CVE-2016-1811

Published: May 20, 2016Modified: May 6, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.

Affected (4)

Products: Apple: Watchos, Tvos, Iphone Os, Mac Os X

4 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Watchos	Before 2.2.1

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Apple Tvos	Before 9.2.1

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 9.3.2

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Before 10.11.5

Related CWEs

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

References (20)

http://lists.apple.com/archives/security-announce/2016/May/msg00001.html

Source: product-security@apple.com

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2016/May/msg00002.html

Source: product-security@apple.com

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2016/May/msg00003.html

Source: product-security@apple.com

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2016/May/msg00004.html

Source: product-security@apple.com

Mailing ListVendor Advisory

http://www.securityfocus.com/bid/90694

Source: product-security@apple.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1035890

Source: product-security@apple.com

Third Party AdvisoryVDB Entry

https://support.apple.com/HT206564

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT206566

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT206567

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT206568

Source: product-security@apple.com

Vendor Advisory

http://lists.apple.com/archives/security-announce/2016/May/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2016/May/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2016/May/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2016/May/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListVendor Advisory

http://www.securityfocus.com/bid/90694

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1035890

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://support.apple.com/HT206564

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT206566

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT206567

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT206568

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.