Sign-up

ID

VAR-201605-0425


CVE

CVE-2016-1855


TITLE

Apple Used in products Webkit Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-002797

DESCRIPTION

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1856, and CVE-2016-1857. Apple iOS , Safari and tvOS Used in etc. Attackers can exploit these issues to execute arbitrary code and gain sensitive information. Failed exploit attempts may result in a denial-of-service condition. Apple iOS is an operating system developed for mobile devices; watchOS is an operating system for smart watches. Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-05-16-5 Safari 9.1.1 Safari 9.1.1 is now available and addresses the following: Safari Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5 Impact: A user may be unable to fully delete browsing history Description: "Clear History and Website Data" did not clear the history. The issue was addressed through improved data deletion. CVE-ID CVE-2016-1849 : Adham Ghrayeb WebKit Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5 Impact: Visiting a malicious website may disclose data from another website Description: An insufficient taint tracking issue in the parsing of svg images was addressed through improved taint tracking. CVE-ID CVE-2016-1858 : an anonymous researcher WebKit Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1854 : Anonymous working with Trend Micro's Zero Day Initiative CVE-2016-1855 : Tongbo Luo and Bo Qu of Palo Alto Networks CVE-2016-1856 : lokihardt working with Trend Micro's Zero Day Initiative CVE-2016-1857 : Jeonghoon Shin@A.D.D, Liang Chen, Zhen Feng, wushi of KeenLab, Tencent working with Trend Micro's Zero Day Initiative WebKit Canvas Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1859 : Liang Chen, wushi of KeenLab, Tencent working with Trend Micro's Zero Day Initiative Safari 9.1.1 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXOj0LAAoJEIOj74w0bLRGg00P/15+B1ltGhgazsTVc8eZVaC+ LVe24/wN8yTv8I5N23JLFRcMopJj7GFSEU+ApYvgkgw2U3w5sku7Vz0scG2YYHca ubfUP3GdIsNlgaDMUvBCS3dUyzbK85AYZHhcAvQ4nL60Ttjk2wi9YpnKuY7eTEwi GnMmfuRdmsN6pEIUofCrwtYw2zC4Yte/iyxZSc9vQthqjLqn992FBrWZO6NLnhK8 P1NusAo/Eby/Z8xftS+foHGEcZg2zuKDkJsoHgN+HwiuO8bdiA9ZeqbH2iQIymbo N/PRIP2E1W/RXFodit16oA3PjoHs813WOyoc85mG8yLNOoLXcdpSWqosDKUhrXsF FL4H+O0XCUUDEzYr+kyqj+tvNn3UwnNEcW6ZgyrWBU2w93CG1MpR9eTr4o/xxLd3 2gN4mj8PvK/Or2TVKFBB5rRb+SIKjPqrDyB/NJyqnaLurnuEYjMZv7nM6U3HDFql XxZ3b3jq0uoBXOAAiSm1g6MFgcjkZLcvM55CkljQha5SKCgrUnZ52jsDPqXGfNL7 CUcTUQ8VTtXknASYo6c1dOZs0snCkHNK84iFZdELwQz8t4R6ERH0YmV8yuplqOe2 SoYDJig8OkfdQK3HaL6MTNn7flwAsb/YV17nVYZxINYbkF88ticAH4l/KuCPQyXL 6xvn35QzPS6xQsexYsbi =Ybx7 -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2016-1855 // JVNDB: JVNDB-2016-002797 // BID: 90689 // VULHUB: VHN-90674 // VULMON: CVE-2016-1855 // PACKETSTORM: 137089

AFFECTED PRODUCTS

vendor:applemodel:tvosscope:ltversion:9.2.1

Trust: 1.0

vendor:applemodel:safariscope:ltversion:9.1.1

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:9.3.2

Trust: 1.0

vendor:applemodel:iosscope:ltversion:9.3.2 (ipad 2 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3.2 (iphone 4s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3.2 (ipod touch first 5 after generation )

Trust: 0.8

vendor:applemodel:safariscope:ltversion:9.1.1 (os x el capitan v10.11.5)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:9.1.1 (os x mavericks v10.9.5)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:9.1.1 (os x yosemite v10.10.5)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:9.2.1 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:9.3.1

Trust: 0.6

vendor:applemodel:safariscope:eqversion:9.1

Trust: 0.6

vendor:applemodel:tvscope:eqversion:9.2

Trust: 0.6

vendor:webkitmodel:open source project webkitscope:eqversion:0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.6

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.2.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.7

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

sources: BID: 90689 // JVNDB: JVNDB-2016-002797 // CNNVD: CNNVD-201605-474 // NVD: CVE-2016-1855

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-1855
value: HIGH

Trust: 1.0

NVD: CVE-2016-1855
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201605-474
value: HIGH

Trust: 0.6

VULHUB: VHN-90674
value: MEDIUM

Trust: 0.1

VULMON: CVE-2016-1855
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-1855
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-90674
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-1855
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-90674 // VULMON: CVE-2016-1855 // JVNDB: JVNDB-2016-002797 // CNNVD: CNNVD-201605-474 // NVD: CVE-2016-1855

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-90674 // JVNDB: JVNDB-2016-002797 // NVD: CVE-2016-1855

