Details of VAR-201702-0195

ID

VAR-201702-0195

CVE

CVE-2016-7596

TITLE

Apple macOS of Bluetooth Component vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2016-007386

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-12-13-1 macOS 10.12.2 macOS 10.12.2 is now available and addresses the following: apache_mod_php Available for: macOS Sierra 10.12.1 Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: Multiple issues existed in PHP before 5.6.26. These were addressed by updating PHP to version 5.6.26. CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-7609: daybreaker@Minionz working with Trend Micro's Zero Day Initiative Assets Available for: macOS Sierra 10.12.1 Impact: A local attacker may modify downloaded mobile assets Description: A permissions issue existed in mobile assets. This issue was addressed through improved access restrictions. CVE-2016-7628: an anonymous researcher Audio Available for: macOS Sierra 10.12.1 Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-7658: Haohao Kong of Keen Lab (@keen_lab) of Tencent CVE-2016-7659: Haohao Kong of Keen Lab (@keen_lab) of Tencent Bluetooth Available for: macOS Sierra 10.12.1, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-7596: Pekka Oikarainen, Matias Karhumaa and Marko Laakso of Synopsys Software Integrity Group Bluetooth Available for: macOS Sierra 10.12.1 Impact: An application may be able to cause a denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-7617: Radu Motspan working with Trend Micro's Zero Day Initiative, Ian Beer of Google Project Zero CoreCapture Available for: macOS Sierra 10.12.1 and OS X El Capitan v10.11.6 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved state management. CVE-2016-7604: daybreaker of Minionz CoreFoundation Available for: macOS Sierra 10.12.1 Impact: Processing malicious strings may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of strings. This issue was addressed through improved bounds checking. CVE-2016-7663: an anonymous researcher CoreGraphics Available for: macOS Sierra 10.12.1 Impact: Processing a maliciously crafted font file may lead to unexpected application termination Description: A null pointer dereference was addressed through improved input validation. CVE-2016-7627: TRAPMINE Inc. CVE-2016-7655: Keen Lab working with Trend Micro's Zero Day Initiative CoreMedia Playback Available for: macOS Sierra 10.12.1 Impact: Processing a maliciously crafted .mp4 file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-7588: dragonltx of Huawei 2012 Laboratories CoreStorage Available for: macOS Sierra 10.12.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-7603: daybreaker@Minionz working with Trend Micro's Zero Day Initiative CoreText Available for: macOS Sierra 10.12.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-2016-7595: riusksk(ae3aY=) of Tencent Security Platform Department curl Available for: macOS Sierra 10.12.1 Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0. CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-7141 CVE-2016-7167 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Directory Services Available for: macOS Sierra 10.12.1 Impact: A local user may be able to gain root privileges Description: A use after free issue was addressed through improved memory management. CVE-2016-7633: Ian Beer of Google Project Zero Disk Images Available for: macOS Sierra 10.12.1 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-7616: daybreaker@Minionz working with Trend Micro's Zero Day Initiative FontParser Available for: macOS Sierra 10.12.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-2016-4691: riusksk(ae3aY=) of Tencent Security Platform Department FontParser Available for: macOS Sierra 10.12.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking. CVE-2016-4688: Simon Huang of Alipay company, thelongestusernameofall@gmail.com Foundation Available for: macOS Sierra 10.12.1 Impact: Opening a maliciously crafted .gcx file may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-7618: riusksk(ae3aY=) of Tencent Security Platform Department Grapher Available for: macOS Sierra 10.12.1 Impact: Opening a maliciously crafted .gcx file may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-7622: riusksk(ae3aY=) of Tencent Security Platform Department ICU Available for: macOS Sierra 10.12.1 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-7594: AndrA(c) Bargull ImageIO Available for: macOS Sierra 10.12.1 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-7602: daybreaker@Minionz working with Trend Micro's Zero Day Initiative IOAcceleratorFamily Available for: macOS Sierra 10.12.1 Impact: A local user may be able to determine kernel memory layout Description: A shared memory issue was addressed through improved memory handling. CVE-2016-7624 : Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative IOFireWireFamily Available for: macOS Sierra 10.12.1 Impact: A local attacker may be able to read kernel memory Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-1823: Ian Beer of Google Project Zero IOHIDFamily Available for: macOS Sierra 10.12.1 Impact: A local application with system privileges may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2016-7591: daybreaker of Minionz IOKit Available for: macOS Sierra 10.12.1 Impact: A local user may be able to determine kernel memory layout Description: A shared memory issue was addressed through improved memory handling. CVE-2016-7625: Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative IOKit Available for: macOS Sierra 10.12.1 Impact: An application may be able to read kernel memory Description: A memory corruption issue was addressed through improved input validation. CVE-2016-7657: Keen Lab working with Trend Micro's Zero Day Initiative IOSurface Available for: macOS Sierra 10.12.1 Impact: A local user may be able to determine kernel memory layout Description: A shared memory issue was addressed through improved memory handling. CVE-2016-7620: Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative Kernel Available for: macOS Sierra 10.12.1 Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2016-7606: @cocoahuke, Chen Qin of Topsec Alpha Team (topsec.com) CVE-2016-7612: Ian Beer of Google Project Zero Kernel Available for: macOS Sierra 10.12.1 Impact: An application may be able to read kernel memory Description: An insufficient initialization issue was addressed by properly initializing memory returned to user space. CVE-2016-7607: Brandon Azad Kernel Available for: macOS Sierra 10.12.1 Impact: A local user may be able to cause a system denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2016-7615: The UK's National Cyber Security Centre (NCSC) Kernel Available for: macOS Sierra 10.12.1 Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: A use after free issue was addressed through improved memory management. CVE-2016-7621: Ian Beer of Google Project Zero Kernel Available for: macOS Sierra 10.12.1 Impact: A local user may be able to gain root privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-7637: Ian Beer of Google Project Zero Kernel Available for: macOS Sierra 10.12.1 Impact: A local application with system privileges may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2016-7644: Ian Beer of Google Project Zero kext tools Available for: macOS Sierra 10.12.1 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-7629: @cocoahuke libarchive Available for: macOS Sierra 10.12.1 Impact: A local attacker may be able to overwrite existing files Description: A validation issue existed in the handling of symlinks. This issue was addressed through improved validation of symlinks. CVE-2016-7619: an anonymous researcher LibreSSL Available for: macOS Sierra 10.12.1 and OS X El Capitan v10.11.6 Impact: An attacker with a privileged network position may be able to cause a denial of service Description: A denial of service issue in unbounded OCSP growth was addressed through improved memory handling. CVE-2016-6304 OpenLDAP Available for: macOS Sierra 10.12.1 Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm Description: RC4 was removed as a default cipher. CVE-2016-1777: Pepi Zawodsky OpenPAM Available for: macOS Sierra 10.12.1 Impact: A local unprivileged user may gain access to privileged applications Description: PAM authentication within sandboxed applications failed insecurely. This was addressed with improved error handling. CVE-2016-7600: Perette Barella of DeviousFish.com OpenSSL Available for: macOS Sierra 10.12.1 Impact: An application may be able to execute arbitrary code Description: An overflow issue existed in MDC2_Update(). This issue was addressed through improved input validation. CVE-2016-6304 Power Management Available for: macOS Sierra 10.12.1 Impact: A local user may be able to gain root privileges Description: An issue in mach port name references was addressed through improved validation. CVE-2016-7661: Ian Beer of Google Project Zero Security Available for: macOS Sierra 10.12.1 Impact: An attacker may be able to exploit weaknesses in the 3DES cryptographic algorithm Description: 3DES was removed as a default cipher. CVE-2016-4693: GaA<<tan Leurent and Karthikeyan Bhargavan from INRIA Paris Security Available for: macOS Sierra 10.12.1 Impact: An attacker in a privileged network position may be able to cause a denial of service Description: A validation issue existed in the handling of OCSP responder URLs. This issue was addressed by verifying OCSP revocation status after CA validation and limiting the number of OCSP requests per certificate. CVE-2016-7636: Maksymilian Arciemowicz (cxsecurity.com) Security Available for: macOS Sierra 10.12.1 Impact: Certificates may be unexpectedly evaluated as trusted Description: A certificate evaluation issue existed in certificate validation. This issue was addressed through additional validation of certificates. CVE-2016-7662: Apple syslog Available for: macOS Sierra 10.12.1 Impact: A local user may be able to gain root privileges Description: An issue in mach port name references was addressed through improved validation. CVE-2016-7660: Ian Beer of Google Project Zero macOS 10.12.2 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYT7LKAAoJEIOj74w0bLRGfKwQAN3nnwHgJNE+obIjTzpTHLlh mMQYstsO8Mcj4hjIgTCHuQr1tDldva0IZEivoYAbyXAgM9xKlIbpqBQ5TE94l3nl xTTeVqtozCCdRT36mphvwhPEp38lvclUU1IGxyvP6ieK0dHUKS8LhL9MpnaOinrX UhSiXkMs9tTZI5SgkumzBmg10oOwDnMvZDrwTcxe9vjU26V9S7+VpfsguefwDSLE fHYX4KksoEUZuDdUBrfX2+03QbqYxBjQR9IRdpcX56laq1TGUMTKwkTi9DxJlByP SJl3uvVhqWf1UkYH6x5N/gC9lXq5QO6L7W3W2rRqTtgr2UMPZsBuf0srK/lFmPvC c63thvcZyPk0cDcE7k0ZmlJx+7ihFIiPKdGwLoX5Rl6Zr29Wh9aGKhzUUYO12PUh +x18HRwXxvSv9TXAUYQu5hD48SuhUiMEBO8Qq7Z8XPFEUSJXY2AjGjai9mJYNfC4 OELKPPvYnNSd3m8YGvWY8gWgwyRP0es6U3d5rGatEpA1qcIFmUrHFhpvveL6SRSY xPQgjB/aohg/fDf3jDO1kjR7+v83B+ObbCr8MOgqGNtG3GqOimMOa8XuSMbV7+3u 0kivBY8fxYdBy0pXDdBgv+AHaTue+wgP5tQXFiAxm61Fv+uz/yvR22uaJ39P5cJf msyz+/zQNISkly6K0VBO =0QW0 -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2016-7596 // JVNDB: JVNDB-2016-007386 // BID: 94903 // VULHUB: VHN-96416 // PACKETSTORM: 140151

