ID

VAR-201609-0225


CVE

CVE-2016-4658


TITLE

plural Apple Product libxml2 Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-004928

DESCRIPTION

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document. Apple iOS, tvOS,MacOS and watchOS are prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial-of-service condition, perform unauthorized actions and gain system privileges; this may aid in launching further attacks. Versions prior to iOS 10, watchOS 3, MacOS 10.12, and tvOS 10 are vulnerable. Apple iOS, OS X, tvOS, and watchOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Apple OS X is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. A memory corruption vulnerability exists in Libxml2 in several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libxml2 security update Advisory ID: RHSA-2021:3810-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3810 Issue date: 2021-10-12 CVE Names: CVE-2016-4658 ===================================================================== 1. Summary: An update for libxml2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The desktop must be restarted (log out, then log back in) for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1384424 - CVE-2016-4658 libxml2: Use after free via namespace node in XPointer ranges 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libxml2-2.9.1-6.el7_9.6.src.rpm x86_64: libxml2-2.9.1-6.el7_9.6.i686.rpm libxml2-2.9.1-6.el7_9.6.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-python-2.9.1-6.el7_9.6.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-devel-2.9.1-6.el7_9.6.i686.rpm libxml2-devel-2.9.1-6.el7_9.6.x86_64.rpm libxml2-static-2.9.1-6.el7_9.6.i686.rpm libxml2-static-2.9.1-6.el7_9.6.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libxml2-2.9.1-6.el7_9.6.src.rpm x86_64: libxml2-2.9.1-6.el7_9.6.i686.rpm libxml2-2.9.1-6.el7_9.6.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-python-2.9.1-6.el7_9.6.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-devel-2.9.1-6.el7_9.6.i686.rpm libxml2-devel-2.9.1-6.el7_9.6.x86_64.rpm libxml2-static-2.9.1-6.el7_9.6.i686.rpm libxml2-static-2.9.1-6.el7_9.6.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-6.el7_9.6.src.rpm ppc64: libxml2-2.9.1-6.el7_9.6.ppc.rpm libxml2-2.9.1-6.el7_9.6.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.ppc64.rpm libxml2-devel-2.9.1-6.el7_9.6.ppc.rpm libxml2-devel-2.9.1-6.el7_9.6.ppc64.rpm libxml2-python-2.9.1-6.el7_9.6.ppc64.rpm ppc64le: libxml2-2.9.1-6.el7_9.6.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.ppc64le.rpm libxml2-devel-2.9.1-6.el7_9.6.ppc64le.rpm libxml2-python-2.9.1-6.el7_9.6.ppc64le.rpm s390x: libxml2-2.9.1-6.el7_9.6.s390.rpm libxml2-2.9.1-6.el7_9.6.s390x.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.s390.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.s390x.rpm libxml2-devel-2.9.1-6.el7_9.6.s390.rpm libxml2-devel-2.9.1-6.el7_9.6.s390x.rpm libxml2-python-2.9.1-6.el7_9.6.s390x.rpm x86_64: libxml2-2.9.1-6.el7_9.6.i686.rpm libxml2-2.9.1-6.el7_9.6.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-devel-2.9.1-6.el7_9.6.i686.rpm libxml2-devel-2.9.1-6.el7_9.6.x86_64.rpm libxml2-python-2.9.1-6.el7_9.6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libxml2-debuginfo-2.9.1-6.el7_9.6.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.ppc64.rpm libxml2-static-2.9.1-6.el7_9.6.ppc.rpm libxml2-static-2.9.1-6.el7_9.6.ppc64.rpm ppc64le: libxml2-debuginfo-2.9.1-6.el7_9.6.ppc64le.rpm libxml2-static-2.9.1-6.el7_9.6.ppc64le.rpm s390x: libxml2-debuginfo-2.9.1-6.el7_9.6.s390.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.s390x.rpm libxml2-static-2.9.1-6.el7_9.6.s390.rpm libxml2-static-2.9.1-6.el7_9.6.s390x.rpm x86_64: libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-static-2.9.1-6.el7_9.6.i686.rpm libxml2-static-2.9.1-6.el7_9.6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libxml2-2.9.1-6.el7_9.6.src.rpm x86_64: libxml2-2.9.1-6.el7_9.6.i686.rpm libxml2-2.9.1-6.el7_9.6.