7.2
HIGH

CVE-2016-1719

Published: 01/02/2016 Updated: 08/03/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

Vulnerability Summary

The IOHIDFamily API in Apple iOS prior to 9.2.1, OS X prior to 10.11.3, and tvOS prior to 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Complexity: LOW
Authentication: NONE
Access Vector: LOCAL
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Affected Products

Vendor Product Versions
AppleIphone Os9.2
AppleMac Os X10.11.2
AppleTvos9.1
AppleWatchos2.1

Vendor Advisories

OS X El Capitan 10113 and Security Update 2016-001 AppleGraphicsPowerManagement Available for: OS X El Capitan v1011 to v10112 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling CVE-ID CVE-2016-1716 : moony li of Trend Micro an ...
tvOS 911 Disk Images Available for: Apple TV (4th generation) Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of disk images This issue was addressed through improved memory handling CVE-ID CVE-2016-1717 : Frank Graziano of Yahoo! Pentest Team IOH ...
watchOS 22 Disk Images Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of disk images This issue was addressed through improved memory handling CVE-ID CVE-201 ...
iOS 921 Disk Images Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of disk images This issue was addressed through improved memory handling CVE-ID CVE-2016-1 ...

Exploits

Source: codegooglecom/p/google-security-research/issues/detail?id=607 Panic log attached OS X advisory: supportapplecom/en-us/HT205731 iOS advisory: supportapplecom/en-us/HT205732 Proof of Concept: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39360zip ...
Source: codegooglecom/p/google-security-research/issues/detail?id=606 Panic log attached OS X advisory: supportapplecom/en-us/HT205731 iOS advisory: supportapplecom/en-us/HT205732 Proof of Concept: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39361zip ...
Source: codegooglecom/p/google-security-research/issues/detail?id=604 Panic log attached OS X advisory: supportapplecom/en-us/HT205731 iOS advisory: supportapplecom/en-us/HT205732 Proof of Concept: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39363zip ...
Source: codegooglecom/p/google-security-research/issues/detail?id=608 Panic log attached OS X advisory: supportapplecom/en-us/HT205731 iOS advisory: supportapplecom/en-us/HT205732 Proof of Concept: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39359zip ...
Source: codegooglecom/p/google-security-research/issues/detail?id=605 Panic log attached OS X advisory: supportapplecom/en-us/HT205731 iOS advisory: supportapplecom/en-us/HT205732 Proof of Concept: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39362zip ...
Source: codegooglecom/p/google-security-research/issues/detail?id=603 Panic log attached OS X advisory: supportapplecom/en-us/HT205731 iOS advisory: supportapplecom/en-us/HT205732 Proof of Concept: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39364zip ...

References

CWE-119http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2016/Jan/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2016/Jan/msg00005.htmlhttp://lists.apple.com/archives/security-announce/2016/Mar/msg00001.htmlhttp://packetstormsecurity.com/files/135438/iOS-Kernel-IOReportHub-Use-After-Free.htmlhttp://packetstormsecurity.com/files/135439/iOS-Kernel-IOHIDEventService-Use-After-Free.htmlhttp://packetstormsecurity.com/files/135440/iOS-Kernel-AppleOscarCMA-Use-After-Free.htmlhttp://packetstormsecurity.com/files/135441/iOS-Kernel-AppleOscarCompass-Use-After-Free.htmlhttp://packetstormsecurity.com/files/135442/iOS-Kernel-AppleOscarAccelerometer-Use-After-Free.htmlhttp://packetstormsecurity.com/files/135443/iOS-Kernel-AppleOscarGyro-Use-After-Free.htmlhttp://www.securitytracker.com/id/1034736https://code.google.com/p/google-security-research/issues/detail?id=603https://code.google.com/p/google-security-research/issues/detail?id=604https://code.google.com/p/google-security-research/issues/detail?id=605https://code.google.com/p/google-security-research/issues/detail?id=606https://code.google.com/p/google-security-research/issues/detail?id=607https://code.google.com/p/google-security-research/issues/detail?id=608https://support.apple.com/HT205729https://support.apple.com/HT205731https://support.apple.com/HT205732https://support.apple.com/HT206168https://www.exploit-db.com/exploits/39359/https://www.exploit-db.com/exploits/39360/https://www.exploit-db.com/exploits/39361/https://www.exploit-db.com/exploits/39362/https://www.exploit-db.com/exploits/39363/https://www.exploit-db.com/exploits/39364/https://www.rapid7.com/db/vulnerabilities/apple-osx-iohidfamily-cve-2016-1719https://www.exploit-db.com/exploits/39360/https://nvd.nist.govhttp://tools.cisco.com/security/center/viewAlert.x?alertId=43118