Vulnerabilities > CVE-2016-1793 - Multiple Security vulnerability in Apple Mac OS X APPLE-SA-2016-05-16-4
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
Vulnerable Configurations
Exploit-Db
description | OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl. CVE-2016-1793. Dos exploit for osx platform |
file | exploits/osx/dos/39923.c |
id | EDB-ID:39923 |
last seen | 2016-06-11 |
modified | 2016-06-10 |
platform | osx |
port | |
published | 2016-06-10 |
reporter | Google Security Research |
source | https://www.exploit-db.com/download/39923/ |
title | OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl |
type | dos |
Nessus
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_10_11_5.NASL |
description | The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.5. It is, therefore, affected by multiple vulnerabilities in the following components : - AMD - apache_mod_php - AppleGraphicsControl - AppleGraphicsPowerManagement - Assistant - ATS - Audio - Captive - CFNetwork - CommonCrypto - CoreCapture - CoreStorage - Crash - Disk - Disk - Driver - Drivers - Drivers - Graphics - Graphics - Graphics - ImageIO - Images - Intel - IOAcceleratorFamily - IOAudioFamily - IOFireWireFamily - IOHIDFamily - Kernel - libc - libxml2 - libxslt - Lock - MapKit - Messages - Multi-Touch - Network - NVIDIA - OpenGL - Proxies - QuickTime - Reporter - SceneKit - Screen - Tcl - Utility Note that successful exploitation of the most serious issues can result in arbitrary code execution. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 91228 |
published | 2016-05-19 |
reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/91228 |
title | Mac OS X 10.11.x < 10.11.5 Multiple Vulnerabilities |
code |
|
References
- http://lists.apple.com/archives/security-announce/2016/May/msg00004.html
- http://packetstormsecurity.com/files/137401/OS-X-AppleGraphicsDeviceControl-NULL-Pointer-Dereference.html
- http://www.securityfocus.com/bid/90696
- http://www.securitytracker.com/id/1035895
- https://bugs.chromium.org/p/project-zero/issues/detail?id=782
- https://support.apple.com/HT206567
- https://www.exploit-db.com/exploits/39923/