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-devel-2.9.1-6.el7_9.6.i686.rpm libxml2-devel-2.9.1-6.el7_9.6.x86_64.rpm libxml2-python-2.9.1-6.el7_9.6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-static-2.9.1-6.el7_9.6.i686.rpm libxml2-static-2.9.1-6.el7_9.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-4658 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYWWqlNzjgjWX9erEAQglcQ//SUNNJGppCVp7noool8BcQdiZYbHQYIZc Ip2xZN+MskEdApJVdj+miteXwKbQlzOBC2O7NxxTagWuQd/ZTeojWIBbpN3wDWK4 iEHxXnJxSCc5Mnz98gW5uiiuOZ7YYNenqpf0CwiR8TTaCfzRZviHA5nt6uRCsOoF XnNRQBkGevmh4VE1J8Mn2aD1fZrvxa1K5SywrF01ZI8ySjqEvm0lajuQD/4evvi8 gcjJlkCx8l/IOD4LowDCXrdxG/eiTYGpLYOdE6ZSOAX+pW4MtJm8R+gusQ+jwyJ+ pe5ITvZw2lycRboQEdr0bg/PiMJfguKA0tbf2Ra096ka1VThIFMZO7SDxhAjtohr v/M3Q+4uLIMei1KapYHo09RO7QwAzViT2p3ycsU+9mEVRNJZcCAeVY3naRkaMEnQ SuM57XSYJXJN7w8tQGzFTnzrZZYKv0XkrMG+sIiVgBAQKgPAppomE1PIeORIJqbb PeASp+08mO37T0Aw5e4SUuzd+MiE7LtGE9RzNzFTWMqT2qQptezmJx/+x0FRu3fv UcfEicz2xh0aV4wptaY4wnqvd4juAOO+AgY5QabO4KZPdvvpcMyQ6twt+sdehQjl 03ChiCTvXyZmWO+IhdEYqGWeh9i6eWoK3QF3cZOXOQSLfNKKvGPJMfHYxch18nU/ aV/GyGATRM8= =M6KE -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary: The Migration Toolkit for Containers (MTC) 1.6.3 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Solution: For details on how to install and use MTC, refer to: https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2019088 - "MigrationController" CR displays syntax error when unquiescing applications 2021666 - Route name longer than 63 characters causes direct volume migration to fail 2021668 - "MigrationController" CR ignores the "cluster_subdomain" value for direct volume migration routes 2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) 2024966 - Manifests not used by Operator Lifecycle Manager must be removed from the MTC 1.6 Operator image 2027196 - "migration-controller" pod goes into "CrashLoopBackoff" state if an invalid registry route is entered on the "Clusters" page of the web console 2027382 - "Copy oc describe/oc logs" window does not close automatically after timeout 2028841 - "rsync-client" container fails during direct volume migration with "Address family not supported by protocol" error 2031793 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "includedResources" resource 2039852 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "destMigClusterRef" or "srcMigClusterRef" 5. =========================================================================== Ubuntu Security Notice USN-3235-1 March 16, 2017 libxml2 vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in libxml2. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 16.04 LTS. (CVE-2016-4448) It was discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-4658) Nick Wellnhofer discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-5131) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: libxml2 2.9.4+dfsg1-2ubuntu0.1 Ubuntu 16.04 LTS: libxml2 2.9.3+dfsg1-1ubuntu0.2 Ubuntu 14.04 LTS: libxml2 2.9.1+dfsg1-3ubuntu4.9 Ubuntu 12.04 LTS: libxml2 2.7.8.dfsg-5.1ubuntu4.17 After a standard system update you need to reboot your computer to make all the necessary changes. Description: Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Bugs fixed (https://bugzilla.redhat.com/): 2050826 - CVE-2022-24348 gitops: Path traversal and dereference of symlinks when passing Helm value files 5. For the stable distribution (jessie), these problems have been fixed in version 2.9.1+dfsg1-5+deb8u4. For the testing distribution (stretch), these problems have been fixed in version 2.9.4+dfsg1-2.1. For the unstable distribution (sid), these problems have been fixed in version 2.9.4+dfsg1-2.1. We recommend that you upgrade your libxml2 packages

