PT-2016-6080 · Apple · Os X

Steven Seeley

·

Publicado

2016-07-20

·

Atualizado

2017-09-01

·

CVE-2016-4646

CVSS v3.1

6.5

Média

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Apple OS X versions prior to 10.11.6
Description The issue concerns a mishandling of a size value in audio files, allowing remote attackers to obtain sensitive information or cause a denial of service through an out-of-bounds read. This can be achieved by using a crafted audio file.
Recommendations For Apple OS X versions prior to 10.11.6, update to version 10.11.6 or later to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2016-4646
ZDI-16-439

Produtos afetados

Os X