Sign-up

ID

VAR-201609-0245


CVE

CVE-2016-4747


TITLE

Apple iOS Vulnerability in obtaining email credentials in email

Trust: 0.8

sources: JVNDB: JVNDB-2016-004775

DESCRIPTION

Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors. Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions and perform unauthorized actions or obtain sensitive information. Versions prior to iOS 10 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Mail is one of the mail clients. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-13-1 iOS 10 iOS 10 is now available and addresses the following: Assets Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker in a privileged network position may be able to block a device from receiving software updates Description: An issue existed in iOS updates, which did not properly secure user communications. This issue was addressed by using HTTPS for software updates. CVE-2016-4741 : Raul Siles of DinoSec GeoServices Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to read sensitive location information Description: A permissions issue existed in PlaceData. This issue was addressed through improved permission validation. CVE-2016-4719 : Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) Keyboards Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Keyboard auto correct suggestions may reveal sensitive information Description: The iOS keyboard was inadvertently caching sensitive information. This issue was addressed through improved heuristics. CVE-2016-4746 : Antoine M of France Mail Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker with a privileged network position may be able to intercept mail credentials Description: An issue existed when handling untrusted certificates. This was addressed by terminating untrusted connections. CVE-2016-4747 : Dave Aitel Messages Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Messages may be visible on a device that has not signed in to Messages Description: An issue existed when using Handoff for Messages. This issue was resolved via better state management. CVE-2016-4740 : Step Wallace Printing UIKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An unencrypted document may be written to a temporary file when using AirPrint preview Description: An issue existed in AirPrint preview. This was addressed through improved environment sanitization. CVE-2016-4749 : an anonymous researcher Sandbox Profiles Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A malicious application may be able to determine whom a user is texting Description: An access control issue existed in SMS draft directories. This issue was addressed by preventing apps from stat'ing the affected directories. CVE-2016-4620 : Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJX2FJ5AAoJEIOj74w0bLRGa6sQAMPluedIChXWvW/EaZwX/EQ1 cWc7AmcLoWQskymTmN3pzy/WPARDaBFPrMlkGK3KvpB8bvPSFcp+1QI6vUFwLhyV s3Rj5qlqQmEKlyC53BjxrdcbnHGOFzsApEZ43+awZQnDVOnGPQP+NAgq8HUDxy/g 8BK2kdmj++8bEA6MgwaeMNxjzEDXMALxdFBVD3kPUH2na1Y3aji8LQoaDc0OzsqJ nNYmuFbJAAsDAhpuN5fQYhCZhXbiNnQ0b+4X9tALwDAAIxU4nDRlCk8wc+S3MkVZ L78dW+0H0wV1kLyUmjK+sbRjPa56MCd35C3xylDJFVfvWzxjISmGvZvGyXNphQ67 ibbo9NUZArLAGQrXOlY31W5JGegnV2ex6GUmEELsTlPLv3FL5a4sgKVvYY0d9wYz Awa6GG1IjyeWA776ati/gUQYyfnaNn81ccvOdzm97IKETMn5KX15xdgUN6Amqu5H J2q56H4zM6HRIqOUOOWHMoVFMmfeH27c8pbgAi2BIrQOw2jlCoxolwuhfkperoN3 iaUpWIhmmqLxyFpYBwNkEs0/rbVo68fCGQ6eHWPdwr8AVs8aYecUtT8yFFEIpZFy FajGgKdBKrxoXuzNJpBRT3LvZ6tmbEq9u7Lo4DVNNjA5AIgejpyHk3f6OX951a5z SRLzhSdcnaoOnuDWwk/v =Mouo -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2016-4747 // JVNDB: JVNDB-2016-004775 // BID: 92932 // VULHUB: VHN-93566 // PACKETSTORM: 138737

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:lteversion:9.3.5

Trust: 1.0

vendor:applemodel:iosscope:ltversion:10 (ipad first 4 after generation )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10 (iphone 5 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10 (ipod touch first 6 after generation )

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:9.3.5

Trust: 0.6

vendor:applemodel:watchosscope:eqversion:2.2.2

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.2

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:50

Trust: 0.3

vendor:applemodel:iosscope:eqversion:40

Trust: 0.3

vendor:applemodel:iosscope:eqversion:30

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:watchosscope:neversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:neversion:10

