Sign-up

ID

VAR-201702-0326


CVE

CVE-2016-4665


TITLE

plural Apple Product Sandbox Profile Component Vulnerability to Read Audio Recording Directory Metadata

Trust: 0.8

sources: JVNDB: JVNDB-2016-007435

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Sandbox Profiles" component, which allows attackers to read audio-recording metadata via a crafted app. Apple iOS, WatchOS and tvOS are prone to multiple information-disclosure vulnerabilities. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. in the United States. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; watchOS is a smart watch operating system. Sandbox Profiles is one of the Sandbox (Sandbox) components. An information disclosure vulnerability exists in the Sandbox Profiles component of several Apple products. The following products and versions are affected: Apple iOS prior to 10.1, tvOS prior to 10.0.1, watchOS prior to 3.1. CVE-2016-4669: Ian Beer of Google Project Zero Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-10-24-1 iOS 10.1 iOS 10.1 is now available and addresses the following: CFNetwork Proxies Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: A phishing issue existed in the handling of proxy credentials. This issue was addressed by removing unsolicited proxy password authentication prompts. CVE-2016-7579: Jerry Decime Contacts Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to maintain access to the Address Book after access is revoked in Settings Description: An access control issue in the Address Book was addressed through improved file-link validation. CVE-2016-4686: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) CoreGraphics Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent FaceTime Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635: Martin Vigo (@martin_vigo) of salesforce.com FontParser Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Parsing a maliciously crafted font may disclose sensitive user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4660: Ke Liu of Tencent's Xuanwu Lab Kernel Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to disclose kernel memory Description: A validation issue was addressed through improved input sanitization. CVE-2016-4680: Max Bazaliy of Lookout and in7egral libarchive Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A malicious archive may be able to overwrite arbitrary files Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization. CVE-2016-4679: Omer Medan of enSilo Ltd libxpc Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to execute arbitrary code with root privileges Description: A logic issue was addressed through additional restrictions. CVE-2016-4675: Ian Beer of Google Project Zero Sandbox Profiles Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to retrieve metadata of photo directories Description: An access issue was addressed through additional sandbox restrictions on third party applications. CVE-2016-4664: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) Sandbox Profiles Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to retrieve metadata of audio recording directories Description: An access issue was addressed through additional sandbox restrictions on third party applications. CVE-2016-4665: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) System Boot Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: Multiple input validation issues existed in MIG generated code. These issues were addressed through improved validation. CVE-2016-4669: Ian Beer of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4677: An anonymous researcher working with Trend Micro's Zero Day Initiative Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10.1". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYDlqUAAoJEIOj74w0bLRGj64P/1A9yH47yTZLjBHdmy+eoz/d 5AZSnF/cyDeyeTb+Z8ELzVJMsucpJy7Xyv32IxvgSji8IplKkinw66j7mErs1/YY q/IQCD8NM6IOZVcgiL/aUDFWtxmAUHwRftAk36RTaglMoeWx23I36NFN7xbhWUL5 EyMXoQzNUHQ38bReQqpXEEwydMin1iFPed0207714PnmfvM7o5LGRBRjjJ1gOQLq HSNKfay/L1hSFZFkwkjqgvbelRzhvDr4eqEFriBf39u8a8uLAG92fuV9QMoF7p7q paXwZk4fWMlHi8Xr3fg2gaW0MjSMrz6oJwOpZRdPKwLl2IW7fMuk+oIBPcRVl8m/ yxZxZlq4DpCjnp0mfNRx9YuVWwCKNjqtzYj1hirhL654jkTW+1cO1rvewVFOPPIs MEYoSecYN09g7aBer0tPE4GcekMW0cEV4rzQI/0Jy+lIfdFwSjmz1GdZnpPMIwZl RmI/Eda0O9OkwNbqU+E+6DdCL2r/cCflj3QwNxEDtYNgCPuz7tlwVBqqkewVVYH2 AqQtNQZEXeRDS04ncQgrhoXnTfcnM1TRaOzuy58/sJfk707TV9NZiahMiEbqUxhe fahnRE4YUFpvwJZFegNKztUrdeNe56YAhBTksDNA49rpY4TgN8x5G2byt5txr7xV m7KJFe1t8NabLisqOrHI =vxwr -----END PGP SIGNATURE-----