Trust: 2.52

sources: NVD: CVE-2016-4658 // JVNDB: JVNDB-2016-004928 // BID: 93054 // VULHUB: VHN-93477 // VULMON: CVE-2016-4658 // PACKETSTORM: 164491 // PACKETSTORM: 165631 // PACKETSTORM: 141667 // PACKETSTORM: 166051 // PACKETSTORM: 140266

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.11.6

Trust: 1.4

vendor:applemodel:iphone osscope:ltversion:10.0

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.12

Trust: 1.0

vendor:xmlsoftmodel:libxml2scope:ltversion:2.9.5

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:10.0

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:3.0

Trust: 1.0

vendor:applemodel:watchosscope:eqversion:2.2.2

Trust: 0.9

vendor:applemodel:iosscope:ltversion:10 (ipad first 4 after generation )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10 (iphone 5 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10 (ipod touch first 6 after generation )

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:10 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:3 (apple watch all models )

Trust: 0.8

vendor:applemodel:tvscope:eqversion:9.2.2

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:9.3.5

Trust: 0.6

vendor:ubuntumodel:linuxscope:eqversion:16.10

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:16.04

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:14.04

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:ibmmodel:dynamic system analysis prebootscope:eqversion:9.6

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.2

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:watchosscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2.2

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:tvosscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:50

Trust: 0.3

vendor:applemodel:iosscope:eqversion:40

Trust: 0.3

vendor:applemodel:iosscope:eqversion:30

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:ibmmodel:dynamic system analysis prebootscope:neversion:9.65

Trust: 0.3

vendor:applemodel:watchosscope:neversion:3.0

Trust: 0.3

vendor:applemodel:tvosscope:neversion:10

Trust: 0.3

vendor:applemodel:macosscope:neversion:10.12

Trust: 0.3

vendor:applemodel:iosscope:neversion:10

Trust: 0.3

sources: BID: 93054 // JVNDB: JVNDB-2016-004928 // CNNVD: CNNVD-201609-485 // NVD: CVE-2016-4658

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4658
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-4658
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201609-485
value: CRITICAL

Trust: 0.6

VULHUB: VHN-93477
value: HIGH

Trust: 0.1

VULMON: CVE-2016-4658
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-4658
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-93477
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4658
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93477 // VULMON: CVE-2016-4658 // JVNDB: JVNDB-2016-004928 // CNNVD: CNNVD-201609-485 // NVD: CVE-2016-4658

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-93477 // JVNDB: JVNDB-2016-004928 // NVD: CVE-2016-4658

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 140266 // CNNVD: CNNVD-201609-485

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201609-485

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004928

PATCH

title:Apple security updatesurl:https://support.apple.com/en-us/HT201222

Trust: 0.8

title:APPLE-SA-2016-09-20-3 iOS 10url:http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html

Trust: 0.8

title:APPLE-SA-2016-09-20-5 watchOS 3url:http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html

Trust: 0.8

title:APPLE-SA-2016-09-20-6 tvOS 10url:http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html

Trust: 0.8

title:APPLE-SA-2016-09-20 macOS Sierra 10.12url:http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html

