ID

VAR-201607-0373

CVE

CVE-2016-4635

TITLE

Apple iOS and OS X of FaceTime Vulnerabilities in spoofing transfer call termination

DESCRIPTION

FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors. Apple Mac OS X and iOS are prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. in the United States. FaceTime is one of those video calling software. CVE-2016-4662: Apple AppleSMC Available for: macOS Sierra 10.12 Impact: A local user may be able to elevate privileges Description: A null pointer dereference was addressed through improved locking. CVE-2016-4671: Ke Liu of Tencent's Xuanwu Lab, Juwei Lin (@fuzzerDOTcn) ImageIO Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6 Impact: Processing a maliciously crafted image may result in the disclosure of process memory Description: An out-of-bounds read issue existed in the SGI image parsing. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-10-24-1 iOS 10.1 iOS 10.1 is now available and addresses the following: CFNetwork Proxies Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: A phishing issue existed in the handling of proxy credentials. This issue was addressed by removing unsolicited proxy password authentication prompts. CVE-2016-7579: Jerry Decime Contacts Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to maintain access to the Address Book after access is revoked in Settings Description: An access control issue in the Address Book was addressed through improved file-link validation. CVE-2016-4686: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) CoreGraphics Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent FaceTime Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635: Martin Vigo (@martin_vigo) of salesforce.com FontParser Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Parsing a maliciously crafted font may disclose sensitive user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4660: Ke Liu of Tencent's Xuanwu Lab Kernel Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to disclose kernel memory Description: A validation issue was addressed through improved input sanitization. CVE-2016-4680: Max Bazaliy of Lookout and in7egral libarchive Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A malicious archive may be able to overwrite arbitrary files Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization. CVE-2016-4679: Omer Medan of enSilo Ltd libxpc Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to execute arbitrary code with root privileges Description: A logic issue was addressed through additional restrictions. CVE-2016-4675: Ian Beer of Google Project Zero Sandbox Profiles Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to retrieve metadata of photo directories Description: An access issue was addressed through additional sandbox restrictions on third party applications. CVE-2016-4664: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) Sandbox Profiles Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to retrieve metadata of audio recording directories Description: An access issue was addressed through additional sandbox restrictions on third party applications. CVE-2016-4665: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) System Boot Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: Multiple input validation issues existed in MIG generated code. These issues were addressed through improved validation. CVE-2016-4669: Ian Beer of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4677: An anonymous researcher working with Trend Micro's Zero Day Initiative Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10.1". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYDlqUAAoJEIOj74w0bLRGj64P/1A9yH47yTZLjBHdmy+eoz/d 5AZSnF/cyDeyeTb+Z8ELzVJMsucpJy7Xyv32IxvgSji8IplKkinw66j7mErs1/YY q/IQCD8NM6IOZVcgiL/aUDFWtxmAUHwRftAk36RTaglMoeWx23I36NFN7xbhWUL5 EyMXoQzNUHQ38bReQqpXEEwydMin1iFPed0207714PnmfvM7o5LGRBRjjJ1gOQLq HSNKfay/L1hSFZFkwkjqgvbelRzhvDr4eqEFriBf39u8a8uLAG92fuV9QMoF7p7q paXwZk4fWMlHi8Xr3fg2gaW0MjSMrz6oJwOpZRdPKwLl2IW7fMuk+oIBPcRVl8m/ yxZxZlq4DpCjnp0mfNRx9YuVWwCKNjqtzYj1hirhL654jkTW+1cO1rvewVFOPPIs MEYoSecYN09g7aBer0tPE4GcekMW0cEV4rzQI/0Jy+lIfdFwSjmz1GdZnpPMIwZl RmI/Eda0O9OkwNbqU+E+6DdCL2r/cCflj3QwNxEDtYNgCPuz7tlwVBqqkewVVYH2 AqQtNQZEXeRDS04ncQgrhoXnTfcnM1TRaOzuy58/sJfk707TV9NZiahMiEbqUxhe fahnRE4YUFpvwJZFegNKztUrdeNe56YAhBTksDNA49rpY4TgN8x5G2byt5txr7xV m7KJFe1t8NabLisqOrHI =vxwr -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

information disclosure

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Martin Vigo

SOURCES

LAST UPDATE DATE

2025-04-13T20:54:47.431000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE