cm/safari_uxss_showModalDialog/example.html\n\n`javascript the <script> function go(){ showModalDialog(\"https://vulnerabledoma.in/safari_uxss_showModalDialog/target.html\"); } </script> <button onclick=go()>go</button>` Click on the\u201dTop Page\u201cbutton after the modal dialog what happens? Needless to say, will visit https://vulnerabledoma.in/index.html the.\n\nHowever in Safari but not the same. Safari unexpectedly jump to the https://l0.cm/index.html page to go to. Obviously Safari to be confused with the parent window and the modal window base address.\n\nIn this case, the relative URL contains the private information case, you can use independent pages to obtain private information. `javascript the <script> function navigation(){ location=\"/test? token=abb29ad9adda09\";//get the private information } </script> <button onclick=navigation()>Click</button>` This is very dangerous behavior, there may also be further carried out XSS attacks.\n\n\uff08Side note: this behavior only exists in the JavaScript navigation API, such as`<a>`tag and `xhr. open(\"GET\",[URL]) ` use the correct URL.\uff09\n\n### Extended XSS attacks\n\nAccording to [html5sec. org#42](<https://html5sec.org/#42>), Safari allows `javascript: ` URL set to the base tag. Therefore, if the `javascript `tag is set to the parent page's base tag, it will lead to XSS vulnerabilities.\n\nMy conjecture was confirmed. The following is the final PoC of:\n\nhttps://l0.cm/safari_uxss_showModalDialog/ `javascript <! DOCTYPE html> the <html> the <head> <base href=\"javascript://%0Aalert%28document. domain%29%2F/\"> </head> the <body> the <script> function go(){ showModalDialog(\"http://vulnerabledoma.in/safari_uxss_showModalDialog/target.html\"); } </script> <button onclick=go()>go</button> </body> </html>` The normal case, click\"Top Page\"button, you will see the alert session window as follows:\n\n\n\nYay!\n\n### Summary\n\nThe original authors 2015 June 15 report of this vulnerability, before this bug has been in WebKit in there for over a year.\n", "cvss3": {}, "published": "2016-09-27T00:00:00", "type": "seebug", "title": "Safari the showModalDialog method UXSS vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2016-4758"], "modified": "2016-09-27T00:00:00", "id": "SSV:92439", "href": "https://www.seebug.org/vuldb/ssvid-92439", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "debiancve": [{"lastseen": "2023-12-06T18:24:13", "description": "libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "debiancve", "title": "CVE-2016-4738", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4738"], "modified": "2016-09-25T10:59:00", "id": "DEBIANCVE:CVE-2016-4738", "href": "https://security-tracker.debian.org/tracker/CVE-2016-4738", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:24:12", "description": "xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-09-25T10:59:00", "type": "debiancve", "title": "CVE-2016-4658", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658"], "modified": "2016-09-25T10:59:00", "id": "DEBIANCVE:CVE-2016-4658", "href": "https://security-tracker.debian.org/tracker/CVE-2016-4658", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "zdi": [{"lastseen": "2023-12-08T21:06:35", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of HTMLVideoElement objects. By manipulating a document's elements an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-09-27T00:00:00", "type": "zdi", "title": "Apple Safari HTMLVideoElement Use-After-Free Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4768"], "modified": "2016-09-27T00:00:00", "id": "ZDI-16-527", "href": "https://www.zerodayinitiative.com/advisories/ZDI-16-527/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2023-12-06T19:02:01", "description": "## Summary\n\nIBM QRadar Network Security is affected by a vulnerability in the libxml2 library that may allow arbitrary code execution. IBM QRadar Network Security has addressed this issue with a firmware update.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2016-4658](<https://vulners.com/cve/CVE-2016-4658>) \n** DESCRIPTION: **The libxml2 library, as used in multiple products, could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. An attacker could exploit this vulnerability using a specially crafted XML document to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/117175](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117175>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM QRadar Network Security 5.4.0\n\nIBM QRadar Network Security 5.5.0\n\n \n\n\n## Remediation/Fixes\n\nIBM recommends customers update their systems promptly. \n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|--- \n \nIBM QRadar Network Security\n\n| \n\n5.4.0\n\n| \n\nInstall Firmware 5.4.0.15 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \nOr \nDownload Firmware 5.4.0.15 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \n \nIBM QRadar Network Security\n\n| \n\n5.5.0\n\n| \n\nInstall Firmware 5.5.0.10 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \nOr \nDownload Firmware 5.5.0.10 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-31T03:36:56", "type": "ibm", "title": "Security Bulletin: IBM QRadar Network Security is affected by an arbitrary code execution vulnerability (CVE-2016-4658)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658"], "modified": "2022-03-31T03:36:56", "id": "938A2435D51685065A4FCD1E8643575561B07A46318CFDB90554FC541A3EA3C4", "href": "https://www.ibm.com/support/pages/node/6568207", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:34:45", "description": "## Summary\n\nThe libxml2 library is not used directly by IBM App Connect Enterprise Certified Container but is included in the operating system packages in the operator and operand images. IBM App Connect Enterprise Certified Container operator and operand images may be vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported vulnerability [CVE-2016-4658] in libxml2.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2016-4658](<https://vulners.com/cve/CVE-2016-4658>) \n** DESCRIPTION: **The libxml2 library, as used i