ID

VAR-201609-0270


CVE

CVE-2016-4705


TITLE

Apple Xcode of otool Vulnerability gained in

Trust: 0.8

sources: JVNDB: JVNDB-2016-004770

DESCRIPTION

otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. otool is one of the decompilation tools for Mac OS X applications. A security vulnerability exists in otool in versions prior to Apple Xcode 8. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-13-2 Xcode 8 Xcode 8 is now available and addresses the following: otool Available for: OS X El Capitan 10.11.5 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4704 : Shrek_wzw of Qihoo 360 Nirvan Team CVE-2016-4705 : riusksk of Tencent Security Platform Department Xcode 8.0 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "8". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJX2FJ8AAoJEIOj74w0bLRG7DcP/2hIkiXK3p/OlMlfRM9kWds/ AOfwzvh5uuH67CECt8uOPVh3VL9r/pPHBKez8xBtCBFdJMe5MXHsvjM6sFfS09hk h0ivVexk0Ofd22jo6hq/LViNaJb/3TmQ97j+Wz0SI6sBz7ksbE/okwmoGdqqwOe4 EJeuUXmciM94qlk42qHtXIhJGw04OItI9utkjA7dNag5v8n+UpgVMLZKmuAV2RfX 3XrVFSfN7CIKxef+4fl9L38wMP86qeuYIVS5mdbmA0hFC6Gk6gy/4b7QpqhII8SI DD93Px9v8pvdW/tLzrkAgz4qzhk2FvPMhUgl+QanVmQfFmCEplHLMGge2Fd4T8vL 3EiC2TRFJhyRMUKY3Exupi6iLWpPY4Ax5TE0O98Y7KnS5S3YttoYZJ3R7v/1M3n6 GIYLIzSnJ1KJ37JYMFRPH19PF4bwWyuSsYTY69ocQJvt4yrRSqm54iHKybzvJm5V JnDY5fAipMwHhqyLRJeNsM0z5RnXlXvMElnL8e57ZcCO9YG0PmbAKe0o85bmiLIU uiI0/9EgwVsjxbH+v0iNaBeYfHQeCVTKvC/Z4/kIqZDNBiek8hUP1uBlbQNO5ia8 hWgbHCvLyLWjOgq2tqDYvlqA3Q9o1oZG1JaM1khh4JQ48dwPKXrLa7Z1+UD4gaPu UQtBYqyCpohYmzRIfkZo =SRht -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2016-4705 // JVNDB: JVNDB-2016-004770 // BID: 92931 // VULHUB: VHN-93524 // PACKETSTORM: 138738

AFFECTED PRODUCTS

vendor:applemodel:xcodescope:lteversion:7.3.1

Trust: 1.0

vendor:applemodel:xcodescope:eqversion:7.3.1

Trust: 0.9

vendor:applemodel:xcodescope:ltversion:8 (os x el capitan v10.11.5 or later )

Trust: 0.8

vendor:applemodel:xcodescope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:2.4.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:7.3

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:7.2

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:7.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:7.0

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:6.3

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:6.2

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:6.0

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:5.0

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.4

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.3.3

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.3

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.2

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.1.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.2.5

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.2.4

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.2.3

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.1.4

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.1.3

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:3.0

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:2.3

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:2.2

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:2.1

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:2.0

Trust: 0.3

vendor:applemodel:xcodescope:eqversion:1.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.5

Trust: 0.3

vendor:applemodel:xcodescope:neversion:8

Trust: 0.3

sources: BID: 92931 // JVNDB: JVNDB-2016-004770 // CNNVD: CNNVD-201609-265 // NVD: CVE-2016-4705

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4705
value: HIGH

Trust: 1.0

NVD: CVE-2016-4705
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201609-265
value: HIGH

Trust: 0.6

VULHUB: VHN-93524
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-4705
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93524
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4705
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93524 // JVNDB: JVNDB-2016-004770 // CNNVD: CNNVD-201609-265 // NVD: CVE-2016-4705

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-93524 // JVNDB: JVNDB-2016-004770 // NVD: CVE-2016-4705

