CVE-2016-4608

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.
References
Link Resource
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html Mailing List Vendor Advisory
http://www.securityfocus.com/bid/91826 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036348 Third Party Advisory VDB Entry
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
https://support.apple.com/HT206899 Vendor Advisory
https://support.apple.com/HT206901 Vendor Advisory
https://support.apple.com/HT206902 Vendor Advisory
https://support.apple.com/HT206903 Vendor Advisory
https://support.apple.com/HT206904 Vendor Advisory
https://support.apple.com/HT206905 Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html Mailing List Vendor Advisory
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html Mailing List Vendor Advisory
http://www.securityfocus.com/bid/91826 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036348 Third Party Advisory VDB Entry
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
https://support.apple.com/HT206899 Vendor Advisory
https://support.apple.com/HT206901 Vendor Advisory
https://support.apple.com/HT206902 Vendor Advisory
https://support.apple.com/HT206903 Vendor Advisory
https://support.apple.com/HT206904 Vendor Advisory
https://support.apple.com/HT206905 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

History

21 Nov 2024, 02:52

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html - Mailing List, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html - Mailing List, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html - Mailing List, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html - Mailing List, Vendor Advisory
References () http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html - Mailing List, Vendor Advisory () http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html - Mailing List, Vendor Advisory
References () http://www.securityfocus.com/bid/91826 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/91826 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1036348 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1036348 - Third Party Advisory, VDB Entry
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/ -
References () https://support.apple.com/HT206899 - Vendor Advisory () https://support.apple.com/HT206899 - Vendor Advisory
References () https://support.apple.com/HT206901 - Vendor Advisory () https://support.apple.com/HT206901 - Vendor Advisory
References () https://support.apple.com/HT206902 - Vendor Advisory () https://support.apple.com/HT206902 - Vendor Advisory
References () https://support.apple.com/HT206903 - Vendor Advisory () https://support.apple.com/HT206903 - Vendor Advisory
References () https://support.apple.com/HT206904 - Vendor Advisory () https://support.apple.com/HT206904 - Vendor Advisory
References () https://support.apple.com/HT206905 - Vendor Advisory () https://support.apple.com/HT206905 - Vendor Advisory

07 Nov 2023, 02:32

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/', 'name': 'FEDORA-2019-320d5295fc', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/ -

Information

Published : 2016-07-22 02:59

Updated : 2024-11-21 02:52


NVD link : CVE-2016-4608

Mitre link : CVE-2016-4608

CVE.ORG link : CVE-2016-4608


JSON object : View

Products Affected

apple

  • mac_os_x
  • icloud
  • watchos
  • itunes
  • iphone_os
  • tvos

microsoft

  • windows

fedoraproject

  • fedora

xmlsoft

  • libxslt
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer