Details of VAR-201702-0263

ID

VAR-201702-0263

CVE

CVE-2016-7666

TITLE

Apple Transporter of iTMSTransporter Vulnerabilities that can capture important information in components

Trust: 0.8

sources: JVNDB: JVNDB-2016-007427

DESCRIPTION

An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the "iTMSTransporter" component, which allows attackers to obtain sensitive information via a crafted EPUB. Apple Transporter are prone to an information-disclosure vulnerability. This may lead to further attacks. Versions prior to Apple Transporter 1.9.2 are vulnerable. Apple Transporter is a set of Java-based command-line tools for verifying metadata from Apple (Apple). iTMSTransporter is one of the components to install and run Transporter. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-12-13-8 Transporter 1.9.2 Transporter 1.9.2 is now available and addresses the following: iTMSTransporter Available for: iTunes Producer 3.1.1, OS X v10.6 and later (64 bit), Windows 7 and later (32 bit), and Red Hat Enterprise Linux (64 bit) Impact: Parsing maliciously crafted EPUB may lead to disclosure of user information Description: An information disclosure issue existed in the parsing of EPUB. This issue was addressed through improved parsing. CVE-2016-7666: Craig Arendt of Stratum Security Transporter 1.9.2 may be obtained from: https://itunesconnect.apple.com/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYUD1/AAoJEIOj74w0bLRGYFYQANGsJJk34XxNyanUy0p/YDf7 bL62s4gxuNVwSlD2G054/OvsQjlXFlMlgsWDbVuj5uUffoFYdEhdL6j5t7t996V2 ledTUy84Qv5vHXuJcbuVbRhaPBGyl24Nwz5B4W7QWhARVeF4BaMNyztXdgfv6Y9N /8HzDvP4AoENuNcGdXsLq7CeWPPhUtFyHHJLVXTJXYJHG/ayTb8yLW3quhlK5DrQ E0V5uiwX5AK0MPUfGnwZRhMoOvUc7GdGFrQdpxTtd7pMjms74QICr25X//fD7kAL e6shvDmliCtCxGPMPb3/nGAcwZ0TVRSpJHxmcFdROWpzK3BcOWj0wIJgDtEs9OkY /YwoA3iWM6BUalfAz/kw1jMzm9nc35Y+U/gmt5vS81mPecZ6mMBbjsYsJylW4cEh CxAMiIRThZBlvkn7ZyV3riDUIgO2O149NytgWXLXI31VVlUlM5v2ScQywGSVtskG LDwqhb+o7q+UdYEXZlWs2sf1oYZ2wBZh+ZWqlNx3y7TZgUaoLkL38SbRSyDVdZoE WU94s5sqCRGW40WJoZ/QFkcfO/C9m/6Da5Z4DC1B3R4P4aNh4m2HPowZZE+VZfOl 08Mw7MJqfIjk5Xo8U9BoGNnxbB64htrBHuUw46jLHC9dgij/J6pF7DLOMTwC6fYQ OqI2SnPh/q9HHs1FZuFE =6p61 -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2016-7666 // JVNDB: JVNDB-2016-007427 // BID: 94912 // VULHUB: VHN-96486 // PACKETSTORM: 140158

AFFECTED PRODUCTS

vendor:	apple	model:	transporter	scope:	lte	version:	1.9.1	Trust: 1.0
vendor:	apple	model:	transporter	scope:	lt	version:	1.9.2 (itunes producer 3.1.1)	Trust: 0.8
vendor:	apple	model:	transporter	scope:	lt	version:	1.9.2 (os x v10.6 or later (64 bit ))	Trust: 0.8
vendor:	apple	model:	transporter	scope:	lt	version:	1.9.2 (red hat enterprise linux (64 bit ))	Trust: 0.8
vendor:	apple	model:	transporter	scope:	lt	version:	1.9.2 (windows 7 or later (32 bit ))	Trust: 0.8
vendor:	apple	model:	transporter	scope:	eq	version:	1.9.1	Trust: 0.6
vendor:	apple	model:	transporter	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	transporter	scope:	ne	version:	1.9.2	Trust: 0.3

sources: BID: 94912 // JVNDB: JVNDB-2016-007427 // CNNVD: CNNVD-201612-435 // NVD: CVE-2016-7666

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-7666
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-7666
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201612-435
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-96486
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-7666
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-96486
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-7666
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-96486 // JVNDB: JVNDB-2016-007427 // CNNVD: CNNVD-201612-435 // NVD: CVE-2016-7666

