CVE-2016-4637

Name of the Vulnerable Software and Affected Versions CoreGraphics in Apple iOS versions prior to 9.3.3 CoreGraphics in Apple OS X versions prior to 10.11.6 CoreGraphics in Apple tvOS versions prior to 9.2.2 CoreGraphics in Apple watchOS versions prior to 2.2.2

Description The issue is caused by a buffer overflow in the CoreGraphics component of Mac OS X and iOS operating systems. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service (memory corruption) using a specially crafted BMP image.

Recommendations For iOS versions prior to 9.3.3, update to version 9.3.3 or later to resolve the issue. For OS X versions prior to 10.11.6, update to version 10.11.6 or later to resolve the issue. For tvOS versions prior to 9.2.2, update to version 9.2.2 or later to resolve the issue. For watchOS versions prior to 2.2.2, update to version 2.2.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted BMP images until a patch is available.