Trust: 0.8

title:HT207142url:https://support.apple.com/en-us/HT207142

Trust: 0.8

title:HT207143url:https://support.apple.com/en-us/HT207143

Trust: 0.8

title:HT207170url:https://support.apple.com/en-us/HT207170

Trust: 0.8

title:HT207141url:https://support.apple.com/en-us/HT207141

Trust: 0.8

title:HT207141url:https://support.apple.com/ja-jp/HT207141

Trust: 0.8

title:HT207142url:https://support.apple.com/ja-jp/HT207142

Trust: 0.8

title:HT207143url:https://support.apple.com/ja-jp/HT207143

Trust: 0.8

title:HT207170url:https://support.apple.com/ja-jp/HT207170

Trust: 0.8

title:Multiple Apple product libxml2 Repair measures for memory corruption vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=64351

Trust: 0.6

title:Ubuntu Security Notice: libxml2 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3235-1

Trust: 0.1

title:Debian CVElist Bug Report Logs: libxml2: CVE-2016-4658url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=875827e87aed79825801cf0c7dbfb4a3

Trust: 0.1

title:Debian CVElist Bug Report Logs: libxml2: CVE-2016-5131url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9f32dd31cb36cd4b73309a01754e5056

Trust: 0.1

title:Arch Linux Advisories: [ASA-201611-2] libxml2: arbitrary code executionurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201611-2

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2016-4658

Trust: 0.1

title:Amazon Linux 2: ALAS2-2019-1301url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1301

Trust: 0.1

title:Apple: watchOS 3url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=22c38e80657dfabed50745bf066b5d7e

Trust: 0.1

title:Apple: tvOS 10url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=2eacf5c3d1f3eca6b4d1466fef2589d7

Trust: 0.1

title:Apple: iOS 10url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=49cfe8e7b5abb7b955623b596efe5873

Trust: 0.1

title:Apple: macOS Sierra 10.12url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=56fe8957a503c1b7b6f00fbd6d759042

Trust: 0.1

title:Android Security Bulletins: Android Security Bulletin—June 2017url:https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=f9fbdf3aea1fd17035e18f77d6530ab1

Trust: 0.1

title:nagios-check-bundle-auditurl:https://github.com/tommarshall/nagios-check-bundle-audit

