Sign-up

ID

VAR-201609-0247


CVE

CVE-2016-4749


TITLE

Apple iOS of Printing UIKit Plaintext in AirPrint Vulnerability to get preview content

Trust: 0.8

sources: JVNDB: JVNDB-2016-004776

DESCRIPTION

Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file. Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions and perform unauthorized actions or obtain sensitive information. Versions prior to iOS 10 are vulnerable. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Printing UIKit is one of the printing control packages. The vulnerability stems from the program's improper handling of environment variables. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-13-1 iOS 10 iOS 10 is now available and addresses the following: Assets Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker in a privileged network position may be able to block a device from receiving software updates Description: An issue existed in iOS updates, which did not properly secure user communications. This issue was addressed by using HTTPS for software updates. CVE-2016-4741 : Raul Siles of DinoSec GeoServices Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to read sensitive location information Description: A permissions issue existed in PlaceData. This issue was addressed through improved permission validation. CVE-2016-4719 : Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) Keyboards Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Keyboard auto correct suggestions may reveal sensitive information Description: The iOS keyboard was inadvertently caching sensitive information. This issue was addressed through improved heuristics. CVE-2016-4746 : Antoine M of France Mail Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker with a privileged network position may be able to intercept mail credentials Description: An issue existed when handling untrusted certificates. This was addressed by terminating untrusted connections. CVE-2016-4747 : Dave Aitel Messages Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Messages may be visible on a device that has not signed in to Messages Description: An issue existed when using Handoff for Messages. This issue was resolved via better state management. CVE-2016-4740 : Step Wallace Printing UIKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An unencrypted document may be written to a temporary file when using AirPrint preview Description: An issue existed in AirPrint preview. This was addressed through improved environment sanitization. CVE-2016-4749 : an anonymous researcher Sandbox Profiles Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A malicious application may be able to determine whom a user is texting Description: An access control issue existed in SMS draft directories. This issue was addressed by preventing apps from stat'ing the affected directories. CVE-2016-4620 : Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJX2FJ5AAoJEIOj74w0bLRGa6sQAMPluedIChXWvW/EaZwX/EQ1 cWc7AmcLoWQskymTmN3pzy/WPARDaBFPrMlkGK3KvpB8bvPSFcp+1QI6vUFwLhyV s3Rj5qlqQmEKlyC53BjxrdcbnHGOFzsApEZ43+awZQnDVOnGPQP+NAgq8HUDxy/g 8BK2kdmj++8bEA6MgwaeMNxjzEDXMALxdFBVD3kPUH2na1Y3aji8LQoaDc0OzsqJ nNYmuFbJAAsDAhpuN5fQYhCZhXbiNnQ0b+4X9tALwDAAIxU4nDRlCk8wc+S3MkVZ L78dW+0H0wV1kLyUmjK+sbRjPa56MCd35C3xylDJFVfvWzxjISmGvZvGyXNphQ67 ibbo9NUZArLAGQrXOlY31W5JGegnV2ex6GUmEELsTlPLv3FL5a4sgKVvYY0d9wYz Awa6GG1IjyeWA776ati/gUQYyfnaNn81ccvOdzm97IKETMn5KX15xdgUN6Amqu5H J2q56H4zM6HRIqOUOOWHMoVFMmfeH27c8pbgAi2BIrQOw2jlCoxolwuhfkperoN3 iaUpWIhmmqLxyFpYBwNkEs0/rbVo68fCGQ6eHWPdwr8AVs8aYecUtT8yFFEIpZFy FajGgKdBKrxoXuzNJpBRT3LvZ6tmbEq9u7Lo4DVNNjA5AIgejpyHk3f6OX951a5z SRLzhSdcnaoOnuDWwk/v =Mouo -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2016-4749 // JVNDB: JVNDB-2016-004776 // BID: 92932 // VULHUB: VHN-93568 // PACKETSTORM: 138737

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:lteversion:9.3.5

Trust: 1.0

vendor:applemodel:iosscope:ltversion:10 (ipad first 4 after generation )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10 (iphone 5 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10 (ipod touch first 6 after generation )

Trust: 0.8

vendor:applemodel:iphone osscope:eqversion:9.3.5

Trust: 0.6

vendor:applemodel:watchosscope:eqversion:2.2.2

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.2

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:50

Trust: 0.3

vendor:applemodel:iosscope:eqversion:40

Trust: 0.3

vendor:applemodel:iosscope:eqversion:30

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:watchosscope:neversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:neversion:10

