Sign-up

ID

VAR-201605-0489


CVE

CVE-2016-1831


TITLE

Apple iOS and OS X Kernel kernel arbitrary code execution vulnerability in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2016-002785

DESCRIPTION

The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. Apple Mac OS X 10.9.5, 10.10.5 and 10.11 through 10.11.4 are vulnerable. in the United States. Apple iOS is an operating system developed for mobile devices; OS X El Capitan is a dedicated operating system developed for Mac computers. Kernel is one of the kernel components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-05-16-2 iOS 9.3.2 iOS 9.3.2 is now available and addresses the following: Accessibility Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to determine kernel memory layout Description: A buffer overflow was addressed through improved size validation. CVE-ID CVE-2016-1790 : Rapelly Akhil CFNetwork Proxies Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An information leak existed in the handling of HTTP and HTTPS requests. This issue was addressed through improved URL handling. CVE-ID CVE-2016-1801 : Alex Chapman and Paul Stone of Context Information Security CommonCrypto Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to leak sensitive user information Description: An issue existed in the handling of return values in CCCrypt. This issue was addressed through improved key length management. CVE-ID CVE-2016-1802 : Klaus Rodewig CoreCapture Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-ID CVE-2016-1803 : Ian Beer of Google Project Zero, daybreaker working with Trend Micro’s Zero Day Initiative Disk Images Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to read kernel memory Description: A race condition was addressed through improved locking. CVE-ID CVE-2016-1807 : Ian Beer of Google Project Zero Disk Images Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling. CVE-ID CVE-2016-1808 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted image may lead to a denial of service Description: A null pointer dereference was addressed through improved validation. CVE-ID CVE-2016-1811 : Lander Brandt (@landaire) IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1817 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro working with Trend Micro's Zero Day Initiative CVE-2016-1818 : Juwei Lin of TrendMicro CVE-2016-1819 : Ian Beer of Google Project Zero IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to cause a denial of service Description: A null pointer dereference was addressed through improved locking. CVE-ID CVE-2016-1814 : Juwei Lin of TrendMicro IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-ID CVE-2016-1813 : Ian Beer of Google Project Zero IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1823 : Ian Beer of Google Project Zero CVE-2016-1824 : Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1827 : Brandon Azad CVE-2016-1828 : Brandon Azad CVE-2016-1829 : CESG CVE-2016-1830 : Brandon Azad CVE-2016-1831 : Brandon Azad libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-ID CVE-2016-1832 : Karl Williamson libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1833 : Mateusz Jurczyk CVE-2016-1834 : Apple CVE-2016-1835 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-1837 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-1838 : Mateusz Jurczyk CVE-2016-1839 : Mateusz Jurczyk CVE-2016-1840 : Kostya Serebryany libxslt Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1841 : Sebastian Apelt MapKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: Shared links were sent with HTTP rather than HTTPS. This was addressed by enabling HTTPS for shared links. CVE-ID CVE-2016-1842 : Richard Shupak (https://www.linkedin.com/in/rshupak) OpenGL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto Networks Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A user may be unable to fully delete browsing history Description: "Clear History and Website Data" did not clear the history. The issue was addressed through improved data deletion. CVE-ID CVE-2016-1849 : Adham Ghrayeb Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to access contacts and photos from the the lock screen Description: A state management issue existed when accessing Siri results on the lock screen. This issue was addressed by disabling data detectors in Twitter results when the device is locked. CVE-ID CVE-2016-1852 : videosdebarraquito WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may disclose data from another website Description: An insufficient taint tracking issue in the parsing of svg images was addressed through improved taint tracking. CVE-ID CVE-2016-1858 : an anonymous researcher WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1854 : Anonymous working with Trend Micro's Zero Day Initiative CVE-2016-1855 : Tongbo Luo and Bo Qu of Palo Alto Networks CVE-2016-1856 : lokihardt working with Trend Micro's Zero Day Initiative CVE-2016-1857 : Jeonghoon Shin@A.D.D, Liang Chen, Zhen Feng, wushi of KeenLab, Tencent working with Trend Micro's Zero Day Initiative WebKit Canvas Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1859 : Liang Chen, wushi of KeenLab, Tencent working with Trend Micro's Zero Day Initiative Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.3.2". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXOjz9AAoJEIOj74w0bLRGhaEP/2vSxjMnyoe2P8hRRQKb8LaL oigygYPvWnP6pQMywPpnx96TtTK8qFLOtxaCFzk0IYcCvyA7J7Hp+V69JKuOzj7a rOPcgwsHbFv56ZMJxlEX0v7l7JcptghvujugKKHXg6M8nRluu47LT4uaUI4y87kV NHhlb59k/SGmmzkY83xvVSX1bHxhTt9/Cmpd+xwVGpQDIhWPurhJnImbvxusZT4I 5sVs/+K9C+mAHDvDZbjQi8evDePCmeeeXRmVsNfDTh9oo5Q8iSKjRXC05vZZlcVU R4ntXCEwWXFuLrVDExL1SA36hVuTiht+vbpTDweIj25hfaZs3fTtFIPXzu7MGM50 KsV4xMUMeszB+tlC/GoU6s1gK4yo/mxnbmuXxWQGBUKgiVzRXzXAYfGr9CuY+eCm QotCnXl6oKn8oGqX5Tqmt8onjHAAnk1qdrK7FpRxZTPYYzfIn/OEH4kAsCcuj8qq eYdsHM/8C7Oas3it+dZleDTNmFET4aMA4bIOzHiJSyHS1MvzZoSBxKQHLXjZS+yl 2Z9c135et4TTeqMl0WwhtHKBGdiUfaLOcUi3e0ZnFdDKjQZyo7+w/ma6l/JKwDLs uUCXLvKeEGeNyA75IbS9WEMDgeykh0DgQ4oF6xXth+yod3YnUNcBR8i8UbW68Jo/ WD39gI5XNrpUq9cUOg7t =lS4p -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2016-1831 // JVNDB: JVNDB-2016-002785 // BID: 90696 // VULHUB: VHN-90650 // PACKETSTORM: 137076

