|
265111
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4599
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265112
|
9.8 |
CRITICAL
Network
|
apple
|
mac_os_x
|
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4598
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265113
|
8.8 |
HIGH
Network
|
apple
|
mac_os_x
|
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerabilit…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4597
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265114
|
8.8 |
HIGH
Network
|
apple
|
mac_os_x
|
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerabilit…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4596
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265115
|
4.6 |
MEDIUM
Physics
|
apple
|
mac_os_x
|
Safari Login AutoFill in Apple OS X before 10.11.6 allows physically proximate attackers to discover passwords by reading the screen during the login procedure.
|
CWE-200
Information Exposure
|
CVE-2016-4595
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265116
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
tvos
mac_os_x
watchos
|
The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an …
|
CWE-20
Improper Input Validation
|
CVE-2016-4594
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265117
|
2.4 |
LOW
Physics
|
apple
|
iphone_os
|
The Siri Contacts component in Apple iOS before 9.3.3 allows physically proximate attackers to read arbitrary Contact card information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4593
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265118
|
6.5 |
MEDIUM
Network
|
apple
webkitgtk
|
webkit
webkitgtk\+
|
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-4592
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265119
|
7.5 |
HIGH
Network
|
apple
|
webkit
|
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2016-4591
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265120
|
5.4 |
MEDIUM
Network
|
apple
|
safari
webkit
|
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2016-4590
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
