var-201607-0360
Vulnerability from variot
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Array.slice. The issue lies in the failure to ensure that an array's length has not changed during processing of user-supplied arguments. An attacker can leverage this vulnerability to execute code within the context of the current process. Attackers can exploit these issues to execute arbitrary code, gain sensitive information or steal cookie-based authentication credentials and launch other attacks. Versions prior to iOS 9.3.3, tvOS 9.2.2 and Safari 9.1.2 are vulnerable. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. =========================================================================== Ubuntu Security Notice USN-3079-1 September 14, 2016
webkit2gtk vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description: - webkit2gtk: JavaScript engine library from WebKitGTK+ - GObject introspection
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.12.5-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.12.5-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3079-1 CVE-2016-1854, CVE-2016-1856, CVE-2016-1857, CVE-2016-1858, CVE-2016-1859, CVE-2016-4583, CVE-2016-4585, CVE-2016-4586, CVE-2016-4588, CVE-2016-4589, CVE-2016-4590, CVE-2016-4591, CVE-2016-4622, CVE-2016-4623, CVE-2016-4624, CVE-2016-4651
Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.12.5-0ubuntu0.16.04.1
. This issue was addressed by disabling scripts and plugins on resources loaded over HTTP/0.9. (www.mbsd.jp)
Safari 9.1.2 may be obtained from the Mac App Store. ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2016-0005
Date reported : August 25, 2016 Advisory ID : WSA-2016-0005 Advisory URL : https://webkitgtk.org/security/WSA-2016-0005.html CVE identifiers : CVE-2016-4583, CVE-2016-4585, CVE-2016-4586, CVE-2016-4587, CVE-2016-4588, CVE-2016-4589, CVE-2016-4590, CVE-2016-4591, CVE-2016-4592, CVE-2016-4622, CVE-2016-4623, CVE-2016-4624, CVE-2016-4651.
Several vulnerabilities were discovered in WebKitGTK+.
CVE-2016-4583 Versions affected: WebKitGTK+ before 2.12.2. Credit to Roeland Krak.
CVE-2016-4585 Versions affected: WebKitGTK+ before 2.12.1. Credit to Takeshi Terada of Mitsui Bussan Secure Directions, Inc. (www.mbsd.jp).
CVE-2016-4586 Versions affected: WebKitGTK+ before 2.12.1. Credit to Apple.
CVE-2016-4587 Versions affected: WebKitGTK+ before 2.10.1. Credit to Apple.
CVE-2016-4588 Versions affected: WebKitGTK+ before 2.12.3. Credit to Apple.
CVE-2016-4589 Versions affected: WebKitGTK+ before 2.12.3. Credit to Tongbo Luo and Bo Qu of Palo Alto Networks.
CVE-2016-4590 Versions affected: WebKitGTK+ before 2.12.4. Credit to xisigr of Tencent's Xuanwu Lab (www.tencent.com).
CVE-2016-4591 Versions affected: WebKitGTK+ before 2.12.4. Credit to ma.la of LINE Corporation.
CVE-2016-4592 Versions affected: WebKitGTK+ before 2.10.5. Credit to Mikhail.
CVE-2016-4622 Versions affected: WebKitGTK+ before 2.12.4. Credit to Samuel Gross working with Trend Micro's Zero Day Initiative.
CVE-2016-4623 Versions affected: WebKitGTK+ before 2.12.0. Credit to Apple.
CVE-2016-4624 Versions affected: WebKitGTK+ before 2.12.4. Credit to Apple.
CVE-2016-4651 Versions affected: WebKitGTK+ before 2.12.0. Credit to Obscure.
We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases.
Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html
The WebKitGTK+ team, August 25, 2016
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-4 tvOS 9.2.2
tvOS 9.2.2 is now available and addresses the following:
CoreGraphics Available for: Apple TV (4th generation) Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
IOAcceleratorFamily Available for: Apple TV (4th generation) Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-2016-4627 : Ju Zhu of Trend Micro
IOHIDFamily Available for: Apple TV (4th generation) Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
Kernel Available for: Apple TV (4th generation) Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: Apple TV (4th generation) Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent, CESG
libxml2 Available for: Apple TV (4th generation) Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxml2 Available for: Apple TV (4th generation) Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxslt Available for: Apple TV (4th generation) Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Sandbox Profiles Available for: Apple TV (4th generation) Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4586 : Apple CVE-2016-4588 : Apple CVE-2016-4589 : Tongbo Luo and Bo Qu of Palo Alto Networks CVE-2016-4622 : Samuel Gross working with Trend Microas Zero Day Initiative CVE-2016-4623 : Apple CVE-2016-4624 : Apple
WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4587 : Apple
WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may compromise user information on the file system Description: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks. CVE-2016-4591 : ma.la of LINE Corporation
WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may disclose image data from another website Description: A timing issue existed in the processing of SVG. This issue was addressed through improved validation. This issue was addressed through improved URL validation on redirection. (www.mbsd.jp)
Installation note:
Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software.".
To check the current version of software, select "Settings -> General -> About".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXA+AAoJEIOj74w0bLRGi6IP/2DDPP2Z208nJPL0+a+bMJA4 JUIrF0BM4wyr1Hy/Vb2zN5RkAZYeHwq8Jq9av9qu79Xgan2jcgPRWKSAiztp0BMx kYPLi6PrpvWiWLHpqkWGnKVK1LmdBQXKrPsCmMJacKJ2TldBMofAiuh3QrjqZ7ud GVbTB4HkjX2FnpCt25DkUK5Y5oWP8lv4rvB+iTfO/kVGfSMfrTg1HGH3s49+UTHV GICBGi+L8yftmYaM10a5JjnOCRiIKXa95Kt1CTPrDxFSJG2QBmMBvSGV4qivyf6i buqAso81LVWnJBIKjj21usJqm6Q1lqtU5MTElfDq0w/uo7oxL/eWB4e8H0lm9Jow oD+ZepkO0SHQgwNWprMKrEbI/xow1CiYdxj/a8DYSuQicCjPZanQux04MurfmU5Q YEkzj+oxuzBherHAVwqleHEglDOy6CJx/UCVoxnf0Tcj9FQOTzQ+aUqYMXrM33Yu zhU4Eai/9PKLLuqQzhgXYqsSnHKu5ojzesunRo09D+Q1jjSyIXvhmUmCXBgDvcls MfSUjWJJxniqj+C8zFeHuFEbPU70urVmUH7rWSBsRCRhjzwYMAWpPejkT/XDs1qm SCTElHATr+BfvS0v1E5En2xNKXSodyJL1SaK9rHnkre+40+e0IJJbOQzbQH9MAcJ ylGAp0etGDWZ40Q5IyH8 =N/Ug -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0360",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": null,
"trust": 1.4,
"vendor": "apple",
"version": null
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "9.3.3"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "9.2.2"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "9.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.9,
"vendor": "apple",
"version": "9.1.1"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.3.3 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.3.3 (iphone 4s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.3.3 (ipod touch first 5 after generation )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.1.2 (os x el capitan v10.11.6)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.1.2 (os x mavericks v10.9.5)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.1.2 (os x yosemite v10.10.5)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "9.2.2 (apple tv first 4 generation )"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "9.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "30"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.8"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.31"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "40"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.34"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "50"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.8"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.31"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.28"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.33"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.30"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.10"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.3"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "9.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"db": "BID",
