Details of VAR-201605-0472

ID

VAR-201605-0472

CVE

CVE-2016-1846

TITLE

Apple OS X of NVIDIA Graphics driver subsystem vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2016-002840

DESCRIPTION

The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. Apple Mac OS X 10.9.5, 10.10.5 and 10.11 through 10.11.4 are vulnerable. NVIDIA Graphics Drivers is one of the graphics driver components

Trust: 1.98

sources: NVD: CVE-2016-1846 // JVNDB: JVNDB-2016-002840 // BID: 90696 // VULHUB: VHN-90665

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.11.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11 and later	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.11.4	Trust: 0.6
vendor:	juniper	model:	junos space 15.2r1	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.2.09	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.211	Trust: 0.3
vendor:	apple	model:	mac os security update	scope:	ne	version:	x2016-0030	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	2.3.0	Trust: 0.3
vendor:	ibm	model:	powerkvm	scope:	eq	version:	2.1	Trust: 0.3
vendor:	oracle	model:	vm server for	scope:	eq	version:	x863.4	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	eq	version:	7.5.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.2.08	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	eq	version:	7.6.2.1	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	eq	version:	7.6.2.0	Trust: 0.3
vendor:	juniper	model:	junos space 14.1r1.9	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	ne	version:	5.3.2.4	Trust: 0.3
vendor:	bluecoat	model:	advanced secure gateway	scope:	eq	version:	6.6	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.214	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	2.4.0.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.1	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.2.1	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fp	scope:	eq	version:	3.19	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	3.1.0.4	Trust: 0.3
vendor:	ibm	model:	powerkvm	scope:	eq	version:	3.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.1.0.410	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.1.08	Trust: 0.3
vendor:	bluecoat	model:	security analytics platform	scope:	eq	version:	7.0	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.24	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	2.4.0.3	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	ne	version:	7.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.11.5	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fixpac	scope:	eq	version:	3.2	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.7	Trust: 0.3
vendor:	ibm	model:	smartcloud entry jre update	scope:	eq	version:	2.3.0.34	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.213	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.403	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.219	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.113	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fi	scope:	eq	version:	2.2.0.4	Trust: 0.3
vendor:	juniper	model:	junos space 14.1r1	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	2.3.0.4	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	3.11	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	3.22	Trust: 0.3
vendor:	bluecoat	model:	industrial control system protection	scope:	eq	version:	5.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.9.5	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.404	Trust: 0.3
vendor:	juniper	model:	junos space 15.1f2	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.2.010	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	2.22	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.2.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.110	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fixpack	scope:	eq	version:	3.2.0.413	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.402	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fixpac	scope:	eq	version:	3.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.1	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.2	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	eq	version:	7.6.2.2	Trust: 0.3
vendor:	juniper	model:	junos space 16.1r1	scope:	ne	version:	-	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fp	scope:	eq	version:	3.110	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.36	Trust: 0.3
vendor:	ibm	model:	mq appliance m2001	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.3	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.401	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.8	Trust: 0.3
vendor:	bluecoat	model:	proxysg	scope:	eq	version:	6.5	Trust: 0.3
vendor:	ibm	model:	smartcloud entry jre update	scope:	eq	version:	2.4.0.55	Trust: 0.3