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-474

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201605-474

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-002797

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2016-05-16-5 Safari 9.1.1url:http://lists.apple.com/archives/security-announce/2016/May/msg00005.html
Trust: 0.8
title:APPLE-SA-2016-05-16-2 iOS 9.3.2url:http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
Trust: 0.8
title:APPLE-SA-2016-05-16-1 tvOS 9.2.1url:http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
Trust: 0.8
title:HT206565url:https://support.apple.com/en-us/HT206565
Trust: 0.8
title:HT206568url:https://support.apple.com/en-us/HT206568
Trust: 0.8
title:HT206564url:https://support.apple.com/en-us/HT206564
Trust: 0.8
title:HT206564url:https://support.apple.com/ja-jp/HT206564
Trust: 0.8
title:HT206565url:https://support.apple.com/ja-jp/HT206565
Trust: 0.8
title:HT206568url:https://support.apple.com/ja-jp/HT206568
Trust: 0.8
title:Apple iOS , watchOS , Safari WebKit Fixes for arbitrary code execution vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61788
Trust: 0.6
title:Awesome CVE PoCurl:https://github.com/lnick2023/nicenice 
Trust: 0.1
title:Awesome CVE PoCurl:https://github.com/xbl3/awesome-cve-poc_qazbnm456 
Trust: 0.1
title:Awesome CVE PoCurl:https://github.com/qazbnm456/awesome-cve-poc 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2016-1855 // 
            
            
            
            JVNDB: JVNDB-2016-002797 // 
            
            
            
            CNNVD: CNNVD-201605-474

EXTERNAL IDS
db:NVDid:CVE-2016-1855
Trust: 3.0
db:SECTRACKid:1035888
Trust: 1.8
db:JVNid:JVNVU91632741
Trust: 0.8
db:JVNDBid:JVNDB-2016-002797
Trust: 0.8
db:CNNVDid:CNNVD-201605-474
Trust: 0.7
db:BIDid:90689
Trust: 0.4
db:VULHUBid:VHN-90674
Trust: 0.1
db:VULMONid:CVE-2016-1855
Trust: 0.1
db:PACKETSTORMid:137089
Trust: 0.1
sources:
            
            
            VULHUB: VHN-90674 // 
            
            
            
            VULMON: CVE-2016-1855 // 
            
            
            
            BID: 90689 // 
            
            
            
            JVNDB: JVNDB-2016-002797 // 
            
            
            
            PACKETSTORM: 137089 // 
            
            
            
            CNNVD: CNNVD-201605-474 // 
            
            
            
            NVD: CVE-2016-1855

REFERENCES
url:http://lists.apple.com/archives/security-announce/2016/may/msg00001.html
Trust: 1.8
url:http://lists.apple.com/archives/security-announce/2016/may/msg00002.html
Trust: 1.8
url:http://lists.apple.com/archives/security-announce/2016/may/msg00005.html
Trust: 1.8
url:http://www.securityfocus.com/archive/1/538522/100/0/threaded
Trust: 1.8
url:https://support.apple.com/ht206564
Trust: 1.8
url:https://support.apple.com/ht206565
Trust: 1.8
url:https://support.apple.com/ht206568
Trust: 1.8
url:http://www.securitytracker.com/id/1035888
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1855
Trust: 0.8
url:http://jvn.jp/vu/jvnvu91632741/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1855
Trust: 0.8
url:http://www.apple.com/ios/
Trust: 0.3
url:http://www.apple.com/safari/download/
Trust: 0.3
url:http://www.apple.com/ipad/
Trust: 0.3
url:http://www.apple.com/iphone/
Trust: 0.3
url:http://www.apple.com/ipodtouch/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/90689
Trust: 0.1
url:https://github.com/lnick2023/nicenice
Trust: 0.1
url:https://github.com/qazbnm456/awesome-cve-poc
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1854
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1856
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1855
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1849
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1859
Trust: 0.1
url:http://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1857
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1858
Trust: 0.1
sources:
            
            
            VULHUB: VHN-90674 // 
            
            
            
            VULMON: CVE-2016-1855 // 
            
            
            
            BID: 90689 // 
            
            
            
            JVNDB: JVNDB-2016-002797 // 
            
            
            
            PACKETSTORM: 137089 // 
            
            
            
            CNNVD: CNNVD-201605-474 // 
            
            
            
            NVD: CVE-2016-1855

CREDITS
Anonymous working with Trend Micro's Zero Day Initiative, Tongbo Luo and Bo Qu of Palo Alto Networks, lokihardt working with Trend Micro's Zero Day Initiative, Jeonghoon Shin@A.D.D, Liang Chen, Zhen Feng, wushi of KeenLab, Tencent working with Trend Micro'
Trust: 0.3
sources:
            
            
            BID: 90689

SOURCES
db:VULHUBid:VHN-90674
db:VULMONid:CVE-2016-1855
db:BIDid:90689
db:JVNDBid:JVNDB-2016-002797
db:PACKETSTORMid:137089
db:CNNVDid:CNNVD-201605-474
db:NVDid:CVE-2016-1855

LAST UPDATE DATE
2025-04-13T19:44:46.182000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-90674date:2019-03-25T00:00:00
db:VULMONid:CVE-2016-1855date:2019-03-25T00:00:00
db:BIDid:90689date:2016-07-06T14:52:00
db:JVNDBid:JVNDB-2016-002797date:2016-05-23T00:00:00
db:CNNVDid:CNNVD-201605-474date:2019-03-13T00:00:00
db:NVDid:CVE-2016-1855date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-90674date:2016-05-20T00:00:00
db:VULMONid:CVE-2016-1855date:2016-05-20T00:00:00
db:BIDid:90689date:2016-05-16T00:00:00
db:JVNDBid:JVNDB-2016-002797date:2016-05-23T00:00:00
db:PACKETSTORMid:137089date:2016-05-17T16:10:15
db:CNNVDid:CNNVD-201605-474date:2016-05-20T00:00:00
db:NVDid:CVE-2016-1855date:2016-05-20T11:00:08.957