Trust: 0.3

sources: BID: 92932 // JVNDB: JVNDB-2016-004776 // CNNVD: CNNVD-201609-262 // NVD: CVE-2016-4749

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4749
value: LOW

Trust: 1.0

NVD: CVE-2016-4749
value: LOW

Trust: 0.8

CNNVD: CNNVD-201609-262
value: LOW

Trust: 0.6

VULHUB: VHN-93568
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2016-4749
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93568
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4749
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93568 // JVNDB: JVNDB-2016-004776 // CNNVD: CNNVD-201609-262 // NVD: CVE-2016-4749

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-93568 // JVNDB: JVNDB-2016-004776 // NVD: CVE-2016-4749

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201609-262

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201609-262

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004776

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2016-09-13-1 iOS 10url:http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html
Trust: 0.8
title:HT207143url:https://support.apple.com/en-us/HT207143
Trust: 0.8
title:HT207143url:https://support.apple.com/ja-jp/HT207143
Trust: 0.8
title:Apple iOS Printing UIKit Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64071
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004776 // 
            
            
            
            CNNVD: CNNVD-201609-262

EXTERNAL IDS
db:NVDid:CVE-2016-4749
Trust: 2.9
db:BIDid:92932
Trust: 2.0
db:SECTRACKid:1036797
Trust: 1.1
db:JVNid:JVNVU93841436
Trust: 0.8
db:JVNDBid:JVNDB-2016-004776
Trust: 0.8
db:CNNVDid:CNNVD-201609-262
Trust: 0.7
db:VULHUBid:VHN-93568
Trust: 0.1
db:PACKETSTORMid:138737
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93568 // 
            
            
            
            BID: 92932 // 
            
            
            
            JVNDB: JVNDB-2016-004776 // 
            
            
            
            PACKETSTORM: 138737 // 
            
            
            
            CNNVD: CNNVD-201609-262 // 
            
            
            
            NVD: CVE-2016-4749

REFERENCES
url:http://www.securityfocus.com/bid/92932
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2016/sep/msg00002.html
Trust: 1.1
url:http://lists.apple.com/archives/security-announce/2016/sep/msg00008.html
Trust: 1.1
url:https://support.apple.com/ht207143
Trust: 1.1
url:http://www.securitytracker.com/id/1036797
Trust: 1.1
url:http://www.apple.com/ios/
Trust: 0.9
url:http://www.apple.com/ipad/
Trust: 0.9
url:http://www.apple.com/iphone/
Trust: 0.9
url:http://www.apple.com/ipodtouch/
Trust: 0.9
url:https://support.apple.com/en-in/ht207143
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4749
Trust: 0.8
url:http://jvn.jp/vu/jvnvu93841436/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4749
Trust: 0.8
url:https://www.apple.com/itunes/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4747
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4741
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4740
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4746
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4719
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4620
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4749
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93568 // 
            
            
            
            BID: 92932 // 
            
            
            
            JVNDB: JVNDB-2016-004776 // 
            
            
            
            PACKETSTORM: 138737 // 
            
            
            
            CNNVD: CNNVD-201609-262 // 
            
            
            
            NVD: CVE-2016-4749

CREDITS
Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, Step Wa, Ahmad-Reza Sadeghi (TU Darmstadt),Raul Siles of DinoSec, Dave Aitel, Antoine M of France, William Enck (North Carolina State University); Lucas Vincenzo Davi, Step Wal
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201609-262

SOURCES
db:VULHUBid:VHN-93568
db:BIDid:92932
db:JVNDBid:JVNDB-2016-004776
db:PACKETSTORMid:138737
db:CNNVDid:CNNVD-201609-262
db:NVDid:CVE-2016-4749

LAST UPDATE DATE
2025-04-13T19:55:42.110000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-93568date:2017-08-13T00:00:00
db:BIDid:92932date:2019-04-12T21:00:00
db:JVNDBid:JVNDB-2016-004776date:2016-09-20T00:00:00
db:CNNVDid:CNNVD-201609-262date:2019-04-15T00:00:00
db:NVDid:CVE-2016-4749date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-93568date:2016-09-18T00:00:00
db:BIDid:92932date:2016-09-13T00:00:00
db:JVNDBid:JVNDB-2016-004776date:2016-09-20T00:00:00
db:PACKETSTORMid:138737date:2016-09-14T23:01:11
db:CNNVDid:CNNVD-201609-262date:2016-09-14T00:00:00
db:NVDid:CVE-2016-4749date:2016-09-18T22:59:10.563