vendor:	bluecoat	model:	director	scope:	eq	version:	6.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	3.21	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	ne	version:	7.6.2.4	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.5	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.4	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	eq	version:	7.5.2.10	Trust: 0.3
vendor:	mcafee	model:	email gateway 7.6.405h1165239	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos space 15.1r2.11	scope:	-	version:	-	Trust: 0.3
vendor:	bluecoat	model:	security analytics platform	scope:	eq	version:	6.6	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	eq	version:	7.5.2.9	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	2.32	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.6	Trust: 0.3
vendor:	bluecoat	model:	industrial control systems network scanner	scope:	eq	version:	5.3	Trust: 0.3
vendor:	bluecoat	model:	authconnector	scope:	eq	version:	2.5	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.44	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	2.3.0.3	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	ne	version:	7.5.2.11	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.0	Trust: 0.3
vendor:	ibm	model:	mq appliance m2000	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.2.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fixpack	scope:	eq	version:	2.4.0.55	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.400	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	1.3	Trust: 0.3
vendor:	mcafee	model:	email gateway 7.6.2h968406	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.46	Trust: 0.3
vendor:	bluecoat	model:	norman network protection	scope:	eq	version:	5.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fixpack	scope:	eq	version:	3.2.0.415	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	2.4.0	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.34	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	2.2.0.4	Trust: 0.3
vendor:	bluecoat	model:	proxysg	scope:	eq	version:	6.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.3	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	12.1	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.3.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.26	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fixpack	scope:	eq	version:	3.1.0.415	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	13.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.0	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.3.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fixpack	scope:	eq	version:	3.1.0.412	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.405	Trust: 0.3
vendor:	juniper	model:	junos space 15.2r2	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fi	scope:	eq	version:	2.4.0.4	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.9	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.3	Trust: 0.3
vendor:	mcafee	model:	web gateway	scope:	eq	version:	7.6.2.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	2.2	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	ne	version:	7.6.406-3402.103	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	2.21	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.1.09	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	3.2.0.4	Trust: 0.3
vendor:	mcafee	model:	email gateway	scope:	eq	version:	7.6.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry jre update	scope:	eq	version:	2.3.0.35	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fixpack	scope:	eq	version:	2.3.0.33	Trust: 0.3
vendor:	oracle	model:	vm server for	scope:	eq	version:	x863.3	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.2	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	11.2	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	eq	version:	5.3.1.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	2.31	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.218	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.4	Trust: 0.3
vendor:	juniper	model:	junos space	scope:	eq	version:	12.3	Trust: 0.3
vendor:	mcafee	model:	email gateway 7.6.405h1157986	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	2.42	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fi	scope:	eq	version:	2.3.0.4	Trust: 0.3
vendor:	ibm	model:	security network protection	scope:	ne	version:	5.3.1.10	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	3.2.0.411	Trust: 0.3
vendor:	ibm	model:	security identity governance and intelligence	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	bluecoat	model:	security analytics platform	scope:	eq	version:	7.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	2.2.0.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	3.12	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	2.4.0.5	Trust: 0.3
vendor:	ibm	model:	smartcloud entry fix pack	scope:	eq	version:	2.4.01	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.5	Trust: 0.3

