CVE-2016-4643

Published: Jan 11, 2019Modified: Nov 21, 2024

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.

Affected (3)

Products: Apple: Apple Tv, Iphone Os, Mac Os

3 products

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Apple Apple Tv	Before 9.2.2
Apple Iphone Os	Before 9.3.3
Apple Mac Os	From 10.11.0 to 10.11.6

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

https://support.apple.com/HT206902

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT206903

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT206905

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT206902

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT206903

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT206905

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.