Vulnerabilities > CVE-2016-4627 - NULL Pointer Dereference vulnerability in Apple Iphone OS, Tvos and Watchos

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
apple
CWE-476
nessus

Summary

IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

Vulnerable Configurations

Part Description Count
OS
Apple
195

Common Weakness Enumeration (CWE)

Nessus

NASL familyMisc.
NASL idAPPLETV_9_2_2.NASL
descriptionAccording to its banner, the version of the remote Apple TV device is prior to 9.2.2. It is, therefore, affected by multiple vulnerabilities in the following components : - CoreGraphics - ImageIO - IOAcceleratorFamily - IOHIDFamily - Kernel - libxml2 - libxslt - Sandbox Profiles - WebKit - WebKit Page Loading Note that only 4th generation models are affected by the vulnerabilities.
last seen2020-06-01
modified2020-06-02
plugin id92494
published2016-07-21
reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/92494
titleApple TV < 9.2.2 Multiple Vulnerabilities