Уязвимость повреждения памяти в libxslt в различных продуктах Apple
Описание
Уязвимость в libxslt позволяет злоумышленнику организовать DoS атаку через повреждение памяти или, возможно, осуществить иное воздействие, используя неизвестные векторы. Эта уязвимость отличается от CVE-2016-4607, CVE-2016-4608, CVE-2016-4609 и CVE-2016-4612.
Затронутые версии ПО
- Apple iOS до версии 9.3.3
- OS X до версии 10.11.6
- iTunes для Windows до версии 12.4.2
- iCloud для Windows до версии 5.2.1
- tvOS до версии 9.2.2
- watchOS до версии 2.2.2
Тип уязвимости
- DoS атака
- Повреждение памяти
Ссылки
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
Уязвимые конфигурации
Одновременно
Одно из
Одновременно
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612.
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612.
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612.
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2