Details of VAR-201702-0460

ID

VAR-201702-0460

CVE

CVE-2016-7579

TITLE

plural Apple Product CFNetwork Proxies Component forged proxy password authentication request vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-007478

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "CFNetwork Proxies" component, which allows man-in-the-middle attackers to spoof a proxy password authentication requirement and obtain sensitive information. Apple iOS, tvOS and macOS are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Versions prior to iOS 10.1, tvOS 10.0.1 and macOS 10.12.1 are vulnerable. in the United States. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; macOS is a dedicated operating system developed for Mac computers. CFNetwork Proxies is one of the components used to handle proxy connection response issues. An information disclosure vulnerability exists in the CFNetwork Proxies component of several Apple products. CVE-2016-4662: Apple AppleSMC Available for: macOS Sierra 10.12 Impact: A local user may be able to elevate privileges Description: A null pointer dereference was addressed through improved locking. CVE-2016-4671: Ke Liu of Tencent's Xuanwu Lab, Juwei Lin (@fuzzerDOTcn) ImageIO Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6 Impact: Processing a maliciously crafted image may result in the disclosure of process memory Description: An out-of-bounds read issue existed in the SGI image parsing. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-10-24-1 iOS 10.1 iOS 10.1 is now available and addresses the following: CFNetwork Proxies Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: A phishing issue existed in the handling of proxy credentials. CVE-2016-7579: Jerry Decime Contacts Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to maintain access to the Address Book after access is revoked in Settings Description: An access control issue in the Address Book was addressed through improved file-link validation. CVE-2016-4686: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) CoreGraphics Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent FaceTime Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635: Martin Vigo (@martin_vigo) of salesforce.com FontParser Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Parsing a maliciously crafted font may disclose sensitive user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4660: Ke Liu of Tencent's Xuanwu Lab Kernel Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to disclose kernel memory Description: A validation issue was addressed through improved input sanitization. CVE-2016-4680: Max Bazaliy of Lookout and in7egral libarchive Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A malicious archive may be able to overwrite arbitrary files Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization. CVE-2016-4679: Omer Medan of enSilo Ltd libxpc Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to execute arbitrary code with root privileges Description: A logic issue was addressed through additional restrictions. CVE-2016-4675: Ian Beer of Google Project Zero Sandbox Profiles Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to retrieve metadata of photo directories Description: An access issue was addressed through additional sandbox restrictions on third party applications. CVE-2016-4664: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) Sandbox Profiles Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to retrieve metadata of audio recording directories Description: An access issue was addressed through additional sandbox restrictions on third party applications. CVE-2016-4665: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt) System Boot Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: Multiple input validation issues existed in MIG generated code. These issues were addressed through improved validation. CVE-2016-4669: Ian Beer of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4677: An anonymous researcher working with Trend Micro's Zero Day Initiative Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10.1". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYDlqUAAoJEIOj74w0bLRGj64P/1A9yH47yTZLjBHdmy+eoz/d 5AZSnF/cyDeyeTb+Z8ELzVJMsucpJy7Xyv32IxvgSji8IplKkinw66j7mErs1/YY q/IQCD8NM6IOZVcgiL/aUDFWtxmAUHwRftAk36RTaglMoeWx23I36NFN7xbhWUL5 EyMXoQzNUHQ38bReQqpXEEwydMin1iFPed0207714PnmfvM7o5LGRBRjjJ1gOQLq HSNKfay/L1hSFZFkwkjqgvbelRzhvDr4eqEFriBf39u8a8uLAG92fuV9QMoF7p7q paXwZk4fWMlHi8Xr3fg2gaW0MjSMrz6oJwOpZRdPKwLl2IW7fMuk+oIBPcRVl8m/ yxZxZlq4DpCjnp0mfNRx9YuVWwCKNjqtzYj1hirhL654jkTW+1cO1rvewVFOPPIs MEYoSecYN09g7aBer0tPE4GcekMW0cEV4rzQI/0Jy+lIfdFwSjmz1GdZnpPMIwZl RmI/Eda0O9OkwNbqU+E+6DdCL2r/cCflj3QwNxEDtYNgCPuz7tlwVBqqkewVVYH2 AqQtNQZEXeRDS04ncQgrhoXnTfcnM1TRaOzuy58/sJfk707TV9NZiahMiEbqUxhe fahnRE4YUFpvwJZFegNKztUrdeNe56YAhBTksDNA49rpY4TgN8x5G2byt5txr7xV m7KJFe1t8NabLisqOrHI =vxwr -----END PGP SIGNATURE-----

Trust: 2.25

sources: NVD: CVE-2016-7579 // JVNDB: JVNDB-2016-007478 // BID: 93856 // VULHUB: VHN-96399 // PACKETSTORM: 139320 // PACKETSTORM: 139319 // PACKETSTORM: 139323

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	lt	version:	10.1	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	10.0.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.12.1	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.12	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.1 (ipad first 4 after generation )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.1 (iphone 5 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.1 (ipod touch first 6 after generation )	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	10.0.1 (apple tv first 4 generation )	Trust: 0.8
vendor:	apple	model:	tv	scope:	eq	version:	10.0.0	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	10.0.3	Trust: 0.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.12.0	Trust: 0.6
vendor:	apple	model:	tvos	scope:	eq	version:	9.2.2	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.1.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.0	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.12	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	tvos	scope:	ne	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	macos	scope:	ne	version:	10.12.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	10.1	Trust: 0.3

sources: BID: 93856 // JVNDB: JVNDB-2016-007478 // CNNVD: CNNVD-201610-730 // NVD: CVE-2016-7579

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-7579
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-7579
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201610-730
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-96399
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-7579
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-96399
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-7579
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-96399 // JVNDB: JVNDB-2016-007478 // CNNVD: CNNVD-201610-730 // NVD: CVE-2016-7579

PROBLEMTYPE DATA

problemtype:	CWE-200	Trust: 1.1
problemtype:	CWE-254	Trust: 0.9

sources: VULHUB: VHN-96399 // JVNDB: JVNDB-2016-007478 // NVD: CVE-2016-7579

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-730

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201610-730

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007478

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2016-10-24-1 iOS 10.1	url:	https://lists.apple.com/archives/security-announce/2016/Oct/msg00000.html	Trust: 0.8
title:	APPLE-SA-2016-10-24-2 macOS Sierra 10.12.1	url:	https://lists.apple.com/archives/security-announce/2016/Oct/msg00001.html	Trust: 0.8
title:	APPLE-SA-2016-10-24-4 tvOS 10.0.1	url:	https://lists.apple.com/archives/security-announce/2016/Oct/msg00003.html	Trust: 0.8
title:	HT207271	url:	https://support.apple.com/en-us/HT207271	Trust: 0.8
title:	HT207270	url:	https://support.apple.com/en-us/HT207270	Trust: 0.8
title:	HT207275	url:	https://support.apple.com/en-us/HT207275	Trust: 0.8
title:	HT207275	url:	https://support.apple.com/ja-jp/HT207275	Trust: 0.8
title:	HT207271	url:	https://support.apple.com/ja-jp/HT207271	Trust: 0.8
title:	HT207270	url:	https://support.apple.com/ja-jp/HT207270	Trust: 0.8
title:	Multiple Apple product CFNetwork Proxies Repair measures for information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65092	Trust: 0.6

sources: JVNDB: JVNDB-2016-007478 // CNNVD: CNNVD-201610-730

EXTERNAL IDS

db:	NVD	id:	CVE-2016-7579	Trust: 3.1
db:	BID	id:	93856	Trust: 2.0
db:	SECTRACK	id:	1037086	Trust: 1.7
db:	JVN	id:	JVNVU90743185	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-007478	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-730	Trust: 0.7
db:	VULHUB	id:	VHN-96399	Trust: 0.1
db:	PACKETSTORM	id:	139320	Trust: 0.1
db:	PACKETSTORM	id:	139319	Trust: 0.1
db:	PACKETSTORM	id:	139323	Trust: 0.1

sources: VULHUB: VHN-96399 // BID: 93856 // JVNDB: JVNDB-2016-007478 // PACKETSTORM: 139320 // PACKETSTORM: 139319 // PACKETSTORM: 139323 // CNNVD: CNNVD-201610-730 // NVD: CVE-2016-7579

REFERENCES

url:	http://www.securityfocus.com/bid/93856	Trust: 1.7
url:	https://support.apple.com/ht207270	Trust: 1.7
url:	https://support.apple.com/ht207271	Trust: 1.7
url:	https://support.apple.com/ht207275	Trust: 1.7
url:	http://www.securitytracker.com/id/1037086	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7579	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu90743185/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7579	Trust: 0.8
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3
url:	http://www.apple.com/accessibility/tvos/	Trust: 0.3
url:	https://support.apple.com/en-ie/ht207271	Trust: 0.3
url:	https://support.apple.com/en-ie/ht207275	Trust: 0.3
url:	https://support.apple.com/en-ie/ht207270	Trust: 0.3
url:	https://support.apple.com/kb/ht201222	Trust: 0.3
url:	https://gpgtools.org	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4675	Trust: 0.3
url:	https://www.apple.com/support/security/pgp/	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4669	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4660	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4679	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7579	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4673	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4635	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4664	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4677	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4665	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4680	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4682	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4661	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4678	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4667	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4662	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4674	Trust: 0.1
url:	https://www.apple.com/support/downloads/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4671	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4663	Trust: 0.1
url:	https://www.apple.com/itunes/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4686	Trust: 0.1

CREDITS

Jerry Decime.

Trust: 0.9

sources: BID: 93856 // CNNVD: CNNVD-201610-730

SOURCES

db:	VULHUB	id:	VHN-96399
db:	BID	id:	93856
db:	JVNDB	id:	JVNDB-2016-007478
db:	PACKETSTORM	id:	139320
db:	PACKETSTORM	id:	139319
db:	PACKETSTORM	id:	139323
db:	CNNVD	id:	CNNVD-201610-730
db:	NVD	id:	CVE-2016-7579

LAST UPDATE DATE

2025-04-20T21:22:01.874000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-96399	date:	2019-03-25T00:00:00
db:	BID	id:	93856	date:	2016-10-26T00:18:00
db:	JVNDB	id:	JVNDB-2016-007478	date:	2017-03-01T00:00:00
db:	CNNVD	id:	CNNVD-201610-730	date:	2019-03-26T00:00:00
db:	NVD	id:	CVE-2016-7579	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-96399	date:	2017-02-20T00:00:00
db:	BID	id:	93856	date:	2016-10-24T00:00:00
db:	JVNDB	id:	JVNDB-2016-007478	date:	2017-03-01T00:00:00
db:	PACKETSTORM	id:	139320	date:	2016-10-24T21:46:59
db:	PACKETSTORM	id:	139319	date:	2016-10-24T21:43:56
db:	PACKETSTORM	id:	139323	date:	2016-10-24T23:01:11
db:	CNNVD	id:	CNNVD-201610-730	date:	2016-10-25T00:00:00
db:	NVD	id:	CVE-2016-7579	date:	2017-02-20T08:59:01.477