"id": "91830"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-878"
},
{
"db": "NVD",
"id": "CVE-2016-4622"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:apple_tv",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samuel Gro\u00df",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"db": "ZDI",
"id": "ZDI-16-485"
}
],
"trust": 1.4
},
"cve": "CVE-2016-4622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-4622",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-4622",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 1.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-93441",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-4622",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-4622",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4622",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-4622",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201607-878",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-93441",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-4622",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"db": "VULHUB",
"id": "VHN-93441"
},
{
"db": "VULMON",
"id": "CVE-2016-4622"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-878"
},
{
"db": "NVD",
"id": "CVE-2016-4622"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Array.slice. The issue lies in the failure to ensure that an array\u0027s length has not changed during processing of user-supplied arguments. An attacker can leverage this vulnerability to execute code within the context of the current process. \nAttackers can exploit these issues to execute arbitrary code, gain sensitive information or steal cookie-based authentication credentials and launch other attacks. \nVersions prior to iOS 9.3.3, tvOS 9.2.2 and Safari 9.1.2 are vulnerable. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. \n===========================================================================\nUbuntu Security Notice USN-3079-1\nSeptember 14, 2016\n\nwebkit2gtk vulnerabilities\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in WebKitGTK+. \n\nSoftware Description:\n- webkit2gtk: JavaScript engine library from WebKitGTK+ - GObject introspection\n\nDetails:\n\nA large number of security issues were discovered in the WebKitGTK+ Web and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libjavascriptcoregtk-4.0-18 2.12.5-0ubuntu0.16.04.1\n libwebkit2gtk-4.0-37 2.12.5-0ubuntu0.16.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any applications\nthat use WebKitGTK+, such as Epiphany, to make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-3079-1\n CVE-2016-1854, CVE-2016-1856, CVE-2016-1857, CVE-2016-1858,\n CVE-2016-1859, CVE-2016-4583, CVE-2016-4585, CVE-2016-4586,\n CVE-2016-4588, CVE-2016-4589, CVE-2016-4590, CVE-2016-4591,\n CVE-2016-4622, CVE-2016-4623, CVE-2016-4624, CVE-2016-4651\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.12.5-0ubuntu0.16.04.1\n\n\n\n. This issue was addressed by disabling\nscripts and plugins on resources loaded over HTTP/0.9. (www.mbsd.jp)\n\nSafari 9.1.2 may be obtained from the Mac App Store. ------------------------------------------------------------------------\nWebKitGTK+ Security Advisory WSA-2016-0005\n------------------------------------------------------------------------\n\nDate reported : August 25, 2016\nAdvisory ID : WSA-2016-0005\nAdvisory URL : https://webkitgtk.org/security/WSA-2016-0005.html\nCVE identifiers : CVE-2016-4583, CVE-2016-4585, CVE-2016-4586,\n CVE-2016-4587, CVE-2016-4588, CVE-2016-4589,\n CVE-2016-4590, CVE-2016-4591, CVE-2016-4592,\n CVE-2016-4622, CVE-2016-4623, CVE-2016-4624,\n CVE-2016-4651. \n\nSeveral vulnerabilities were discovered in WebKitGTK+. \n\nCVE-2016-4583\n Versions affected: WebKitGTK+ before 2.12.2. \n Credit to Roeland Krak. \n\nCVE-2016-4585\n Versions affected: WebKitGTK+ before 2.12.1. \n Credit to Takeshi Terada of Mitsui Bussan Secure Directions, Inc. \n (www.mbsd.jp). \n\nCVE-2016-4586\n Versions affected: WebKitGTK+ before 2.12.1. \n Credit to Apple. \n\nCVE-2016-4587\n Versions affected: WebKitGTK+ before 2.10.1. \n Credit to Apple. \n\nCVE-2016-4588\n Versions affected: WebKitGTK+ before 2.12.3. \n Credit to Apple. \n\nCVE-2016-4589\n Versions affected: WebKitGTK+ before 2.12.3. \n Credit to Tongbo Luo and Bo Qu of Palo Alto Networks. \n\nCVE-2016-4590\n Versions affected: WebKitGTK+ before 2.12.4. \n Credit to xisigr of Tencent\u0027s Xuanwu Lab (www.tencent.com). \n\nCVE-2016-4591\n Versions affected: WebKitGTK+ before 2.12.4. \n Credit to ma.la of LINE Corporation. \n\nCVE-2016-4592\n Versions affected: WebKitGTK+ before 2.10.5. \n Credit to Mikhail. \n\nCVE-2016-4622\n Versions affected: WebKitGTK+ before 2.12.4. \n Credit to Samuel Gross working with Trend Micro\u0027s Zero