Trust: 0.3

sources: BID: 92932 // JVNDB: JVNDB-2016-004775 // CNNVD: CNNVD-201609-260 // NVD: CVE-2016-4747

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4747
value: LOW

Trust: 1.0

NVD: CVE-2016-4747
value: LOW

Trust: 0.8

CNNVD: CNNVD-201609-260
value: MEDIUM

Trust: 0.6

VULHUB: VHN-93566
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-4747
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93566
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4747
baseSeverity: LOW
baseScore: 3.7
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93566 // JVNDB: JVNDB-2016-004775 // CNNVD: CNNVD-201609-260 // NVD: CVE-2016-4747

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-93566 // JVNDB: JVNDB-2016-004775 // NVD: CVE-2016-4747

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201609-260

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201609-260

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004775

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2016-09-13-1 iOS 10url:http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html
Trust: 0.8
title:HT207143url:https://support.apple.com/en-us/HT207143
Trust: 0.8
title:HT207143url:https://support.apple.com/ja-jp/HT207143
Trust: 0.8
title:Apple iOS Mail Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64069
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004775 // 
            
            
            
            CNNVD: CNNVD-201609-260

EXTERNAL IDS
db:NVDid:CVE-2016-4747
Trust: 2.9
db:BIDid:92932
Trust: 2.0
db:SECTRACKid:1036797
Trust: 1.1
db:JVNid:JVNVU93841436
Trust: 0.8
db:JVNDBid:JVNDB-2016-004775
Trust: 0.8
db:CNNVDid:CNNVD-201609-260
Trust: 0.7
db:VULHUBid:VHN-93566
Trust: 0.1
db:PACKETSTORMid:138737
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93566 // 
            
            
            
            BID: 92932 // 
            
            
            
            JVNDB: JVNDB-2016-004775 // 
            
            
            
            PACKETSTORM: 138737 // 
            
            
            
            CNNVD: CNNVD-201609-260 // 
            
            
            
            NVD: CVE-2016-4747

REFERENCES
url:http://www.securityfocus.com/bid/92932
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2016/sep/msg00002.html
Trust: 1.1
url:http://lists.apple.com/archives/security-announce/2016/sep/msg00008.html
Trust: 1.1
url:https://support.apple.com/ht207143
Trust: 1.1
url:http://www.securitytracker.com/id/1036797
Trust: 1.1
url:http://www.apple.com/ios/
Trust: 0.9
url:http://www.apple.com/ipad/
Trust: 0.9
url:http://www.apple.com/iphone/
Trust: 0.9
url:http://www.apple.com/ipodtouch/
Trust: 0.9
url:https://support.apple.com/en-in/ht207143
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4747
Trust: 0.8
url:http://jvn.jp/vu/jvnvu93841436/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4747
Trust: 0.8
url:https://www.apple.com/itunes/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4747
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4741
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4740
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4746
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4719
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4620
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4749
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93566 // 
            
            
            
            BID: 92932 // 
            
            
            
            JVNDB: JVNDB-2016-004775 // 
            
            
            
            PACKETSTORM: 138737 // 
            
            
            
            CNNVD: CNNVD-201609-260 // 
            
            
            
            NVD: CVE-2016-4747

CREDITS
Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, Step Wa, Ahmad-Reza Sadeghi (TU Darmstadt),Raul Siles of DinoSec, Dave Aitel, Antoine M of France, William Enck (North Carolina State University); Lucas Vincenzo Davi, Step Wal
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201609-260

SOURCES
db:VULHUBid:VHN-93566
db:BIDid:92932
db:JVNDBid:JVNDB-2016-004775
db:PACKETSTORMid:138737
db:CNNVDid:CNNVD-201609-260
db:NVDid:CVE-2016-4747

LAST UPDATE DATE
2025-04-13T20:28:31.191000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-93566date:2017-08-13T00:00:00
db:BIDid:92932date:2019-04-12T21:00:00
db:JVNDBid:JVNDB-2016-004775date:2016-09-20T00:00:00
db:CNNVDid:CNNVD-201609-260date:2019-04-15T00:00:00
db:NVDid:CVE-2016-4747date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-93566date:2016-09-18T00:00:00
db:BIDid:92932date:2016-09-13T00:00:00
db:JVNDBid:JVNDB-2016-004775date:2016-09-20T00:00:00
db:PACKETSTORMid:138737date:2016-09-14T23:01:11
db:CNNVDid:CNNVD-201609-260date:2016-09-14T00:00:00
db:NVDid:CVE-2016-4747date:2016-09-18T22:59:09.110