AFFECTED PRODUCTS

vendor:applemodel:tvosscope:lteversion:9.2

Trust: 1.0

vendor:applemodel:watchosscope:lteversion:2.2

Trust: 1.0

vendor:applemodel:iphone osscope:lteversion:9.3.1

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.11.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.11 and later

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3.2 (ipad 2 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3.2 (iphone 4s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:9.3.2 (ipod touch first 5 after generation )

Trust: 0.8

vendor:applemodel:watchosscope:eqversion:2.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:9.3.1

Trust: 0.6

vendor:applemodel:mac os xscope:eqversion:10.11.4

Trust: 0.6

vendor:applemodel:tvscope:eqversion:9.2

Trust: 0.6

vendor:junipermodel:junos space 15.2r1scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.2.09

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.211

Trust: 0.3

vendor:applemodel:mac os security updatescope:neversion:x2016-0030

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.3.0

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:2.1

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.4

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:eqversion:7.5.2.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.2.08

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:eqversion:7.6.2.1

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:eqversion:7.6.2.0

Trust: 0.3

vendor:junipermodel:junos space 14.1r1.9scope: - version: -

Trust: 0.3

vendor:ibmmodel:security network protectionscope:neversion:5.3.2.4

Trust: 0.3

vendor:bluecoatmodel:advanced secure gatewayscope:eqversion:6.6

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.214

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.4.0.4

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.1

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.2.1

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry fpscope:eqversion:3.19

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:3.1.0.4

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.1.0.410

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.1.08

Trust: 0.3

vendor:bluecoatmodel:security analytics platformscope:eqversion:7.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.24

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.4.0.3

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:neversion:7.7

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.11.5

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fixpacscope:eqversion:3.2

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.7

Trust: 0.3

vendor:ibmmodel:smartcloud entry jre updatescope:eqversion:2.3.0.34

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.213

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.403

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.219

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.113

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.4

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.2.0.4

Trust: 0.3

vendor:junipermodel:junos space 14.1r1scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.3.0.4

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:3.11

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:3.22

Trust: 0.3

vendor:bluecoatmodel:industrial control system protectionscope:eqversion:5.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.9.5

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.404

Trust: 0.3

vendor:junipermodel:junos space 15.1f2scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.2.010

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.22

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.2.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.110

Trust: 0.3

vendor:ibmmodel:smartcloud entry fixpackscope:eqversion:3.2.0.413

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.402

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fixpacscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.1

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.2

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.2

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:eqversion:7.6.2.2

Trust: 0.3

vendor:junipermodel:junos space 16.1r1scope:neversion: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry fpscope:eqversion:3.110

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.36

Trust: 0.3

vendor:ibmmodel:mq appliance m2001scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.3

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.401

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.8

Trust: 0.3

vendor:bluecoatmodel:proxysgscope:eqversion:6.5

Trust: 0.3

vendor:ibmmodel:smartcloud entry jre updatescope:eqversion:2.4.0.55

Trust: 0.3

vendor:bluecoatmodel:directorscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:3.21

