Sign-up

ID

VAR-201607-0332


CVE

CVE-2016-4588


TITLE

Apple tvOS Used in etc. WebKit Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-004055

DESCRIPTION

WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Apple tvOS Used in etc. WebKit is prone to an unspecified memory-corruption vulnerability. An attacker may exploit this issue by enticing victims into viewing a malicious web page. tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in WebKit in Apple tvOS versions prior to 9.2.2. =========================================================================== Ubuntu Security Notice USN-3079-1 September 14, 2016 webkit2gtk vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: JavaScript engine library from WebKitGTK+ - GObject introspection Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.12.5-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.12.5-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-3079-1 CVE-2016-1854, CVE-2016-1856, CVE-2016-1857, CVE-2016-1858, CVE-2016-1859, CVE-2016-4583, CVE-2016-4585, CVE-2016-4586, CVE-2016-4588, CVE-2016-4589, CVE-2016-4590, CVE-2016-4591, CVE-2016-4622, CVE-2016-4623, CVE-2016-4624, CVE-2016-4651 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.12.5-0ubuntu0.16.04.1 . ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2016-0005 ------------------------------------------------------------------------ Date reported : August 25, 2016 Advisory ID : WSA-2016-0005 Advisory URL : https://webkitgtk.org/security/WSA-2016-0005.html CVE identifiers : CVE-2016-4583, CVE-2016-4585, CVE-2016-4586, CVE-2016-4587, CVE-2016-4588, CVE-2016-4589, CVE-2016-4590, CVE-2016-4591, CVE-2016-4592, CVE-2016-4622, CVE-2016-4623, CVE-2016-4624, CVE-2016-4651. Several vulnerabilities were discovered in WebKitGTK+. CVE-2016-4583 Versions affected: WebKitGTK+ before 2.12.2. Credit to Roeland Krak. CVE-2016-4585 Versions affected: WebKitGTK+ before 2.12.1. Credit to Takeshi Terada of Mitsui Bussan Secure Directions, Inc. (www.mbsd.jp). Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. CVE-2016-4586 Versions affected: WebKitGTK+ before 2.12.1. CVE-2016-4587 Versions affected: WebKitGTK+ before 2.10.1. CVE-2016-4588 Versions affected: WebKitGTK+ before 2.12.3. CVE-2016-4589 Versions affected: WebKitGTK+ before 2.12.3. Credit to Tongbo Luo and Bo Qu of Palo Alto Networks. CVE-2016-4590 Versions affected: WebKitGTK+ before 2.12.4. Credit to xisigr of Tencent's Xuanwu Lab (www.tencent.com). CVE-2016-4591 Versions affected: WebKitGTK+ before 2.12.4. Credit to ma.la of LINE Corporation. CVE-2016-4592 Versions affected: WebKitGTK+ before 2.10.5. Credit to Mikhail. CVE-2016-4622 Versions affected: WebKitGTK+ before 2.12.4. Credit to Samuel Gross working with Trend Micro's Zero Day Initiative. CVE-2016-4623 Versions affected: WebKitGTK+ before 2.12.0. CVE-2016-4624 Versions affected: WebKitGTK+ before 2.12.4. CVE-2016-4651 Versions affected: WebKitGTK+ before 2.12.0. Credit to Obscure. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html The WebKitGTK+ team, August 25, 2016 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-07-18-4 tvOS 9.2.2 tvOS 9.2.2 is now available and addresses the following: CoreGraphics Available for: Apple TV (4th generation) Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex IOAcceleratorFamily Available for: Apple TV (4th generation) Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-2016-4627 : Ju Zhu of Trend Micro IOHIDFamily Available for: Apple TV (4th generation) Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins Kernel Available for: Apple TV (4th generation) Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team Kernel Available for: Apple TV (4th generation) Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent, CESG libxml2 Available for: Apple TV (4th generation) Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck libxml2 Available for: Apple TV (4th generation) Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany libxslt Available for: Apple TV (4th generation) Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire Sandbox Profiles Available for: Apple TV (4th generation) Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4586 : Apple CVE-2016-4588 : Apple CVE-2016-4589 : Tongbo Luo and Bo Qu of Palo Alto Networks CVE-2016-4622 : Samuel Gross working with Trend Microas Zero Day Initiative CVE-2016-4623 : Apple CVE-2016-4624 : Apple WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4587 : Apple WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may compromise user information on the file system Description: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks. CVE-2016-4591 : ma.la of LINE Corporation WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may disclose image data from another website Description: A timing issue existed in the processing of SVG. This issue was addressed through improved validation. This issue was addressed through improved URL validation on redirection. (www.mbsd.jp) Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software.". To check the current version of software, select "Settings -> General -> About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXjXA+AAoJEIOj74w0bLRGi6IP/2DDPP2Z208nJPL0+a+bMJA4 JUIrF0BM4wyr1Hy/Vb2zN5RkAZYeHwq8Jq9av9qu79Xgan2jcgPRWKSAiztp0BMx kYPLi6PrpvWiWLHpqkWGnKVK1LmdBQXKrPsCmMJacKJ2TldBMofAiuh3QrjqZ7ud GVbTB4HkjX2FnpCt25DkUK5Y5oWP8lv4rvB+iTfO/kVGfSMfrTg1HGH3s49+UTHV GICBGi+L8yftmYaM10a5JjnOCRiIKXa95Kt1CTPrDxFSJG2QBmMBvSGV4qivyf6i buqAso81LVWnJBIKjj21usJqm6Q1lqtU5MTElfDq0w/uo7oxL/eWB4e8H0lm9Jow oD+ZepkO0SHQgwNWprMKrEbI/xow1CiYdxj/a8DYSuQicCjPZanQux04MurfmU5Q YEkzj+oxuzBherHAVwqleHEglDOy6CJx/UCVoxnf0Tcj9FQOTzQ+aUqYMXrM33Yu zhU4Eai/9PKLLuqQzhgXYqsSnHKu5ojzesunRo09D+Q1jjSyIXvhmUmCXBgDvcls MfSUjWJJxniqj+C8zFeHuFEbPU70urVmUH7rWSBsRCRhjzwYMAWpPejkT/XDs1qm SCTElHATr+BfvS0v1E5En2xNKXSodyJL1SaK9rHnkre+40+e0IJJbOQzbQH9MAcJ ylGAp0etGDWZ40Q5IyH8 =N/Ug -----END PGP SIGNATURE-----

