Details of VAR-201607-0368

ID

VAR-201607-0368

CVE

CVE-2016-4630

TITLE

Apple OS X of ImageIO Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-004027

DESCRIPTION

ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. Apple Mac OS X 10.9.5, 10.10.5 and 10.11 through 10.11.5 are vulnerable. ImageIO is one of the static methods used to perform common image I/O operations

Trust: 1.98

sources: NVD: CVE-2016-4630 // JVNDB: JVNDB-2016-004027 // BID: 91824 // VULHUB: VHN-93449

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.11.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10.5	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11 and later	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.9.5	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.11.6	Trust: 0.3
vendor:	apple	model:	mac os security update	scope:	ne	version:	x2016	Trust: 0.3

sources: BID: 91824 // JVNDB: JVNDB-2016-004027 // CNNVD: CNNVD-201607-885 // NVD: CVE-2016-4630

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4630
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-4630
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201607-885
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-93449
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4630
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-93449
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4630
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-93449 // JVNDB: JVNDB-2016-004027 // CNNVD: CNNVD-201607-885 // NVD: CVE-2016-4630

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-93449 // JVNDB: JVNDB-2016-004027 // NVD: CVE-2016-4630

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201607-885

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201607-885

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004027

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004	url:	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html	Trust: 0.8
title:	HT206903	url:	https://support.apple.com/en-us/HT206903	Trust: 0.8
title:	HT206903	url:	https://support.apple.com/ja-jp/HT206903	Trust: 0.8
title:	Apple OS X ImageIO Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63245	Trust: 0.6

sources: JVNDB: JVNDB-2016-004027 // CNNVD: CNNVD-201607-885

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4630	Trust: 2.8
db:	BID	id:	91824	Trust: 1.4
db:	SECTRACK	id:	1036348	Trust: 1.1
db:	TALOS	id:	TALOS-2016-0181	Trust: 1.1
db:	JVN	id:	JVNVU94844193	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-004027	Trust: 0.8
db:	CNNVD	id:	CNNVD-201607-885	Trust: 0.7
db:	TALOS	id:	TALOS-2016-0171	Trust: 0.6
db:	ZDI	id:	ZDI-16-496	Trust: 0.3
db:	ZDI	id:	ZDI-16-437	Trust: 0.3
db:	ZDI	id:	ZDI-16-431	Trust: 0.3
db:	ZDI	id:	ZDI-16-435	Trust: 0.3
db:	SEEBUG	id:	SSVID-96728	Trust: 0.1
db:	VULHUB	id:	VHN-93449	Trust: 0.1

sources: VULHUB: VHN-93449 // BID: 91824 // JVNDB: JVNDB-2016-004027 // CNNVD: CNNVD-201607-885 // NVD: CVE-2016-4630

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html	Trust: 1.7
url:	https://support.apple.com/ht206903	Trust: 1.7
url:	http://www.securityfocus.com/bid/91824	Trust: 1.1
url:	http://www.talosintelligence.com/reports/talos-2016-0181/	Trust: 1.1
url:	https://github.com/openexr/openexr/issues/563	Trust: 1.1
url:	http://www.securitytracker.com/id/1036348	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4630	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu94844193/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4630	Trust: 0.8
url:	http://www.talosintelligence.com/reports/talos-2016-0171/	Trust: 0.6
url:	https://support.apple.com/ht206905	Trust: 0.6
url:	https://support.apple.com/ht206904	Trust: 0.6
url:	https://support.apple.com/ht206902	Trust: 0.6
url:	http://lists.apple.com/archives/security-announce/2016/jul/msg00002.html	Trust: 0.6
url:	http://lists.apple.com/archives/security-announce/2016/jul/msg00001.html	Trust: 0.6
url:	http://lists.apple.com/archives/security-announce/2016/jul/msg00003.html	Trust: 0.6
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-431/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-435/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-437/	Trust: 0.3
url:	apple os x acmp4aacbasedecoder out-of-bounds read information disclosure vulnerability	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-496/	Trust: 0.3

sources: VULHUB: VHN-93449 // BID: 91824 // JVNDB: JVNDB-2016-004027 // CNNVD: CNNVD-201607-885 // NVD: CVE-2016-4630

CREDITS

Jonathan Lewis from DeARX Services (PTY) LTD, Ke Liu of Tencent's Xuanwu Lab, Ian Beer of Google Project Zero, Tyler Bohan of Cisco Talos, Stefan Esser of SektionEins, Yubin Fu of Tencent KeenLab working with TrendMicro's Zero Day Initiative, Abhinav Bansa

Trust: 0.3

sources: BID: 91824

SOURCES

db:	VULHUB	id:	VHN-93449
db:	BID	id:	91824
db:	JVNDB	id:	JVNDB-2016-004027
db:	CNNVD	id:	CNNVD-201607-885
db:	NVD	id:	CVE-2016-4630

LAST UPDATE DATE

2025-04-13T19:45:03.241000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-93449	date:	2017-09-01T00:00:00
db:	BID	id:	91824	date:	2016-08-29T19:00:00
db:	JVNDB	id:	JVNDB-2016-004027	date:	2016-07-28T00:00:00
db:	CNNVD	id:	CNNVD-201607-885	date:	2016-07-26T00:00:00
db:	NVD	id:	CVE-2016-4630	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-93449	date:	2016-07-22T00:00:00
db:	BID	id:	91824	date:	2016-07-18T00:00:00
db:	JVNDB	id:	JVNDB-2016-004027	date:	2016-07-28T00:00:00
db:	CNNVD	id:	CNNVD-201607-885	date:	2016-07-26T00:00:00
db:	NVD	id:	CVE-2016-4630	date:	2016-07-22T02:59:50.570