Trust: 2.25

sources: NVD: CVE-2016-4665 // JVNDB: JVNDB-2016-007435 // BID: 93854 // VULHUB: VHN-93484 // PACKETSTORM: 139324 // PACKETSTORM: 139319 // PACKETSTORM: 139323

AFFECTED PRODUCTS

vendor:applemodel:watchosscope:lteversion:2.2.2

Trust: 1.0

vendor:applemodel:iphone osscope:lteversion:10.0.3

Trust: 1.0

vendor:applemodel:tvosscope:lteversion:10.0

Trust: 1.0

vendor:applemodel:watchosscope:eqversion:2.2.2

Trust: 0.9

vendor:applemodel:iosscope:ltversion:10.1 (ipad first 4 after generation )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10.1 (iphone 5 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10.1 (ipod touch first 6 after generation )

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:10.0.1 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:3.1 (apple watch all models )

Trust: 0.8

vendor:applemodel:tvscope:eqversion:10.0.0

Trust: 0.6

vendor:applemodel:watch osscope:eqversion:3.0.0

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:10.0.3

Trust: 0.6

vendor:applemodel:watchosscope:eqversion:2.2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:3

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.2

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2.2

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:10

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:50

Trust: 0.3

vendor:applemodel:iosscope:eqversion:40

Trust: 0.3

vendor:applemodel:iosscope:eqversion:30

Trust: 0.3

vendor:applemodel:iosscope:eqversion:10.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:10

Trust: 0.3

vendor:applemodel:watchosscope:neversion:3.1

Trust: 0.3

vendor:applemodel:tvosscope:neversion:10.0.1

Trust: 0.3

vendor:applemodel:iosscope:neversion:10.1

Trust: 0.3

sources: BID: 93854 // JVNDB: JVNDB-2016-007435 // CNNVD: CNNVD-201610-733 // NVD: CVE-2016-4665

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4665
value: LOW

Trust: 1.0

NVD: CVE-2016-4665
value: LOW

Trust: 0.8

CNNVD: CNNVD-201610-733
value: LOW

Trust: 0.6

VULHUB: VHN-93484
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-4665
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93484
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4665
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93484 // JVNDB: JVNDB-2016-007435 // CNNVD: CNNVD-201610-733 // NVD: CVE-2016-4665

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-93484 // JVNDB: JVNDB-2016-007435 // NVD: CVE-2016-4665

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201610-733

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201610-733

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-007435

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2016-10-24-4 tvOS 10.0.1url:https://lists.apple.com/archives/security-announce/2016/Oct/msg00003.html
Trust: 0.8
title:APPLE-SA-2016-10-24-1 iOS 10.1url:https://lists.apple.com/archives/security-announce/2016/Oct/msg00000.html
Trust: 0.8
title:APPLE-SA-2016-10-24-5 watchOS 3.1url:https://lists.apple.com/archives/security-announce/2016/Oct/msg00004.html
Trust: 0.8
title:HT207269url:https://support.apple.com/en-us/HT207269
Trust: 0.8
title:HT207270url:https://support.apple.com/en-us/HT207270
Trust: 0.8
title:HT207271url:https://support.apple.com/en-us/HT207271
Trust: 0.8
title:HT207269url:https://support.apple.com/ja-jp/HT207269
Trust: 0.8
title:HT207270url:https://support.apple.com/ja-jp/HT207270
Trust: 0.8
title:HT207271url:https://support.apple.com/ja-jp/HT207271
Trust: 0.8
title:Multiple Apple product Sandbox Profiles Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65095
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-007435 // 
            
            
            
            CNNVD: CNNVD-201610-733

EXTERNAL IDS
db:NVDid:CVE-2016-4665
Trust: 3.1
db:BIDid:93854
Trust: 2.0
db:SECTRACKid:1037088
Trust: 1.7
db:JVNid:JVNVU90743185
Trust: 0.8
db:JVNDBid:JVNDB-2016-007435
Trust: 0.8
db:CNNVDid:CNNVD-201610-733
Trust: 0.7
db:VULHUBid:VHN-93484
Trust: 0.1
db:PACKETSTORMid:139324
Trust: 0.1
db:PACKETSTORMid:139319
Trust: 0.1
db:PACKETSTORMid:139323
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93484 // 
            