sources: BID: 90696 // JVNDB: JVNDB-2016-002840 // CNNVD: CNNVD-201605-513 // NVD: CVE-2016-1846

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1846
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-1846
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201605-513
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-90665
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-1846
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-90665
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1846
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-90665 // JVNDB: JVNDB-2016-002840 // CNNVD: CNNVD-201605-513 // NVD: CVE-2016-1846

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-90665 // JVNDB: JVNDB-2016-002840 // NVD: CVE-2016-1846

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-513

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201605-513

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002840

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-90665

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update 2016-003	url:	http://lists.apple.com/archives/security-announce/2016/May/msg00004.html	Trust: 0.8
title:	HT206567	url:	https://support.apple.com/en-us/HT206567	Trust: 0.8
title:	HT206567	url:	https://support.apple.com/ja-jp/HT206567	Trust: 0.8
title:	Apple OS X El Capitan NVIDIA Graphics Drivers Fixes for arbitrary code execution vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61827	Trust: 0.6

sources: JVNDB: JVNDB-2016-002840 // CNNVD: CNNVD-201605-513

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1846	Trust: 2.8
db:	BID	id:	90696	Trust: 1.4
db:	EXPLOIT-DB	id:	39920	Trust: 1.1
db:	SECTRACK	id:	1035895	Trust: 1.1
db:	PACKETSTORM	id:	137403	Trust: 1.1
db:	JVN	id:	JVNVU91632741	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-002840	Trust: 0.8
db:	CNNVD	id:	CNNVD-201605-513	Trust: 0.7
db:	AUSCERT	id:	ESB-2016.1235	Trust: 0.6
db:	ZDI	id:	ZDI-16-360	Trust: 0.3
db:	ZDI	id:	ZDI-16-497	Trust: 0.3
db:	ZDI	id:	ZDI-16-347	Trust: 0.3
db:	ZDI	id:	ZDI-16-346	Trust: 0.3
db:	ZDI	id:	ZDI-16-345	Trust: 0.3
db:	ZDI	id:	ZDI-16-358	Trust: 0.3
db:	ZDI	id:	ZDI-16-361	Trust: 0.3
db:	ZDI	id:	ZDI-16-344	Trust: 0.3
db:	JUNIPER	id:	JSA10770	Trust: 0.3
db:	MCAFEE	id:	SB10170	Trust: 0.3
db:	VULHUB	id:	VHN-90665	Trust: 0.1

sources: VULHUB: VHN-90665 // BID: 90696 // JVNDB: JVNDB-2016-002840 // CNNVD: CNNVD-201605-513 // NVD: CVE-2016-1846

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2016/may/msg00004.html	Trust: 1.7
url:	https://support.apple.com/ht206567	Trust: 1.7
url:	http://www.securityfocus.com/bid/90696	Trust: 1.1
url:	https://www.exploit-db.com/exploits/39920/	Trust: 1.1
url:	http://packetstormsecurity.com/files/137403/os-x-geforce.kext-null-pointer-dereference.html	Trust: 1.1
url:	https://bugs.chromium.org/p/project-zero/issues/detail?id=784	Trust: 1.1
url:	http://www.securitytracker.com/id/1035895	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1846	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu91632741/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1846	Trust: 0.8
url:	https://www.auscert.org.au/render.html?it=34698	Trust: 0.6
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	https://kb.juniper.net/infocenter/index?page=content&id=jsa10770&actp=rss	Trust: 0.3
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10170	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=isg3t1024088	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=isg3t1024194	Trust: 0.3
url:	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	Trust: 0.3
url:	https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf	Trust: 0.3
url:	https://bto.bluecoat.com/security-advisory/sa129	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21986974	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21989043	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21990750	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-344/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-345/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-346/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-347/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-358/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-360/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-361/	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-497/	Trust: 0.3

sources: VULHUB: VHN-90665 // BID: 90696 // JVNDB: JVNDB-2016-002840 // CNNVD: CNNVD-201605-513 // NVD: CVE-2016-1846

CREDITS

beist and ABH of BoB, daybreaker of Minionz, Ian Beer of Google Project Zero, Moony Li, Jack Tang, Juwei Lin, Peter Pi of Trend Micro, Apple, Stefan Esser, Qidan He of KeenLab, Tencent, lokihardt, Ben Murphy working with Trend Micro's Zero Day Initiative,

Trust: 0.3

sources: BID: 90696

SOURCES

db:	VULHUB	id:	VHN-90665
db:	BID	id:	90696
db:	JVNDB	id:	JVNDB-2016-002840
db:	CNNVD	id:	CNNVD-201605-513
db:	NVD	id:	CVE-2016-1846

LAST UPDATE DATE

2024-11-23T20:16:26.346000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-90665	date:	2016-12-01T00:00:00
db:	BID	id:	90696	date:	2017-12-19T22:01:00
db:	JVNDB	id:	JVNDB-2016-002840	date:	2016-06-23T00:00:00
db:	CNNVD	id:	CNNVD-201605-513	date:	2016-05-25T00:00:00
db:	NVD	id:	CVE-2016-1846	date:	2024-11-21T02:47:12.510

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-90665	date:	2016-05-20T00:00:00
db:	BID	id:	90696	date:	2016-05-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-002840	date:	2016-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201605-513	date:	2016-05-20T00:00:00
db:	NVD	id:	CVE-2016-1846	date:	2016-05-20T10:59:59.427