Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2016-1749

Published: 24/03/2016 Updated: 08/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 936
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Apple

Vulnerability Summary

IOUSBFamily in Apple OS X prior to 10.11.4 allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x

Exploits

Exploit DB: Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort
/* Source: bugschromiumorg/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is _AbortStreamPipe It takes two scalar inputs and uses the second one as an array index to read a pointer to a C++ object without checking the bounds then calls a virtual method on it Furthermore there's no check that the ar ...

Github Repositories

https://github.com/pandazheng/IosHackStudy

Mac&IOS安全学习资料汇总

Mac&IOS HackStudy Mac&IOS安全学习资料汇总 Mac&IOS安全学习网站收集: samdmarshallcom wwwexploit-dbcom reverseputas highaltitudehackscom/security/ wwwdllhookcom/ wwwsecuritylearnnet/archives/ securitycompassgithubio/iPhoneLabs/indexhtml securityios-wikicom www

https://github.com/shaveKevin/iOSSafetyLearning

SafetyLearning

iOSSafetyLearning IOS安全学习资料汇总 (1) IOS安全学习网站收集: wwwexploit-dbcom reverseputas highaltitudehackscom/security/ wwwdllhookcom/ wwwsecuritylearnnet/archives/ securitycompassgithubio/iPhoneLabs/indexhtml securityios-wikicom wwwopensecuritytraininginfo/IntroARMhtml true

https://github.com/pandazheng/Mac-IOS-Security

Mac&IOS安全学习资料汇总

Mac&IOS HackStudy Mac&IOS安全学习资料汇总 Mac&IOS安全学习网站收集: samdmarshallcom wwwexploit-dbcom reverseputas highaltitudehackscom/security/ wwwdllhookcom/ wwwsecuritylearnnet/archives/ securitycompassgithubio/iPhoneLabs/indexhtml securityios-wikicom www

References

CWE-119https://support.apple.com/HT206167http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.htmlhttp://www.securitytracker.com/id/1035363http://www.zerodayinitiative.com/advisories/ZDI-16-206https://www.exploit-db.com/exploits/39607/https://nvd.nist.govhttps://www.exploit-db.com/exploits/39607/https://github.com/pandazheng/IosHackStudy
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook