Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2016-4608
HistoryJul 22, 2016 - 12:00 a.m.

CVE-2016-4608

2016-07-2200:00:00
ubuntu.com
ubuntu.com
7

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.047 Low

EPSS

Percentile

92.5%

JSON

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before
12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and
watchOS before 2.2.2 allows remote attackers to cause a denial of service
(memory corruption) or possibly have unspecified other impact via unknown
vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609,
CVE-2016-4610, and CVE-2016-4612.

Notes

Author Note
sbeattie may be https://bugzilla.gnome.org/show_bug.cgi?id=765380 or https://bugzilla.gnome.org/show_bug.cgi?id=765271 and possibly addressed in 1.1.29; similar for CVE-2016-4612. fixes would be: https://git.gnome.org/browse/libxslt/commit/?id=5d0c6565bab5b9b7efceb33b626916d22b4101a7 https://git.gnome.org/browse/libxslt/commit/?id=d8862309f08054218b28e2c8f5fb3cb2f650cac7 given the above, these were fixed in the upstream 1.1.29 release
sbettie incorporated patches into USN 3271-1
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlibxslt< 1.1.26-8ubuntu1.4UNKNOWN
ubuntu14.04noarchlibxslt< 1.1.28-2ubuntu0.1UNKNOWN
ubuntu16.04noarchlibxslt< 1.1.28-2.1ubuntu0.1UNKNOWN

Related

prion 5
cve 5
ubuntucve 3
debiancve 3
redhatcve 4
nessus 11
openvas 7
rosalinux 1
fedora 1
osv 1
debian 1
apple 12
tenable 1
prion
prion
Memory corruption
2016-07-22 02:59:00
Memory corruption
2016-07-22 02:59:00
Memory corruption
2016-07-22 02:59:00
cve
cve
CVE-2016-4609
2016-07-22 02:59:00
CVE-2016-4607
2016-07-22 02:59:00
CVE-2016-4608
2016-07-22 02:59:00
ubuntucve
ubuntucve
CVE-2016-4607
2016-07-22 00:00:00
CVE-2016-4610
2016-07-22 00:00:00
CVE-2016-4609
2016-07-22 00:00:00
debiancve
debiancve
CVE-2016-4608
2016-07-22 02:59:00
CVE-2016-4609
2016-07-22 02:59:00
CVE-2016-4610
2016-07-22 02:59:00
redhatcve
redhatcve
CVE-2016-4609
2019-05-29 10:53:16
CVE-2016-4608
2019-05-29 10:52:20
CVE-2016-4607
2019-05-29 10:50:38
nessus
nessus
EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2627)
2019-12-18 00:00:00
EulerOS 2.0 SP2 : libxslt (EulerOS-SA-2019-2519)
2019-12-04 00:00:00
Fedora 30 : mingw-libxslt (2019-320d5295fc)
2019-06-19 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2627)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2519)
2020-01-23 00:00:00
Fedora Update for mingw-libxslt FEDORA-2019-320d5295fc
2019-06-19 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1906
2021-07-02 17:26:03
fedora
fedora
[SECURITY] Fedora 30 Update: mingw-libxslt-1.1.33-1.fc30
2019-06-18 18:15:35
osv
osv
libxslt - security update
2019-07-22 00:00:00
debian
debian
[SECURITY] [DLA 1860-1] libxslt security update
2019-07-22 16:16:47
apple
apple
About the security content of iCloud for Windows 5.2.1 - Apple Support
2017-06-10 11:43:45
About the security content of iTunes 12.4.2 for Windows - Apple Support
2017-06-10 11:47:52
About the security content of iCloud for Windows 5.2.1
2016-07-18 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.047 Low

EPSS

Percentile

92.5%

JSON
Related for UB:CVE-2016-4608
prion5cve5ubuntucve3debiancve3redhatcve4nessus11openvas7rosalinux1fedora1osv1debian1apple12tenable1