Day\n Initiative. \n\nCVE-2016-4623\n Versions affected: WebKitGTK+ before 2.12.0. \n Credit to Apple. \n\nCVE-2016-4624\n Versions affected: WebKitGTK+ before 2.12.4. \n Credit to Apple. \n\nCVE-2016-4651\n Versions affected: WebKitGTK+ before 2.12.0. \n Credit to Obscure. \n\n\nWe recommend updating to the last stable version of WebKitGTK+. It is\nthe best way of ensuring that you are running a safe version of\nWebKitGTK+. Please check our website for information about the last\nstable releases. \n\nFurther information about WebKitGTK+ Security Advisories can be found\nat: https://webkitgtk.org/security.html\n\nThe WebKitGTK+ team,\nAugust 25, 2016\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-4 tvOS 9.2.2\n\ntvOS 9.2.2 is now available and addresses the following:\n\nCoreGraphics\nAvailable for: Apple TV (4th generation)\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nIOAcceleratorFamily\nAvailable for: Apple TV (4th generation)\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved validation. \nCVE-2016-4627 : Ju Zhu of Trend Micro\n\nIOHIDFamily\nAvailable for: Apple TV (4th generation)\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nKernel\nAvailable for: Apple TV (4th generation)\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: Apple TV (4th generation)\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : Marco Grassi (@marcograss) of KeenLab (@keen_lab),\nTencent, CESG\n\nlibxml2\nAvailable for: Apple TV (4th generation)\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxml2\nAvailable for: Apple TV (4th generation)\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxslt\nAvailable for: Apple TV (4th generation)\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nSandbox Profiles\nAvailable for: Apple TV (4th generation)\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4586 : Apple\nCVE-2016-4588 : Apple\nCVE-2016-4589 : Tongbo Luo and Bo Qu of Palo Alto Networks\nCVE-2016-4622 : Samuel Gross working with Trend Microas Zero Day\nInitiative\nCVE-2016-4623 : Apple\nCVE-2016-4624 : Apple\n\nWebKit\nAvailable for: Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may result in the\ndisclosure of process memory\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4587 : Apple\n\nWebKit\nAvailable for: Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may compromise user\ninformation on the file system\nDescription: A permissions issue existed in the handling of the\nlocation variable. This was addressed though additional ownership\nchecks. \nCVE-2016-4591 : ma.la of LINE Corporation\n\nWebKit\nAvailable for: Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may disclose image data from\nanother website\nDescription: A timing issue existed in the processing of SVG. This\nissue was addressed through improved validation. This issue was addressed through improved URL validation\non redirection. (www.mbsd.jp)\n\nInstallation note:\n\nApple TV will periodically check for software updates. Alternatively,\nyou may manually check for software updates by selecting\n\"Settings -\u003e System -\u003e Software Update -\u003e Update Software.\". \n\nTo check the current version of software, select\n\"Settings -\u003e General -\u003e About\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXA+AAoJEIOj74w0bLRGi6IP/2DDPP2Z208nJPL0+a+bMJA4\nJUIrF0BM4wyr1Hy/Vb2zN5RkAZYeHwq8Jq9av9qu79Xgan2jcgPRWKSAiztp0BMx\nkYPLi6PrpvWiWLHpqkWGnKVK1LmdBQXKrPsCmMJacKJ2TldBMofAiuh3QrjqZ7ud\nGVbTB4HkjX2FnpCt25DkUK5Y5oWP8lv4rvB+iTfO/kVGfSMfrTg1HGH3s49+UTHV\nGICBGi+L8yftmYaM10a5JjnOCRiIKXa95Kt1CTPrDxFSJG2QBmMBvSGV4qivyf6i\nbuqAso81LVWnJBIKjj21usJqm6Q1lqtU5MTElfDq0w/uo7oxL/eWB4e8H0lm9Jow\noD+ZepkO0SHQgwNWprMKrEbI/xow1CiYdxj/a8DYSuQicCjPZanQux04MurfmU5Q\nYEkzj+oxuzBherHAVwqleHEglDOy6CJx/UCVoxnf0Tcj9FQOTzQ+aUqYMXrM33Yu\nzhU4Eai/9PKLLuqQzhgXYqsSnHKu5ojzesunRo09D+Q1jjSyIXvhmUmCXBgDvcls\nMfSUjWJJxniqj+C8zFeHuFEbPU70urVmUH7rWSBsRCRhjzwYMAWpPejkT/XDs1qm\nSCTElHATr+BfvS0v1E5En2xNKXSodyJL1SaK9rHnkre+40+e0IJJbOQzbQH9MAcJ\nylGAp0etGDWZ40Q5IyH8\n=N/Ug\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4622"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"db": "BID",
"id": "91830"
},
{
"db": "VULHUB",
"id": "VHN-93441"
},
{
"db": "VULMON",
"id": "CVE-2016-4622"
},
{
"db": "PACKETSTORM",
"id": "138715"
},
{
"db": "PACKETSTORM",
"id": "137962"
},
{
"db": "PACKETSTORM",
"id": "138502"
},
{
"db": "PACKETSTORM",
"id": "137961"
}
],
"trust": 3.69
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4622",
"trust": 4.7
},
{
"db": "ZDI",
"id": "ZDI-16-486",
"trust": 2.7
},
{
"db": "ZDI",
"id": "ZDI-16-485",
"trust": 2.7
},
{
"db": "BID",
