CVE-2016-4671

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.12.1

Description The issue involves the ImageIO component and allows remote attackers to execute arbitrary code or cause a denial of service via a crafted PDF file. This is due to an out-of-bounds write and application crash. The exploitation of this issue can lead to the execution of arbitrary code or a denial of service.

Recommendations For macOS versions prior to 10.12.1, update to version 10.12.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the ImageIO component when handling PDF files from untrusted sources until a patch is applied.