Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2016-4607
HistoryJul 22, 2016 - 12:00 a.m.

CVE-2016-4607

2016-07-2200:00:00
ubuntu.com
ubuntu.com
10

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.047 Low

EPSS

Percentile

92.5%

JSON

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before
12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and
watchOS before 2.2.2 allows remote attackers to cause a denial of service
(memory corruption) or possibly have unspecified other impact via unknown
vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609,
CVE-2016-4610, and CVE-2016-4612.

Notes

Author Note
mdeslaur per Nick Wellnhofer, possibly one of these commits: https://git.gnome.org/browse/libxslt/commit/?id=ef7429bb4f1433726cc8fc4fe3d134d8a439fab1 https://git.gnome.org/browse/libxslt/commit/?id=93bb314768aafaffad1df15bbee10b7c5423e283 https://git.gnome.org/browse/libxslt/commit/?id=8b90c9a699e0eaa98bbeec63a473ddc73aaa238c https://git.gnome.org/browse/libxslt/commit/?id=87c3d9ea214fc0503fd8130b6dd97431d69cc066
sbeattie given the above, these were fixed in the upstream 1.1.29 release incorporated patches into USN 3271-1
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlibxslt< 1.1.26-8ubuntu1.4UNKNOWN
ubuntu14.04noarchlibxslt< 1.1.28-2ubuntu0.1UNKNOWN
ubuntu16.04noarchlibxslt< 1.1.28-2.1ubuntu0.1UNKNOWN

Related

prion 5
cve 5
ubuntucve 3
debiancve 3
redhatcve 4
nessus 11
openvas 7
rosalinux 1
fedora 1
osv 1
debian 1
apple 12
tenable 1
prion
prion
Memory corruption
2016-07-22 02:59:00
Memory corruption
2016-07-22 02:59:00
Memory corruption
2016-07-22 02:59:00
cve
cve
CVE-2016-4609
2016-07-22 02:59:00
CVE-2016-4607
2016-07-22 02:59:00
CVE-2016-4610
2016-07-22 02:59:00
ubuntucve
ubuntucve
CVE-2016-4608
2016-07-22 00:00:00
CVE-2016-4609
2016-07-22 00:00:00
CVE-2016-4610
2016-07-22 00:00:00
debiancve
debiancve
CVE-2016-4608
2016-07-22 02:59:00
CVE-2016-4609
2016-07-22 02:59:00
CVE-2016-4610
2016-07-22 02:59:00
redhatcve
redhatcve
CVE-2016-4608
2019-05-29 10:52:20
CVE-2016-4610
2019-05-29 10:51:20
CVE-2016-4607
2019-05-29 10:50:38
nessus
nessus
EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2627)
2019-12-18 00:00:00
EulerOS 2.0 SP2 : libxslt (EulerOS-SA-2019-2519)
2019-12-04 00:00:00
Fedora 30 : mingw-libxslt (2019-320d5295fc)
2019-06-19 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2627)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2519)
2020-01-23 00:00:00
Fedora Update for mingw-libxslt FEDORA-2019-320d5295fc
2019-06-19 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1906
2021-07-02 17:26:03
fedora
fedora
[SECURITY] Fedora 30 Update: mingw-libxslt-1.1.33-1.fc30
2019-06-18 18:15:35
osv
osv
libxslt - security update
2019-07-22 00:00:00
debian
debian
[SECURITY] [DLA 1860-1] libxslt security update
2019-07-22 16:16:47
apple
apple
About the security content of iCloud for Windows 5.2.1 - Apple Support
2017-06-10 11:43:45
About the security content of iTunes 12.4.2 for Windows
2016-07-18 00:00:00
About the security content of iTunes 12.4.2 for Windows - Apple Support
2017-06-10 11:47:52
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.047 Low

EPSS

Percentile

92.5%

JSON
Related for UB:CVE-2016-4607
prion5cve5ubuntucve3debiancve3redhatcve4nessus11openvas7rosalinux1fedora1osv1debian1apple12tenable1