"id": "91830",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "138502",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036343",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU94844193",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3674",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3673",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201607-878",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-93441",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-4622",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138715",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137962",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137961",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"db": "VULHUB",
"id": "VHN-93441"
},
{
"db": "VULMON",
"id": "CVE-2016-4622"
},
{
"db": "BID",
"id": "91830"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"db": "PACKETSTORM",
"id": "138715"
},
{
"db": "PACKETSTORM",
"id": "137962"
},
{
"db": "PACKETSTORM",
"id": "138502"
},
{
"db": "PACKETSTORM",
"id": "137961"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-878"
},
{
"db": "NVD",
"id": "CVE-2016-4622"
}
]
},
"id": "VAR-201607-0360",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93441"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:59:34.804000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT206900",
"trust": 2.2,
"url": "https://support.apple.com/en-us/HT206900"
},
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "APPLE-SA-2016-07-18-2 iOS 9.3.3",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
},
{
"title": "APPLE-SA-2016-07-18-5 Safari 9.1.2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00004.html"
},
{
"title": "APPLE-SA-2016-07-18-4 tvOS 9.2.2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"
},
{
"title": "HT206902",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT206902"
},
{
"title": "HT206905",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT206905"
},
{
"title": "HT206900",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT206900"
},
{
"title": "HT206902",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT206902"
},
{
"title": "HT206905",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT206905"
},
{
"title": "Multiple Apple Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63238"
},
{
"title": "Apple: Safari 9.1.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=d5a3a8422442aa83522aee3193a3725a"
},
{
"title": "Ubuntu Security Notice: webkit2gtk vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3079-1"
},
{
"title": "Apple: tvOS 9.2.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9cb2b3a54d5cecfa5af6c947e8d6031c"
},
{
"title": "Apple: iOS 9.3.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=d61ee6bed9ca45acb3a9ebce2f29da36"
},
{
"title": "WebKit-CVE-2016-4622",
"trust": 0.1,
"url": "https://github.com/hdbreaker/WebKit-CVE-2016-4622 "
},
{
"title": "jscpwn",
"trust": 0.1,
"url": "https://github.com/saelo/jscpwn "
},
{
"title": "demystifying-js-engines",
"trust": 0.1,
"url": "https://github.com/a0viedo/demystifying-js-engines "
},
{
"title": "Browser",
"trust": 0.1,
"url": "https://github.com/7o8v/Browser "
},
{
"title": "awesome-web-security",
"trust": 0.1,
"url": "https://github.com/paramint/awesome-web-security "
},
{
"title": "qazbnm456-awesome-web-security",
"trust": 0.1,
"url": "https://github.com/mishmashclone/qazbnm456-awesome-web-security "
},
{
"title": "awesome-web-security",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-web-security "
},
{
"title": "Browser-Security-Information",
"trust": 0.1,
"url": "https://github.com/whiteHat001/Browser-Security-Information "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"db": "VULMON",
"id": "CVE-2016-4622"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-878"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93441"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"db": "NVD",
"id": "CVE-2016-4622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00003.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00004.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91830"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/539295/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206900"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206902"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206905"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/138502/webkitgtk-sop-bypass-information-disclosure.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-485"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-486"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1036343"
},
{
"trust": 1.4,