Trust: 2.25

sources: NVD: CVE-2016-4588 // JVNDB: JVNDB-2016-004055 // BID: 92690 // VULHUB: VHN-93407 // PACKETSTORM: 138715 // PACKETSTORM: 138502 // PACKETSTORM: 137961

AFFECTED PRODUCTS

vendor:applemodel:webkitscope:eqversion:*

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:9.2.2 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:webkitscope: - version: -

Trust: 0.6

vendor:webkitmodel:open source project webkitscope:eqversion:0

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:0

Trust: 0.3

vendor:applemodel:tvosscope:neversion:9.2.2

Trust: 0.3

sources: BID: 92690 // JVNDB: JVNDB-2016-004055 // NVD: CVE-2016-4588 // CNNVD: CNNVD-201607-850

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2016-4588
value: HIGH

Trust: 1.8

CNNVD: CNNVD-201607-850
value: HIGH

Trust: 0.6

VULHUB: VHN-93407
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: TRUE
version: 2.0

Trust: 1.0

NVD: CVE-2016-4588
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-93407
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: CVE-2016-4588
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-93407 // JVNDB: JVNDB-2016-004055 // NVD: CVE-2016-4588 // CNNVD: CNNVD-201607-850

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-93407 // JVNDB: JVNDB-2016-004055 // NVD: CVE-2016-4588

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 138715 // CNNVD: CNNVD-201607-850

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201607-850

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2016-4588

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/ht201222
Trust: 0.8
title:APPLE-SA-2016-07-18-4 tvOS 9.2.2url:http://lists.apple.com/archives/security-announce/2016/jul/msg00003.html
Trust: 0.8
title:HT206905url:https://support.apple.com/en-us/ht206905
Trust: 0.8
title:HT206905url:https://support.apple.com/ja-jp/ht206905
Trust: 0.8
title:Apple tvOS WebKit Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63210
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004055 // 
            
            
            