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:neversion:7.6.2.4

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.5

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.4

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:eqversion:7.5.2.10

Trust: 0.3

vendor:mcafeemodel:email gateway 7.6.405h1165239scope: - version: -

Trust: 0.3

vendor:junipermodel:junos space 15.1r2.11scope: - version: -

Trust: 0.3

vendor:bluecoatmodel:security analytics platformscope:eqversion:6.6

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:eqversion:7.5.2.9

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.32

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.6

Trust: 0.3

vendor:bluecoatmodel:industrial control systems network scannerscope:eqversion:5.3

Trust: 0.3

vendor:bluecoatmodel:authconnectorscope:eqversion:2.5

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.44

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.3.0.3

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:neversion:7.5.2.11

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.0

Trust: 0.3

vendor:ibmmodel:mq appliance m2000scope: - version: -

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.2.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry fixpackscope:eqversion:2.4.0.55

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.400

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:1.3

Trust: 0.3

vendor:mcafeemodel:email gateway 7.6.2h968406scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.46

Trust: 0.3

vendor:bluecoatmodel:norman network protectionscope:eqversion:5.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry fixpackscope:eqversion:3.2.0.415

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.4.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.34

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.2.0.4

Trust: 0.3

vendor:bluecoatmodel:proxysgscope:eqversion:6.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.3

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:12.1

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.26

Trust: 0.3

vendor:ibmmodel:smartcloud entry fixpackscope:eqversion:3.1.0.415

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:13.3

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.0

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.3.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry fixpackscope:eqversion:3.1.0.412

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.405

Trust: 0.3

vendor:junipermodel:junos space 15.2r2scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.4.0.4

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.9

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.3

Trust: 0.3

vendor:mcafeemodel:web gatewayscope:eqversion:7.6.2.3

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.2

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:neversion:7.6.406-3402.103

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.21

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.1.09

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:3.2.0.4

Trust: 0.3

vendor:mcafeemodel:email gatewayscope:eqversion:7.6.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry jre updatescope:eqversion:2.3.0.35

Trust: 0.3

vendor:ibmmodel:smartcloud entry fixpackscope:eqversion:2.3.0.33

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.3

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.2

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1.4

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.31

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.218

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.4

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:12.3

Trust: 0.3

vendor:mcafeemodel:email gateway 7.6.405h1157986scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.42

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.3.0.4

Trust: 0.3

vendor:ibmmodel:security network protectionscope:neversion:5.3.1.10

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.2.0.411

Trust: 0.3

vendor:ibmmodel:security identity governance and intelligencescope:eqversion:5.2.1

Trust: 0.3

vendor:bluecoatmodel:security analytics platformscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.2.0.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:3.12

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.4.0.5

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.4.01

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.5

Trust: 0.3

sources: BID: 90696 // JVNDB: JVNDB-2016-002785 // CNNVD: CNNVD-201605-507 // NVD: CVE-2016-1831

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-1831
value: HIGH

Trust: 1.0

NVD: CVE-2016-1831
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201605-507
value: HIGH

Trust: 0.6

VULHUB: VHN-90650
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-1831
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-90650
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-1831
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-90650 // JVNDB: JVNDB-2016-002785 // CNNVD: CNNVD-201605-507 // NVD: CVE-2016-1831

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-90650 // JVNDB: JVNDB-2016-002785 // NVD: CVE-2016-1831

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201605-507

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201605-507

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-002785

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update 2016-003url:http://lists.apple.com/archives/security-announce/2016/May/msg00004.html
Trust: 0.8
title:APPLE-SA-2016-05-16-2 iOS 9.3.2url:http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
Trust: 0.8
title:HT206568url:https://support.apple.com/en-us/HT206568
Trust: 0.8
title:HT206567url:https://support.apple.com/en-us/HT206567
Trust: 0.8
title:HT206567url:https://support.apple.com/ja-jp/HT206567
Trust: 0.8
title:HT206568url:https://support.apple.com/ja-jp/HT206568
Trust: 0.8
title:Apple iOS  and OS X El Capitan kernel Fixes for arbitrary code execution vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61821
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-002785 // 
            
            
            