Trust: 0.1

title:afl-cveurl:https://github.com/mrash/afl-cve

Trust: 0.1

sources: VULMON: CVE-2016-4658 // JVNDB: JVNDB-2016-004928 // CNNVD: CNNVD-201609-485

EXTERNAL IDS

db:NVDid:CVE-2016-4658

Trust: 3.4

db:BIDid:93054

Trust: 2.1

db:SECTRACKid:1038623

Trust: 1.8

db:SECTRACKid:1036858

Trust: 1.8

db:PACKETSTORMid:165631

Trust: 0.8

db:PACKETSTORMid:166051

Trust: 0.8

db:JVNid:JVNVU90950877

Trust: 0.8

db:JVNid:JVNVU93841436

Trust: 0.8

db:JVNDBid:JVNDB-2016-004928

Trust: 0.8

db:CNNVDid:CNNVD-201609-485

Trust: 0.7

db:PACKETSTORMid:164583

Trust: 0.7

db:PACKETSTORMid:164491

Trust: 0.7

db:AUSCERTid:ESB-2022.0716

Trust: 0.6

db:AUSCERTid:ESB-2022.5666

Trust: 0.6

db:AUSCERTid:ESB-2021.3374

Trust: 0.6

db:AUSCERTid:ESB-2023.3732

Trust: 0.6

db:AUSCERTid:ESB-2022.0245

Trust: 0.6

db:AUSCERTid:ESB-2021.3499

Trust: 0.6

db:AUSCERTid:ESB-2021.3485

Trust: 0.6

db:PACKETSTORMid:164562

Trust: 0.6

db:CS-HELPid:SB2021101345

Trust: 0.6

db:CS-HELPid:SB2021111734

Trust: 0.6

db:PACKETSTORMid:140266

Trust: 0.2

db:PACKETSTORMid:138795

Trust: 0.1

db:VULHUBid:VHN-93477

Trust: 0.1

db:VULMONid:CVE-2016-4658

Trust: 0.1

db:PACKETSTORMid:141667

Trust: 0.1

sources: VULHUB: VHN-93477 // VULMON: CVE-2016-4658 // BID: 93054 // JVNDB: JVNDB-2016-004928 // PACKETSTORM: 164491 // PACKETSTORM: 165631 // PACKETSTORM: 141667 // PACKETSTORM: 166051 // PACKETSTORM: 140266 // CNNVD: CNNVD-201609-485 // NVD: CVE-2016-4658

REFERENCES

url:http://www.securityfocus.com/bid/93054

Trust: 1.9

url:http://lists.apple.com/archives/security-announce/2016/sep/msg00006.html

Trust: 1.8

url:http://lists.apple.com/archives/security-announce/2016/sep/msg00008.html

Trust: 1.8

url:http://lists.apple.com/archives/security-announce/2016/sep/msg00010.html

Trust: 1.8

url:http://lists.apple.com/archives/security-announce/2016/sep/msg00011.html

Trust: 1.8

url:https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b

Trust: 1.8

url:https://support.apple.com/ht207141

Trust: 1.8

url:https://support.apple.com/ht207142

Trust: 1.8

url:https://support.apple.com/ht207143

Trust: 1.8

url:https://support.apple.com/ht207170

Trust: 1.8

url:https://security.gentoo.org/glsa/201701-37

Trust: 1.8

url:http://www.securitytracker.com/id/1036858

Trust: 1.8

url:http://www.securitytracker.com/id/1038623

Trust: 1.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4658

Trust: 0.8

url:http://jvn.jp/vu/jvnvu93841436/index.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu90950877/index.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4658

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.0245

Trust: 0.6

url:https://packetstormsecurity.com/files/164583/red-hat-security-advisory-2021-3949-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.3732

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021111734

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3485

Trust: 0.6

url:https://packetstormsecurity.com/files/166051/red-hat-security-advisory-2022-0580-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3374

Trust: 0.6

url:https://packetstormsecurity.com/files/165631/red-hat-security-advisory-2022-0202-04.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3499

Trust: 0.6

url:https://packetstormsecurity.com/files/164562/red-hat-security-advisory-2021-3925-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0716

Trust: 0.6

url:https://packetstormsecurity.com/files/164491/red-hat-security-advisory-2021-3810-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021101345

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5666

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2016-4658

Trust: 0.5

url:http://www.apple.com/ios/

Trust: 0.3

url:http://www.apple.com/accessibility/tvos/

Trust: 0.3

url:http://www.apple.com/watchos-2/

Trust: 0.3

url:http://www.apple.com/macosx/

Trust: 0.3

url:https://support.apple.com/en-us/ht201222

Trust: 0.3

url:https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099662

Trust: 0.3

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2016-4658

Trust: 0.3

url:https://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-16135

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3200

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-37750

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-5827

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-27645

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-33574

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-13435

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-5827

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24370

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43527

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-14145

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-13751

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-19603

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-14145

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-35942

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17594

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3572

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-12762

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-36086

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-13750

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-13751

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-22898

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-12762

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-16135

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-36084

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3800

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17594

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-36087

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3712

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3445

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13435

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19603

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-22925

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-18218

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20232

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20838

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-22876

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20231

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-14155

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20838

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20271

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-36085

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-33560

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17595

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-42574

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-14155

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-28153

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-13750

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3426

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-18218

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3580

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17595

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-5131

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://github.com/tommarshall/nagios-check-bundle-audit

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=48972

Trust: 0.1

url:https://usn.ubuntu.com/3235-1/

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3810

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25013

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25012

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27823

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35522

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3733

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1870

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35524

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3575

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30758

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25013

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13558

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15389

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25009

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33938

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-5727

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33929

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-5785

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-41617

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30665

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-12973

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30689

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20847

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30682

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33928

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10001

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25014

Trust: 0.1

url:https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22946

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25012

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35521

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-18032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1801

