CVE-2016-1794

Name of the Vulnerable Software and Affected Versions Apple OS X versions prior to 10.11.5

Description The issue is related to the AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl, which allows attackers to execute arbitrary code in a privileged context or cause a denial of service via a crafted app. This is due to errors in pointer dereferencing. Exploitation of the issue can enable a remote attacker to execute arbitrary code in a privileged context or cause a denial of service.

Recommendations For versions prior to 10.11.5, update to version 10.11.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the AppleGraphicsControl component to minimize the risk of exploitation.