"url": "https://support.apple.com/en-us/ht206900"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4622"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94844193/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4622"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4586"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4591"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4583"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4589"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4622"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4585"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/accessibility/tvos/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ipad/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/iphone/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ipodtouch/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-485/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-486/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4623"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4651"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4590"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4624"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4588"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4592"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4587"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4584"
},
{
"trust": 0.2,
"url": "https://gpgtools.org"
},
{
"trust": 0.2,
"url": "https://www.mbsd.jp)"
},
{
"trust": 0.2,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.2,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-3079-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1856"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.12.5-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1859"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1857"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1858"
},
{
"trust": 0.1,
"url": "https://www.tencent.com)"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2016-0005.html"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security.html"
},
{
"trust": 0.1,
"url": "https://www.mbsd.jp)."
},
{
"trust": 0.1,
"url": "https://www.tencent.com)."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4616"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4609"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4610"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4608"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"db": "VULHUB",
"id": "VHN-93441"
},
{
"db": "BID",
"id": "91830"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"db": "PACKETSTORM",
"id": "138715"
},
{
"db": "PACKETSTORM",
"id": "137962"
},
{
"db": "PACKETSTORM",
"id": "138502"
},
{
"db": "PACKETSTORM",
"id": "137961"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-878"
},
{
"db": "NVD",
"id": "CVE-2016-4622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"db": "VULHUB",
"id": "VHN-93441"
},
{
"db": "VULMON",
"id": "CVE-2016-4622"
},
{
"db": "BID",
"id": "91830"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"db": "PACKETSTORM",
"id": "138715"
},
{
"db": "PACKETSTORM",
"id": "137962"
},
{
"db": "PACKETSTORM",
"id": "138502"
},
{
"db": "PACKETSTORM",
"id": "137961"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-878"
},
{
"db": "NVD",
"id": "CVE-2016-4622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"date": "2016-08-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"date": "2016-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-93441"
},
{
"date": "2016-07-22T00:00:00",
"db": "VULMON",
"id": "CVE-2016-4622"
},
{
"date": "2016-07-18T00:00:00",
"db": "BID",
"id": "91830"
},
{
"date": "2016-07-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"date": "2016-09-14T16:52:04",
"db": "PACKETSTORM",
"id": "138715"
},
{
"date": "2016-07-19T20:05:55",
"db": "PACKETSTORM",
"id": "137962"
},
{
"date": "2016-08-25T04:44:44",
"db": "PACKETSTORM",
"id": "138502"
},
{
"date": "2016-07-19T20:04:09",
"db": "PACKETSTORM",
"id": "137961"
},
{
"date": "2016-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-878"
},
{
"date": "2016-07-22T02:59:42.007000",
"db": "NVD",
"id": "CVE-2016-4622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-486"
},
{
"date": "2016-08-18T00:00:00",
"db": "ZDI",
"id": "ZDI-16-485"
},
{
"date": "2019-03-25T00:00:00",
"db": "VULHUB",
"id": "VHN-93441"
},
{
"date": "2019-03-25T00:00:00",
"db": "VULMON",
"id": "CVE-2016-4622"
},
{
"date": "2016-07-18T00:00:00",
"db": "BID",
"id": "91830"
},
{
"date": "2016-07-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004063"
},
{
"date": "2019-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-878"
},
{
"date": "2024-11-21T02:52:38.327000",
"db": "NVD",
"id": "CVE-2016-4622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "138715"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-878"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Product etc. WebKit Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004063"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-878"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…