Sign-up

ID

VAR-201607-0369


CVE

CVE-2016-4631


TITLE

plural Apple Product ImageIO Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-004069

DESCRIPTION

ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition. Versions prior to iOS 9.3.3, watchOS 2.2.2, OS X 10.11.6, and tvOS 9.2.2 are vulnerable. Apple iOS is an operating system developed for mobile devices; OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. ImageIO is one of the static methods used to perform common image I/O operations. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-07-18-3 watchOS 2.2.2 watchOS 2.2.2 is now available and addresses the following: CoreGraphics Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) ImageIO Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) ImageIO Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex IOAcceleratorFamily Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-2016-4627 : Ju Zhu of Trend Micro IOAcceleratorFamily Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to read kernel memory Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4628 : Ju Zhu of Trend Micro IOHIDFamily Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent Kernel Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team libxml2 Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck libxml2 Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany libxslt Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire Sandbox Profiles Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/en-us/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXjXA7AAoJEIOj74w0bLRGEXgP+weQFMlAuBOyZg11jFauawDt r+LmaHifpMysV13r6cLkKP6cVqV4G6EEOGp9hSqC2lsHKQYDN5vdyLwLl5sE3kSg PyQgp5iE3Eihe9ArswPbsrm/c1aIMZbKNnAVQkHOQX7STTmYDfp5ATxxFp7yueld 0QVCEbr4QCpqpQCJhqRO7RHWnlOCmTKdYxsD6rYqOEALnZzfB9A5bZPyeM1LNnJL ntom0d1GzuBjowrEIFPyZBE+oZP1wEfUBsYnr5sD5jkAHphMCyI0/MPAwH3181aZ T9jHgJMc/0xlitBHwCT7nv7AE3YpxPYpM8lM1a+cLOfHNaUiX7bfX2w+6PVEDFiP 5X0raq+QYnqKdNXanG2nMhQjIYJEIWbOBKanM7hMWM6C2kd4YAc4eLACX3vObWNS m1Fbj1/Qxqtng0sqw66HhyFEcz9Cqgg7UX2MEmxVV86Oxqcb2PW5XrwUZ9PtgByP ks8UNaOXYKaRo+OIhaAPn1qfSSlhp086LfGPuCm5lP0c5hZ9TfyErWPG+1nhD6Vd l48RQOYcAAE//wMLuSf38CbvS0RVcfzKA6DfUAlEAv0Aw4GOZRNCmtLVZo2QS8kc nUItEluM+03NkqrGROZiyoC+FIrXunr47JzdP5kawB6C1zsJrP2vFr1au9gbwUZ3 nb7PSAEOmpjCwkMbzdvm =l25N -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2016-4631 // JVNDB: JVNDB-2016-004069 // BID: 91834 // VULHUB: VHN-93450 // PACKETSTORM: 137960

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:9.3.3

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:2.2.2

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.11.6

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:9.2.2

Trust: 1.0

vendor:applemodel:watchosscope:eqversion:2.2.1

Trust: 0.9

vendor:applemodel:mac os xscope:eqversion:10.11 and later

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3.3 (ipad 2 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3.3 (iphone 4s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3.3 (ipod touch first 5 after generation )

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:9.2.2 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:2.2.2 (apple watch edition)

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:2.2.2 (apple watch hermes)

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:2.2.2 (apple watch sport)

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:2.2.2 (apple watch)

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:9.3.2

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.11.5

Trust: 0.6

vendor:applemodel:tvscope:eqversion:9.2.1

Trust: 0.6

vendor:applemodel:watchosscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.2

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:watch sportscope:eqversion:0

Trust: 0.3

vendor:applemodel:watch hermesscope:eqversion:0

Trust: 0.3

vendor:applemodel:watch editionscope:eqversion:0

Trust: 0.3

vendor:applemodel:watchscope:eqversion:0

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.9.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:50

Trust: 0.3

vendor:applemodel:iosscope:eqversion:40

Trust: 0.3

vendor:applemodel:iosscope:eqversion:30

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:watchosscope:neversion:2.2.2

Trust: 0.3

vendor:applemodel:tvosscope:neversion:9.2.2

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.11.6

Trust: 0.3

vendor:applemodel:mac os security updatescope:neversion:x2016

Trust: 0.3

vendor:applemodel:iosscope:neversion:9.3.3

Trust: 0.3

sources: BID: 91834 // JVNDB: JVNDB-2016-004069 // CNNVD: CNNVD-201607-648 // NVD: CVE-2016-4631

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4631
value: HIGH

Trust: 1.0

NVD: CVE-2016-4631
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201607-648
value: HIGH

Trust: 0.6

VULHUB: VHN-93450
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-4631
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93450
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4631
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93450 // JVNDB: JVNDB-2016-004069 // CNNVD: CNNVD-201607-648 // NVD: CVE-2016-4631

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-93450 // JVNDB: JVNDB-2016-004069 // NVD: CVE-2016-4631