            CNNVD: CNNVD-201605-507

EXTERNAL IDS
db:NVDid:CVE-2016-1831
Trust: 2.9
db:BIDid:90696
Trust: 2.0
db:SECTRACKid:1035890
Trust: 1.7
db:JVNid:JVNVU91632741
Trust: 0.8
db:JVNDBid:JVNDB-2016-002785
Trust: 0.8
db:CNNVDid:CNNVD-201605-507
Trust: 0.7
db:ZDIid:ZDI-16-360
Trust: 0.3
db:ZDIid:ZDI-16-497
Trust: 0.3
db:ZDIid:ZDI-16-347
Trust: 0.3
db:ZDIid:ZDI-16-346
Trust: 0.3
db:ZDIid:ZDI-16-345
Trust: 0.3
db:ZDIid:ZDI-16-358
Trust: 0.3
db:ZDIid:ZDI-16-361
Trust: 0.3
db:ZDIid:ZDI-16-344
Trust: 0.3
db:JUNIPERid:JSA10770
Trust: 0.3
db:MCAFEEid:SB10170
Trust: 0.3
db:VULHUBid:VHN-90650
Trust: 0.1
db:PACKETSTORMid:137076
Trust: 0.1
sources:
            
            
            VULHUB: VHN-90650 // 
            
            
            
            BID: 90696 // 
            
            
            
            JVNDB: JVNDB-2016-002785 // 
            
            
            
            PACKETSTORM: 137076 // 
            
            
            
            CNNVD: CNNVD-201605-507 // 
            
            
            
            NVD: CVE-2016-1831

REFERENCES
url:http://lists.apple.com/archives/security-announce/2016/may/msg00002.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2016/may/msg00004.html
Trust: 1.7
url:http://www.securityfocus.com/bid/90696
Trust: 1.7
url:https://support.apple.com/ht206567
Trust: 1.7
url:https://support.apple.com/ht206568
Trust: 1.7
url:http://www.securitytracker.com/id/1035890
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1831
Trust: 0.8
url:http://jvn.jp/vu/jvnvu91632741/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1831
Trust: 0.8
url:https://www.apple.com/
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10770&actp=rss
Trust: 0.3
url:https://kc.mcafee.com/corporate/index?page=content&id=sb10170
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024088
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024194
Trust: 0.3
url:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Trust: 0.3
url:https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf
Trust: 0.3
url:https://bto.bluecoat.com/security-advisory/sa129
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg21986974
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg21989043
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg21990750
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-344/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-345/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-346/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-347/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-358/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-360/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-361/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-497/
Trust: 0.3
url:https://www.apple.com/itunes/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1823
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1814
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1836
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1829
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1837
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1817
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1839
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1819
Trust: 0.1
url:https://www.linkedin.com/in/rshupak)
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1803
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1827
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1808
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1830
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1813
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1811
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1828
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1838
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1833
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1807
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1831
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1834
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1835
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1801
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1790
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1818
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1802
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1840
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1824
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-1832
Trust: 0.1
sources:
            
            
            VULHUB: VHN-90650 // 
            
            
            
            BID: 90696 // 
            
            
            
            JVNDB: JVNDB-2016-002785 // 
            
            
            
            PACKETSTORM: 137076 // 
            
            
            
            CNNVD: CNNVD-201605-507 // 
            
            
            
            NVD: CVE-2016-1831

CREDITS
beist and ABH of BoB, daybreaker of Minionz, Ian Beer of Google Project Zero, Moony Li, Jack Tang, Juwei Lin, Peter Pi of Trend Micro, Apple, Stefan Esser, Qidan He of KeenLab, Tencent, lokihardt, Ben Murphy working with Trend Micro's Zero Day Initiative,
Trust: 0.3
sources:
            
            
            BID: 90696

SOURCES
db:VULHUBid:VHN-90650
db:BIDid:90696
db:JVNDBid:JVNDB-2016-002785
db:PACKETSTORMid:137076
db:CNNVDid:CNNVD-201605-507
db:NVDid:CVE-2016-1831

LAST UPDATE DATE
2024-11-23T21:22:27.364000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-90650date:2019-03-08T00:00:00
db:BIDid:90696date:2017-12-19T22:01:00
db:JVNDBid:JVNDB-2016-002785date:2016-05-23T00:00:00
db:CNNVDid:CNNVD-201605-507date:2019-03-13T00:00:00
db:NVDid:CVE-2016-1831date:2024-11-21T02:47:10.413

SOURCES RELEASE DATE
db:VULHUBid:VHN-90650date:2016-05-20T00:00:00
db:BIDid:90696date:2016-05-16T00:00:00
db:JVNDBid:JVNDB-2016-002785date:2016-05-23T00:00:00
db:PACKETSTORMid:137076date:2016-05-17T15:50:52
db:CNNVDid:CNNVD-201605-507date:2016-05-20T00:00:00
db:NVDid:CVE-2016-1831date:2016-05-20T10:59:45.063