ID CVE-2016-1756
Summary The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
References
Vulnerable Configurations
  • Apple Mac OS X 10.11.3
    cpe:2.3:o:apple:mac_os_x:10.11.3
  • Apple iPhone OS 9.2.1
    cpe:2.3:o:apple:iphone_os:9.2.1
CVSS
Base: 9.3 (as of 24-03-2016 - 17:08)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family MacOS X Local Security Checks
NASL id MACOSX_10_11_4.NASL
description The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.4. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppleRAID - AppleUSBNetworking - Bluetooth - Carbon - dyld - FontParser - HTTPProtocol - Intel Graphics Driver - IOFireWireFamily - IOGraphics - IOHIDFamily - IOUSBFamily - Kernel - libxml2 - Messages - NVIDIA Graphics Drivers - OpenSSH - OpenSSL - Python - QuickTime - Reminders - Ruby - Security - Tcl - TrueTypeScaler - Wi-Fi Note that successful exploitation of the most serious issues can result in arbitrary code execution.
last seen 2018-09-01
modified 2018-07-14
plugin id 90096
published 2016-03-22
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=90096
title Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities
refmap via4
apple
  • APPLE-SA-2016-03-21-1
  • APPLE-SA-2016-03-21-5
confirm
sectrack 1035353
Last major update 02-12-2016 - 22:22
Published 23-03-2016 - 21:59
Back to Top