IOT TAXONOMY

category:

['network device']

sub_category:

bluetooth device

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.12.1	Trust: 1.4
vendor:	apple	model:	mac os x	scope:	lte	version:	10.12.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.10.5	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.6	Trust: 0.8
vendor:	apple	model:	macos	scope:	eq	version:	10.12.1	Trust: 0.3
vendor:	apple	model:	macos	scope:	ne	version:	10.12.2	Trust: 0.3

sources: BID: 94903 // JVNDB: JVNDB-2016-007386 // CNNVD: CNNVD-201612-488 // NVD: CVE-2016-7596

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-7596
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-7596
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201612-488
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-96416
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-7596
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-96416
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-7596
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-96416 // JVNDB: JVNDB-2016-007386 // CNNVD: CNNVD-201612-488 // NVD: CVE-2016-7596

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-96416 // JVNDB: JVNDB-2016-007386 // NVD: CVE-2016-7596

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-488

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201612-488

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007386

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2016-12-13-1 macOS 10.12.2	url:	https://lists.apple.com/archives/security-announce/2016/Dec/msg00003.html	Trust: 0.8
title:	HT207423	url:	https://support.apple.com/en-us/HT207423	Trust: 0.8
title:	HT207423	url:	https://support.apple.com/ja-jp/HT207423	Trust: 0.8
title:	Apple macOS Sierra Bluetooth Fixes for component security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66522	Trust: 0.6

sources: JVNDB: JVNDB-2016-007386 // CNNVD: CNNVD-201612-488

EXTERNAL IDS

db:	NVD	id:	CVE-2016-7596	Trust: 3.0
db:	BID	id:	94903	Trust: 2.0
db:	SECTRACK	id:	1037469	Trust: 1.1
db:	JVN	id:	JVNVU97133642	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-007386	Trust: 0.8
db:	CNNVD	id:	CNNVD-201612-488	Trust: 0.7
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULHUB	id:	VHN-96416	Trust: 0.1
db:	PACKETSTORM	id:	140151	Trust: 0.1

sources: OTHER: None // VULHUB: VHN-96416 // BID: 94903 // JVNDB: JVNDB-2016-007386 // PACKETSTORM: 140151 // CNNVD: CNNVD-201612-488 // NVD: CVE-2016-7596

REFERENCES

url:	http://www.securityfocus.com/bid/94903	Trust: 1.7
url:	https://support.apple.com/ht207423	Trust: 1.7
url:	http://www.securitytracker.com/id/1037469	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7596	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu97133642/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7596	Trust: 0.8
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7413	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1823	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://gpgtools.org	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7602	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7414	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7588	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7416	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5419	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4691	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7141	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4693	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5420	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7591	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4688	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-6303	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7596	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7603	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5421	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7411	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1777	Trust: 0.1
url:	https://www.apple.com/support/downloads/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-6304	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7594	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7595	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7418	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7412	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7167	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7604	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7600	Trust: 0.1

sources: OTHER: None // VULHUB: VHN-96416 // BID: 94903 // JVNDB: JVNDB-2016-007386 // PACKETSTORM: 140151 // CNNVD: CNNVD-201612-488 // NVD: CVE-2016-7596

CREDITS

daybreaker@Minionz working with Trend Micro's Zero Day Initiative, an anonymous researcher, Pekka Oikarainen, Matias Karhumaa and Marko Laakso of Synopsys Software Integrity Group, daybreaker of Minionz, Radu Motspan working with Trend Micro's Zero Day In

Trust: 0.6

sources: CNNVD: CNNVD-201612-488

SOURCES

db:	OTHER	id:	-
db:	VULHUB	id:	VHN-96416
db:	BID	id:	94903
db:	JVNDB	id:	JVNDB-2016-007386
db:	PACKETSTORM	id:	140151
db:	CNNVD	id:	CNNVD-201612-488
db:	NVD	id:	CVE-2016-7596

LAST UPDATE DATE

2025-04-20T21:45:28.508000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-96416	date:	2017-07-27T00:00:00
db:	BID	id:	94903	date:	2016-12-20T00:09:00
db:	JVNDB	id:	JVNDB-2016-007386	date:	2017-02-28T00:00:00
db:	CNNVD	id:	CNNVD-201612-488	date:	2017-02-28T00:00:00
db:	NVD	id:	CVE-2016-7596	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-96416	date:	2017-02-20T00:00:00
db:	BID	id:	94903	date:	2016-12-13T00:00:00
db:	JVNDB	id:	JVNDB-2016-007386	date:	2017-02-28T00:00:00
db:	PACKETSTORM	id:	140151	date:	2016-12-14T12:12:12
db:	CNNVD	id:	CNNVD-201612-488	date:	2016-12-15T00:00:00
db:	NVD	id:	CVE-2016-7596	date:	2017-02-20T08:59:02.010