            CNNVD: CNNVD-201607-850

EXTERNAL IDS
db:NVDid:CVE-2016-4588
Trust: 3.1
db:PACKETSTORMid:138502
Trust: 1.8
db:JVNid:JVNVU94844193
Trust: 0.8
db:JVNDBid:JVNDB-2016-004055
Trust: 0.8
db:CNNVDid:CNNVD-201607-850
Trust: 0.7
db:BIDid:92690
Trust: 0.4
db:VULHUBid:VHN-93407
Trust: 0.1
db:PACKETSTORMid:138715
Trust: 0.1
db:PACKETSTORMid:137961
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93407 // 
            
            
            
            BID: 92690 // 
            
            
            
            JVNDB: JVNDB-2016-004055 // 
            
            
            
            PACKETSTORM: 138715 // 
            
            
            
            PACKETSTORM: 138502 // 
            
            
            
            PACKETSTORM: 137961 // 
            
            
            
            NVD: CVE-2016-4588 // 
            
            
            
            CNNVD: CNNVD-201607-850

REFERENCES
url:http://lists.apple.com/archives/security-announce/2016/jul/msg00003.html
Trust: 1.7
url:http://www.securityfocus.com/archive/1/539295/100/0/threaded
Trust: 1.7
url:https://support.apple.com/ht206905
Trust: 1.7
url:http://packetstormsecurity.com/files/138502/webkitgtk-sop-bypass-information-disclosure.html
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4588
Trust: 0.8
url:http://jvn.jp/vu/jvnvu94844193/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4588
Trust: 0.8
url:https://www.apple.com/
Trust: 0.3
url:http://www.webkit.org/
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4586
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4591
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4583
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4589
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4622
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4585
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4588
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4623
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2016-4651
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2016-4590
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2016-4624
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2016-4592
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2016-4587
Trust: 0.2
url:http://www.ubuntu.com/usn/usn-3079-1
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1854
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1856
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/webkit2gtk/2.12.5-0ubuntu0.16.04.1
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1859
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1857
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1858
Trust: 0.1
url:https://webkitgtk.org/security/wsa-2016-0005.html
Trust: 0.1
url:https://webkitgtk.org/security.html
Trust: 0.1
url:https://www.mbsd.jp).
Trust: 0.1
url:https://www.tencent.com).
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4449
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4483
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4616
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4609
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1865
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4619
Trust: 0.1
url:https://www.mbsd.jp)
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1863
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4582
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4615
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1864
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4612
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4614
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4607
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4448
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1684
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4610
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4594
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4608
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4584
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93407 // 
            
            
            
            BID: 92690 // 
            
            
            
            JVNDB: JVNDB-2016-004055 // 
            
            
            
            PACKETSTORM: 138715 // 
            
            
            
            PACKETSTORM: 138502 // 
            
            
            
            PACKETSTORM: 137961 // 
            
            
            
            NVD: CVE-2016-4588 // 
            
            
            
            CNNVD: CNNVD-201607-850

CREDITS
Apple
Trust: 0.4
sources:
            
            
            BID: 92690 // 
            
            
            
            PACKETSTORM: 137961

SOURCES
db:VULHUBid:VHN-93407
db:BIDid:92690
db:JVNDBid:JVNDB-2016-004055
db:PACKETSTORMid:138715
db:PACKETSTORMid:138502
db:PACKETSTORMid:137961
db:NVDid:CVE-2016-4588
db:CNNVDid:CNNVD-201607-850

LAST UPDATE DATE
2023-12-18T11:08:45.215000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-93407date:2019-03-19T00:00:00
db:BIDid:92690date:2016-07-18T00:00:00
db:JVNDBid:JVNDB-2016-004055date:2016-07-29T00:00:00
db:NVDid:CVE-2016-4588date:2019-03-19T01:09:03.663
db:CNNVDid:CNNVD-201607-850date:2019-03-13T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-93407date:2016-07-22T00:00:00
db:BIDid:92690date:2016-07-18T00:00:00
db:JVNDBid:JVNDB-2016-004055date:2016-07-29T00:00:00
db:PACKETSTORMid:138715date:2016-09-14T16:52:04
db:PACKETSTORMid:138502date:2016-08-25T04:44:44
db:PACKETSTORMid:137961date:2016-07-19T20:04:09
db:NVDid:CVE-2016-4588date:2016-07-22T02:59:11.207
db:CNNVDid:CNNVD-201607-850date:2016-07-26T00:00:00