Memory Corruption Vulnerability in Apple Products
CVE-2016-4607

9.8CRITICAL

Key Information:

Vendor

Xmlsoft

Status
Libxslt
Vendor
CVE Published:
22 July 2016

What is CVE-2016-4607?

The memory corruption vulnerability in libxslt affects multiple Apple products including iOS, OS X, iTunes, iCloud, tvOS, and watchOS. This flaw allows remote attackers to exploit the affected systems, potentially leading to denial of service or unforeseen impacts through unrecognized vectors. Users running outdated versions of these applications are at risk and should consider updating to the latest patches for protection.

References

http://lists.apple.com/archives/security-announce/2016/Ju...
vendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/security-announce/2016/Ju...
vendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/security-announce/2016/Ju...
vendor-advisoryx_refsource_APPLE

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.