PT-2017-1322 · Apple · Apple Macos

Ke Liu

Publicado

2017-02-20

Atualizado

2017-07-29

CVE-2016-4682

CVSS v3.1

7.1

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.12.1

Description The issue involves the ImageIO component and is related to an out-of-bounds read error in memory. It allows remote attackers to obtain sensitive information or cause a denial of service, such as application crash, via a crafted SGI file.

Recommendations For macOS versions prior to 10.12.1, update to version 10.12.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted SGI files to minimize the risk of exploitation.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

BDU:2017-00447

CVE-2016-4682

Produtos afetados

Apple Macos

PT-2017-1322 · Apple · Apple Macos

CVE-2016-4682

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7