THREAT TYPE

local

Trust: 0.9

sources: BID: 92931 // CNNVD: CNNVD-201609-265

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201609-265

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004770

PATCH

title:Apple security updatesurl:https://support.apple.com/en-us/HT201222

Trust: 0.8

title:APPLE-SA-2016-09-13-2 Xcode 8url:http://lists.apple.com/archives/security-announce/2016/Sep/msg00003.html

Trust: 0.8

title:HT207140url:https://support.apple.com/en-us/HT207140

Trust: 0.8

title:HT207140url:https://support.apple.com/ja-jp/HT207140

Trust: 0.8

title:Apple Xcode otool Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64074

Trust: 0.6

sources: JVNDB: JVNDB-2016-004770 // CNNVD: CNNVD-201609-265

EXTERNAL IDS

db:NVDid:CVE-2016-4705

Trust: 2.9

db:BIDid:92931

Trust: 2.0

db:SECTRACKid:1036787

Trust: 1.1

db:JVNid:JVNVU93841436

Trust: 0.8

db:JVNDBid:JVNDB-2016-004770

Trust: 0.8

db:CNNVDid:CNNVD-201609-265

Trust: 0.7

db:VULHUBid:VHN-93524

Trust: 0.1

db:PACKETSTORMid:138738

Trust: 0.1

sources: VULHUB: VHN-93524 // BID: 92931 // JVNDB: JVNDB-2016-004770 // PACKETSTORM: 138738 // CNNVD: CNNVD-201609-265 // NVD: CVE-2016-4705

REFERENCES

url:http://lists.apple.com/archives/security-announce/2016/sep/msg00003.html

Trust: 1.7

url:http://www.securityfocus.com/bid/92931

Trust: 1.7

url:https://support.apple.com/ht207140

Trust: 1.7

url:http://www.securitytracker.com/id/1036787

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4705

Trust: 0.8

url:http://jvn.jp/vu/jvnvu93841436/index.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4705

Trust: 0.8

url:http://www.apple.com/macosx/

Trust: 0.3

url:https://developer.apple.com/xcode/

Trust: 0.3

url:https://support.apple.com/en-in/ht207140

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-4704

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4705

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://gpgtools.org

Trust: 0.1

url:https://developer.apple.com/xcode/downloads/

Trust: 0.1

url:https://support.apple.com/kb/ht1222

Trust: 0.1

sources: VULHUB: VHN-93524 // BID: 92931 // JVNDB: JVNDB-2016-004770 // PACKETSTORM: 138738 // CNNVD: CNNVD-201609-265 // NVD: CVE-2016-4705

CREDITS

Shrek_wzw of Qihoo 360 Nirvan Team and riusksk of Tencent Security Platform Department.

Trust: 0.9

sources: BID: 92931 // CNNVD: CNNVD-201609-265

SOURCES

db:VULHUBid:VHN-93524
db:BIDid:92931
db:JVNDBid:JVNDB-2016-004770
db:PACKETSTORMid:138738
db:CNNVDid:CNNVD-201609-265
db:NVDid:CVE-2016-4705

LAST UPDATE DATE

2024-08-14T12:18:50.141000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-93524date:2017-08-13T00:00:00
db:BIDid:92931date:2016-09-14T18:00:00
db:JVNDBid:JVNDB-2016-004770date:2016-09-20T00:00:00
db:CNNVDid:CNNVD-201609-265date:2016-09-19T00:00:00
db:NVDid:CVE-2016-4705date:2017-08-13T01:29:11.787

SOURCES RELEASE DATE

db:VULHUBid:VHN-93524date:2016-09-18T00:00:00
db:BIDid:92931date:2016-09-13T00:00:00
db:JVNDBid:JVNDB-2016-004770date:2016-09-20T00:00:00
db:PACKETSTORMid:138738date:2016-09-14T18:32:22
db:CNNVDid:CNNVD-201609-265date:2016-09-14T00:00:00
db:NVDid:CVE-2016-4705date:2016-09-18T22:59:03.437