ID

VAR-201607-0354

CVE

CVE-2016-4612

TITLE

plural Apple Product libxslt Service disruption in (DoS) Vulnerabilities

DESCRIPTION

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-1683. Reason: This candidate is a reservation duplicate of CVE-2016-1683. Notes: All CVE users should reference CVE-2016-1683 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. plural Apple Product libxslt There is a service disruption ( Memory corruption ) There are vulnerabilities that are subject to unspecified impact, such as being put into a state. This vulnerability CVE-2016-4607 , CVE-2016-4608 , CVE-2016-4609 ,and CVE-2016-4610 Is a different vulnerability.Service disruption by a third party ( Memory corruption ) There is a possibility of being affected unspecified, such as being in a state. Apple iTunes is prone to multiple memory-corruption vulnerabilities. Successful exploits may allow attackers to execute arbitrary code in the context of the affected system; Failed exploit attempts will cause denial-of-service conditions. Apple iOS, OS X, tvOS, and watchOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. libxslt is an XSLT (XML language for defining XML transformations) C library developed for the GNOME project. A security vulnerability exists in libxslt in several Apple products. A remote attacker could exploit this vulnerability to cause a denial of service (memory corruption). The following products and versions are affected: Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 and iCloud prior to 5.2.1 on Windows-based platforms, tvOS prior to 9.2.2, watchOS Versions prior to 2.2.2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-07-18-2 iOS 9.3.3 iOS 9.3.3 is now available and addresses the following: Calendar Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted calendar invite may cause a device to unexpectedly restart Description: A null pointer dereference was addressed through improved memory handling. CVE-2016-4605 : Henry Feldman MD at Beth Israel Deaconess Medical Center CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) FaceTime Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to read kernel memory Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4628 : Ju Zhu of Trend Micro IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-2016-4627 : Ju Zhu of Trend Micro IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany libxslt Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Redirect responses to invalid ports may have allowed a malicious website to display an arbitrary domain while displaying arbitrary content. This issue was addressed through improved URL display logic. CVE-2016-4604 : xisigr of Tencent's Xuanwu Lab (www.tencent.com) Sandbox Profiles Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins Siri Contacts Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to a device may be able to see private contact information Description: A privacy issue existed in the handling of Contact cards. This was addressed through improved state management. CVE-2016-4593 : Pedro Pinheiro (facebook.com/pedro.pinheiro.1996) Web Media Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a video in Safari's Private Browsing mode displays the URL of the video outside of Private Browsing mode Description: A privacy issue existed in the handling of user data by Safari View Controller. This issue was addressed through improved state management. CVE-2016-4603 : Brian Porter (@portex33) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4589 : Tongbo Luo and Bo Qu of Palo Alto Networks CVE-2016-4622 : Samuel Gross working with Trend Microas Zero Day Initiative CVE-2016-4623 : Apple CVE-2016-4624 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted webpage may lead to a system denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4592 : Mikhail WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may disclose image data from another website Description: A timing issue existed in the processing of SVG. This issue was addressed through improved validation. CVE-2016-4583 : Roeland Krak WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An origin inheritance issue existed in parsing of about: URLs. This was addressed through improved validation of security origins. CVE-2016-4590 : xisigr of Tencent's Xuanwu Lab (www.tencent.com), an anonymous researcher WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may compromise user information on the file system Description: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks. CVE-2016-4591 : ma.la of LINE Corporation WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may result in the disclosure of process memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4587 : Apple WebKit JavaScript Bindings Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to script execution in the context of a non-HTTP service Description: A cross-protocol cross-site scripting (XPXSS) issue existed in Safari when submitting forms to non-HTTP services compatible with HTTP/0.9. This issue was addressed by disabling scripts and plugins on resources loaded over HTTP/0.9. CVE-2016-4651 : Obscure WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may exfiltrate data cross-origin Description: A cross-site scripting issue existed in Safari URL redirection. This issue was addressed through improved URL validation on redirection. CVE-2016-4585 : Takeshi Terada of Mitsui Bussan Secure Directions, Inc. (www.mbsd.jp) WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4584 : Chris Vienneau Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.3.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXjXA4AAoJEIOj74w0bLRGzJ0P/1ry4kKeEmZdCG8n5skZNWcx hvtpxrZVgse6nvkJ5+SPDIOJbGFNUEv4YP5F+MBosr/mLBcmyjPFbbdlEsKE6ffj uS03k0p/9uEczaZrytzwK3AXeKwLP1Q47Yl76sPaKtCYzZF0Qlzype4BXdPW/FnV 5Hg0/EAw9vLUpn36BG7NDH5HPTsTETtjxfNZg25k16DMek90E8DQLGCNFBnT7iY1 lC/4CuMBEeZIsOlM1C6IxrlRtUZCMuNUCE68w944Ne7BJqAM3J3sT6/tQMrqg+2S CVk+4XLey/pi9L6PsR4eSgW80wVLnfoAgEbDnD3ZwWhzrfTqFcvlxDGaxn0LGDf1 H+aalvb8UmNtPr+zQymCGXRBqX9jlzTyRqfoa33R09qJtkSlaeKDbWEdJf706OD6 SeL5rzeeJSjwmrlNzyttnGoH5bsRYb3FhIA5eQlymi4y2EPBXFsQTH2Hxnb06oNo 4XiJx+43+VJ3MUf4v0MHNQqOGlqiw2twSen0mc/3D1IREGFgmL7bszJWALsdElNQ itACX596JCWc/RPzkLkMKZlKfSxG3AYIKgvLVvVodgHjObqLBSgya6hvpZ3jwsDr f9nggrqh0mHCMmPG4fPUvsDBt63TJcTNuTvlv6EWLSDM6B9Yy9FkFjNt3e0LlFEg /esomms9/qUSQyOF2huK =zqBF -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

buffer overflow

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Apple

SOURCES

LAST UPDATE DATE

2023-12-18T11:09:33.301000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE