Details of VAR-201702-0463

ID

VAR-201702-0463

CVE

CVE-2016-7582

TITLE

Apple OS X of Intel Graphics Driver Vulnerable to arbitrary code execution in a privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2016-007475

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the IntelHD5000 kext. The issue lies in the failure to properly validate the existence of an object prior to performing operations on it. An attacker can leverage this vulnerability to escalate privileges under the context of the kernel. Apple macOS is prone to an arbitrary code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. Versions prior to macOS 10.12 are vulnerable. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers

Trust: 2.61

sources: NVD: CVE-2016-7582 // JVNDB: JVNDB-2016-007475 // ZDI: ZDI-16-641 // BID: 94435 // VULHUB: VHN-96402

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.11.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.7.5 or later 10.12	Trust: 0.8
vendor:	apple	model:	os x	scope:	-	version:	-	Trust: 0.7
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.6	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7	Trust: 0.3
vendor:	cosmicperl	model:	directory pro	scope:	eq	version:	10.0.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.10	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	macos	scope:	ne	version:	10.12	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.11	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.5	Trust: 0.3

sources: ZDI: ZDI-16-641 // BID: 94435 // JVNDB: JVNDB-2016-007475 // CNNVD: CNNVD-201611-484 // NVD: CVE-2016-7582

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-7582
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-7582
value:	HIGH
Trust: 0.8
ZDI:	CVE-2016-7582
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201611-484
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-96402
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-7582
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ZDI:	CVE-2016-7582
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
VULHUB:	VHN-96402
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-7582
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: ZDI: ZDI-16-641 // VULHUB: VHN-96402 // JVNDB: JVNDB-2016-007475 // CNNVD: CNNVD-201611-484 // NVD: CVE-2016-7582

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-96402 // JVNDB: JVNDB-2016-007475 // NVD: CVE-2016-7582

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-484

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201611-484

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007475

PATCH

title:	HT207170	url:	https://support.apple.com/en-us/HT207170	Trust: 1.5
title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2016-09-20 macOS Sierra 10.12	url:	http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html	Trust: 0.8
title:	HT207170	url:	https://support.apple.com/ja-jp/HT207170	Trust: 0.8
title:	Apple macOS Sierra Intel Graphics Driver Remediation measures for reusing vulnerabilities after release	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65821	Trust: 0.6

sources: ZDI: ZDI-16-641 // JVNDB: JVNDB-2016-007475 // CNNVD: CNNVD-201611-484

EXTERNAL IDS

db:	NVD	id:	CVE-2016-7582	Trust: 3.5
db:	BID	id:	94435	Trust: 2.0
db:	JVN	id:	JVNVU90950877	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-007475	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3823	Trust: 0.7
db:	ZDI	id:	ZDI-16-641	Trust: 0.7
db:	CNNVD	id:	CNNVD-201611-484	Trust: 0.7
db:	VULHUB	id:	VHN-96402	Trust: 0.1

sources: ZDI: ZDI-16-641 // VULHUB: VHN-96402 // BID: 94435 // JVNDB: JVNDB-2016-007475 // CNNVD: CNNVD-201611-484 // NVD: CVE-2016-7582

REFERENCES

url:	http://www.securityfocus.com/bid/94435	Trust: 1.7
url:	https://support.apple.com/ht207170	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7582	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu90950877/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7582	Trust: 0.8
url:	https://support.apple.com/en-us/ht207170	Trust: 0.7
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	https://support.apple.com/en-in/ht207170	Trust: 0.3

sources: ZDI: ZDI-16-641 // VULHUB: VHN-96402 // BID: 94435 // JVNDB: JVNDB-2016-007475 // CNNVD: CNNVD-201611-484 // NVD: CVE-2016-7582

CREDITS

Liang Chen of Tencent KeenLab.

Trust: 0.9

sources: BID: 94435 // CNNVD: CNNVD-201611-484

SOURCES

db:	ZDI	id:	ZDI-16-641
db:	VULHUB	id:	VHN-96402
db:	BID	id:	94435
db:	JVNDB	id:	JVNDB-2016-007475
db:	CNNVD	id:	CNNVD-201611-484
db:	NVD	id:	CVE-2016-7582

LAST UPDATE DATE

2025-04-20T21:28:57.915000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-16-641	date:	2016-12-15T00:00:00
db:	VULHUB	id:	VHN-96402	date:	2017-02-21T00:00:00
db:	BID	id:	94435	date:	2016-11-24T00:14:00
db:	JVNDB	id:	JVNDB-2016-007475	date:	2017-03-01T00:00:00
db:	CNNVD	id:	CNNVD-201611-484	date:	2017-03-07T00:00:00
db:	NVD	id:	CVE-2016-7582	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-16-641	date:	2016-12-15T00:00:00
db:	VULHUB	id:	VHN-96402	date:	2017-02-20T00:00:00
db:	BID	id:	94435	date:	2016-11-14T00:00:00
db:	JVNDB	id:	JVNDB-2016-007475	date:	2017-03-01T00:00:00
db:	CNNVD	id:	CNNVD-201611-484	date:	2016-11-22T00:00:00
db:	NVD	id:	CVE-2016-7582	date:	2017-02-20T08:59:01.573