Vulnerabilities > CVE-2016-4772 - Resource Management Errors vulnerability in Apple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family MacOS X Local Security Checks NASL id MACOS_10_12.NASL description The remote host is running a version of Mac OS X that is prior to 10.10.5, 10.11.x prior to 10.11.6, or is not macOS 10.12. It is, therefore, affected by multiple vulnerabilities in the following components : - apache - apache_mod_php - Apple HSSPI Support - AppleEFIRuntime - AppleMobileFileIntegrity - AppleUCC - Application Firewall - ATS - Audio - Bluetooth - cd9660 - CFNetwork - CommonCrypto - CoreCrypto - CoreDisplay - curl - Date & Time Pref Pane - DiskArbitration - File Bookmark - FontParser - IDS - Connectivity - ImageIO - Intel Graphics Driver - IOAcceleratorFamily - IOThunderboltFamily - Kerberos v5 PAM module - Kernel - libarchive - libxml2 - libxpc - libxslt - mDNSResponder - NSSecureTextField - Perl - S2 Camera - Security - Terminal - WindowServer Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 93685 published 2016-09-23 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93685 title macOS < 10.12 Multiple Vulnerabilities NASL family Misc. NASL id APPLETV_10.NASL description According to its banner, the version of Apple TV on the remote device is prior to 10. It is, therefore, affected by multiple vulnerabilities in the following components : - Audio - CFNetwork - CoreCrypto - FontParser - IOAcceleratorFamily - Kernel - libxml2 - libxslt - Security - WebKit Note that only 4th generation models are affected by these vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 93776 published 2016-09-28 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93776 title Apple TV < 10 Multiple Vulnerabilities
References
- http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
- http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html
- http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html
- http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html
- http://www.securityfocus.com/bid/93054
- http://www.securitytracker.com/id/1036858
- https://support.apple.com/HT207141
- https://support.apple.com/HT207142
- https://support.apple.com/HT207143
- https://support.apple.com/HT207170