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201607-648

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201607-648

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004069

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2016-07-18-3 watchOS 2.2.2url:http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
Trust: 0.8
title:APPLE-SA-2016-07-18-2 iOS 9.3.3url:http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
Trust: 0.8
title:APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004url:http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
Trust: 0.8
title:APPLE-SA-2016-07-18-4 tvOS 9.2.2url:http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
Trust: 0.8
title:HT206904url:https://support.apple.com/en-us/HT206904
Trust: 0.8
title:HT206902url:https://support.apple.com/en-us/HT206902
Trust: 0.8
title:HT206903url:https://support.apple.com/en-us/HT206903
Trust: 0.8
title:HT206905url:https://support.apple.com/en-us/HT206905
Trust: 0.8
title:HT206905url:https://support.apple.com/ja-jp/HT206905
Trust: 0.8
title:HT206904url:https://support.apple.com/ja-jp/HT206904
Trust: 0.8
title:HT206902url:https://support.apple.com/ja-jp/HT206902
Trust: 0.8
title:HT206903url:https://support.apple.com/ja-jp/HT206903
Trust: 0.8
title:Multiple Apple Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63008
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004069 // 
            
            
            
            CNNVD: CNNVD-201607-648

EXTERNAL IDS
db:NVDid:CVE-2016-4631
Trust: 2.9
db:BIDid:91834
Trust: 2.0
db:TALOSid:TALOS-2016-0171
Trust: 1.7
db:SECTRACKid:1036344
Trust: 1.7
db:JVNid:JVNVU94844193
Trust: 0.8
db:JVNDBid:JVNDB-2016-004069
Trust: 0.8
db:CNNVDid:CNNVD-201607-648
Trust: 0.7
db:SEEBUGid:SSVID-96729
Trust: 0.1
db:VULHUBid:VHN-93450
Trust: 0.1
db:PACKETSTORMid:137960
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93450 // 
            
            
            
            BID: 91834 // 
            
            
            
            JVNDB: JVNDB-2016-004069 // 
            
            
            
            PACKETSTORM: 137960 // 
            
            
            
            CNNVD: CNNVD-201607-648 // 
            
            
            
            NVD: CVE-2016-4631

REFERENCES
url:http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2016/jul/msg00001.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2016/jul/msg00002.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2016/jul/msg00003.html
Trust: 1.7
url:http://www.securityfocus.com/bid/91834
Trust: 1.7
url:https://support.apple.com/ht206902
Trust: 1.7
url:https://support.apple.com/ht206903
Trust: 1.7
url:https://support.apple.com/ht206904
Trust: 1.7
url:https://support.apple.com/ht206905
Trust: 1.7
url:http://www.talosintelligence.com/reports/talos-2016-0171/
Trust: 1.7
url:http://www.securitytracker.com/id/1036344
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4631
Trust: 0.8
url:http://jvn.jp/vu/jvnvu94844193/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4631
Trust: 0.8
url:http://www.apple.com/ios/
Trust: 0.3
url:http://www.apple.com/accessibility/tvos/
Trust: 0.3
url:http://www.apple.com/watchos-2/
Trust: 0.3
url:http://www.apple.com/ipad/
Trust: 0.3
url:http://www.apple.com/iphone/
Trust: 0.3
url:http://www.apple.com/ipodtouch/
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4637
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4449
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4483
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1836
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4616
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4609
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4626
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1865
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4627
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4619
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4447
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1863
Trust: 0.1
url:https://support.apple.com/en-us/ht204641
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4582
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4615
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1864
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4628
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4632
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4612
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4614
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4607
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4448
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4631
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1684
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4610
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4594
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4608
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93450 // 
            
            
            
            BID: 91834 // 
            
            
            
            JVNDB: JVNDB-2016-004069 // 
            
            
            
            PACKETSTORM: 137960 // 
            
            
            
            CNNVD: CNNVD-201607-648 // 
            
            
            
            NVD: CVE-2016-4631

CREDITS
Evgeny Sidorov of Yandex,Stefan Esser of SektionEins, Tyler Bohan of Cisco Talos (talosintel.com/vulnerability-reports), Nick Wellnhofer
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201607-648

SOURCES
db:VULHUBid:VHN-93450
db:BIDid:91834
db:JVNDBid:JVNDB-2016-004069
db:PACKETSTORMid:137960
db:CNNVDid:CNNVD-201607-648
db:NVDid:CVE-2016-4631

LAST UPDATE DATE
2025-04-13T20:10:06.382000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-93450date:2019-03-25T00:00:00
db:BIDid:91834date:2016-07-18T00:00:00
db:JVNDBid:JVNDB-2016-004069date:2016-07-29T00:00:00
db:CNNVDid:CNNVD-201607-648date:2019-03-13T00:00:00
db:NVDid:CVE-2016-4631date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-93450date:2016-07-22T00:00:00
db:BIDid:91834date:2016-07-18T00:00:00
db:JVNDBid:JVNDB-2016-004069date:2016-07-29T00:00:00
db:PACKETSTORMid:137960date:2016-07-19T20:00:50
db:CNNVDid:CNNVD-201607-648date:2016-07-21T00:00:00
db:NVDid:CVE-2016-4631date:2016-07-22T02:59:51.727