CVE-2016-4669

EUVD-2016-5654
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system crash) via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
appleiphone_os
𝑥
< 10.1
applemac_os_x
𝑥
< 10.12.1
appletvos
𝑥
< 10.0.1
applewatchos
𝑥
< 3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/158874/Safari-Webkit-For-iOS-7.1.2-JIT-Optimization-Bug.html
http://www.securityfocus.com/bid/93849
http://www.securitytracker.com/id/1037086
https://support.apple.com/HT207269
https://support.apple.com/HT207270
https://support.apple.com/HT207271
https://support.apple.com/HT207275
https://www.exploit-db.com/exploits/40654/
http://packetstormsecurity.com/files/158874/Safari-Webkit-For-iOS-7.1.2-JIT-Optimization-Bug.html
http://www.securityfocus.com/bid/93849
http://www.securitytracker.com/id/1037086
https://support.apple.com/HT207269
https://support.apple.com/HT207270
https://support.apple.com/HT207271
https://support.apple.com/HT207275
https://www.exploit-db.com/exploits/40654/