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-96486 // JVNDB: JVNDB-2016-007427 // NVD: CVE-2016-7666

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-435

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201612-435

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007427

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2016-12-13-8 Transporter 1.9.2	url:	https://lists.apple.com/archives/security-announce/2016/Dec/msg00010.html	Trust: 0.8
title:	HT207432	url:	https://support.apple.com/en-us/HT207432	Trust: 0.8
title:	HT207432	url:	https://support.apple.com/ja-jp/HT207432	Trust: 0.8
title:	Apple Transporter Repair measures for information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66469	Trust: 0.6

sources: JVNDB: JVNDB-2016-007427 // CNNVD: CNNVD-201612-435

EXTERNAL IDS

db:	NVD	id:	CVE-2016-7666	Trust: 2.9
db:	BID	id:	94912	Trust: 2.0
db:	JVNDB	id:	JVNDB-2016-007427	Trust: 0.8
db:	CNNVD	id:	CNNVD-201612-435	Trust: 0.7
db:	PACKETSTORM	id:	140158	Trust: 0.2
db:	VULHUB	id:	VHN-96486	Trust: 0.1

sources: VULHUB: VHN-96486 // BID: 94912 // JVNDB: JVNDB-2016-007427 // PACKETSTORM: 140158 // CNNVD: CNNVD-201612-435 // NVD: CVE-2016-7666

REFERENCES

url:	http://www.securityfocus.com/bid/94912	Trust: 1.7
url:	https://support.apple.com/ht207432	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7666	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7666	Trust: 0.8
url:	https://www.apple.com/	Trust: 0.3
url:	https://support.apple.com/en-us/ht201222	Trust: 0.3
url:	https://itunesconnect.apple.com/	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7666	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://gpgtools.org	Trust: 0.1

sources: VULHUB: VHN-96486 // BID: 94912 // JVNDB: JVNDB-2016-007427 // PACKETSTORM: 140158 // CNNVD: CNNVD-201612-435 // NVD: CVE-2016-7666

CREDITS

Craig Arendt of Stratum Security.

Trust: 0.9

sources: BID: 94912 // CNNVD: CNNVD-201612-435

SOURCES

db:	VULHUB	id:	VHN-96486
db:	BID	id:	94912
db:	JVNDB	id:	JVNDB-2016-007427
db:	PACKETSTORM	id:	140158
db:	CNNVD	id:	CNNVD-201612-435
db:	NVD	id:	CVE-2016-7666

LAST UPDATE DATE

2025-04-20T23:23:53.070000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-96486	date:	2017-02-22T00:00:00
db:	BID	id:	94912	date:	2016-12-20T01:09:00
db:	JVNDB	id:	JVNDB-2016-007427	date:	2017-03-01T00:00:00
db:	CNNVD	id:	CNNVD-201612-435	date:	2017-03-01T00:00:00
db:	NVD	id:	CVE-2016-7666	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-96486	date:	2017-02-20T00:00:00
db:	BID	id:	94912	date:	2016-12-13T00:00:00
db:	JVNDB	id:	JVNDB-2016-007427	date:	2017-03-01T00:00:00
db:	PACKETSTORM	id:	140158	date:	2016-12-14T17:32:22
db:	CNNVD	id:	CNNVD-201612-435	date:	2016-12-16T00:00:00
db:	NVD	id:	CVE-2016-7666	date:	2017-02-20T08:59:04.370