            
            
            BID: 93854 // 
            
            
            
            JVNDB: JVNDB-2016-007435 // 
            
            
            
            PACKETSTORM: 139324 // 
            
            
            
            PACKETSTORM: 139319 // 
            
            
            
            PACKETSTORM: 139323 // 
            
            
            
            CNNVD: CNNVD-201610-733 // 
            
            
            
            NVD: CVE-2016-4665

REFERENCES
url:http://www.securityfocus.com/bid/93854
Trust: 1.7
url:https://support.apple.com/ht207269
Trust: 1.7
url:https://support.apple.com/ht207270
Trust: 1.7
url:https://support.apple.com/ht207271
Trust: 1.7
url:http://www.securitytracker.com/id/1037088
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4665
Trust: 0.8
url:http://jvn.jp/vu/jvnvu90743185/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4665
Trust: 0.8
url:https://www.apple.com/
Trust: 0.3
url:http://www.apple.com/ios/
Trust: 0.3
url:http://www.apple.com/accessibility/tvos/
Trust: 0.3
url:http://www.apple.com/watchos-2/
Trust: 0.3
url:https://support.apple.com/en-ie/ht207271
Trust: 0.3
url:https://support.apple.com/en-ie/ht207270
Trust: 0.3
url:https://support.apple.com/en-ie/ht207269
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4664
Trust: 0.3
url:https://support.apple.com/kb/ht201222
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4665
Trust: 0.3
url:https://www.apple.com/support/security/pgp/
Trust: 0.3
url:https://gpgtools.org
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4679
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4669
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4675
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4660
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4680
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4673
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2016-4677
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2016-7579
Trust: 0.2
url:https://support.apple.com/kb/ht204641
Trust: 0.1
url:https://www.apple.com/itunes/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4686
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4635
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93484 // 
            
            
            
            BID: 93854 // 
            
            
            
            JVNDB: JVNDB-2016-007435 // 
            
            
            
            PACKETSTORM: 139324 // 
            
            
            
            PACKETSTORM: 139319 // 
            
            
            
            PACKETSTORM: 139323 // 
            
            
            
            CNNVD: CNNVD-201610-733 // 
            
            
            
            NVD: CVE-2016-4665

CREDITS
Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, Ahmad-Reza Sadeghi (TU Darmstadt), William Enck (North Carolina State University); Lucas Vincenzo Davi,Max Bazaliy of Lookout and in7egral
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201610-733

SOURCES
db:VULHUBid:VHN-93484
db:BIDid:93854
db:JVNDBid:JVNDB-2016-007435
db:PACKETSTORMid:139324
db:PACKETSTORMid:139319
db:PACKETSTORMid:139323
db:CNNVDid:CNNVD-201610-733
db:NVDid:CVE-2016-4665

LAST UPDATE DATE
2025-04-20T22:06:40.304000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-93484date:2019-03-08T00:00:00
db:BIDid:93854date:2016-10-26T00:18:00
db:JVNDBid:JVNDB-2016-007435date:2017-03-01T00:00:00
db:CNNVDid:CNNVD-201610-733date:2019-03-13T00:00:00
db:NVDid:CVE-2016-4665date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:VULHUBid:VHN-93484date:2017-02-20T00:00:00
db:BIDid:93854date:2016-10-24T00:00:00
db:JVNDBid:JVNDB-2016-007435date:2017-03-01T00:00:00
db:PACKETSTORMid:139324date:2016-10-24T23:34:22
db:PACKETSTORMid:139319date:2016-10-24T21:43:56
db:PACKETSTORMid:139323date:2016-10-24T23:01:11
db:CNNVDid:CNNVD-201610-733date:2016-10-25T00:00:00
db:NVDid:CVE-2016-4665date:2017-02-20T08:59:00.417