Vulnerabilities > CVE-2016-4627 - NULL Pointer Dereference vulnerability in Apple Iphone OS, Tvos and Watchos
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Misc. |
NASL id | APPLETV_9_2_2.NASL |
description | According to its banner, the version of the remote Apple TV device is prior to 9.2.2. It is, therefore, affected by multiple vulnerabilities in the following components : - CoreGraphics - ImageIO - IOAcceleratorFamily - IOHIDFamily - Kernel - libxml2 - libxslt - Sandbox Profiles - WebKit - WebKit Page Loading Note that only 4th generation models are affected by the vulnerabilities. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 92494 |
published | 2016-07-21 |
reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/92494 |
title | Apple TV < 9.2.2 Multiple Vulnerabilities |
References
- http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
- http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
- http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
- http://www.securityfocus.com/bid/91831
- http://www.securitytracker.com/id/1036344
- https://support.apple.com/HT206902
- https://support.apple.com/HT206904
- https://support.apple.com/HT206905