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3778

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33930

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1765

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20845

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-26927

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20847

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-17541

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27918

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36331

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30749

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30795

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-5785

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1788

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31535

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-5727

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30744

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21775

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21806

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27814

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36330

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36241

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30797

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13558

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20266

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20321

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27842

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36332

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1799

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25010

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21779

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10001

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29623

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3948

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22947

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25014

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27828

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12973

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20845

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1844

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3481

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25009

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1871

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25010

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29338

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30734

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35523

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-26926

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28650

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24870

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3796

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27845

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1789

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30663

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30799

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3272

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0202

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15389

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27824

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5.1ubuntu4.17

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-3ubuntu4.9

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-3235-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/libxml2/2.9.3+dfsg1-1ubuntu0.2

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4448

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/libxml2/2.9.4+dfsg1-2ubuntu0.1

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0580

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22876

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-33574

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-33560

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-40346

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27645

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20231

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24370

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22925

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-39241

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22898

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28153

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24348

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3200

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20271

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-44790

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20232

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3521

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

sources: VULHUB: VHN-93477 // VULMON: CVE-2016-4658 // BID: 93054 // JVNDB: JVNDB-2016-004928 // PACKETSTORM: 164491 // PACKETSTORM: 165631 // PACKETSTORM: 141667 // PACKETSTORM: 166051 // PACKETSTORM: 140266 // CNNVD: CNNVD-201609-485 // NVD: CVE-2016-4658

CREDITS

MinSik Shin,YoungJin Yoon, Gergo Koteles, Sunghyun Park, Inc,and Taekyoung Kwon of Information Security Lab, Lufeng Li of Qihoo, Dawid Czagan of Silesia Security Lab, Rodger Combs of Plex, Brandon Azad, HoJae Han, Yonsei University, Marc Heuse of mh-sec

Trust: 0.6

sources: CNNVD: CNNVD-201609-485

SOURCES

db:VULHUBid:VHN-93477
db:VULMONid:CVE-2016-4658
db:BIDid:93054
db:JVNDBid:JVNDB-2016-004928
db:PACKETSTORMid:164491
db:PACKETSTORMid:165631
db:PACKETSTORMid:141667
db:PACKETSTORMid:166051
db:PACKETSTORMid:140266
db:CNNVDid:CNNVD-201609-485
db:NVDid:CVE-2016-4658

LAST UPDATE DATE

2024-11-07T20:20:24.968000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-93477date:2019-03-13T00:00:00
db:VULMONid:CVE-2016-4658date:2019-03-13T00:00:00
db:BIDid:93054date:2017-12-25T12:00:00
db:JVNDBid:JVNDB-2016-004928date:2016-09-29T00:00:00
db:CNNVDid:CNNVD-201609-485date:2023-06-30T00:00:00
db:NVDid:CVE-2016-4658date:2019-03-13T14:05:10.147

SOURCES RELEASE DATE

db:VULHUBid:VHN-93477date:2016-09-25T00:00:00
db:VULMONid:CVE-2016-4658date:2016-09-25T00:00:00
db:BIDid:93054date:2016-09-20T00:00:00
db:JVNDBid:JVNDB-2016-004928date:2016-09-29T00:00:00
db:PACKETSTORMid:164491date:2021-10-13T14:51:26
db:PACKETSTORMid:165631date:2022-01-20T17:48:29
db:PACKETSTORMid:141667date:2017-03-16T23:37:18
db:PACKETSTORMid:166051date:2022-02-18T16:37:39
db:PACKETSTORMid:140266date:2016-12-24T17:05:07
db:CNNVDid:CNNVD-201609-485date:2016-09-26T00:00:00
db:NVDid:CVE-2016-4658date:2016-09-25T10:59:02.343