Published: 20/05/2016 Updated: 01/12/2016

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

AppleGraphicsDeviceControlClient in Apple OS X prior to 10.11.5 allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x

/* Source: bugschromiumorg/p/project-zero/issues/detail?id=782 AppleGraphicsDeviceControlClient doesn't check that its pointer to its IOService (at this+0xd8) is non-null before using it in all external methods We can set this pointer to NULL by racing two threads, one of which calls IOServiceClose which NULLs out the pointer and the o ...

NVD-CWE-Other https://support.apple.com/HT206567 http://lists.apple.com/archives/security-announce/2016/May/msg00004.html https://www.exploit-db.com/exploits/39923/https://bugs.chromium.org/p/project-zero/issues/detail?id=782 http://packetstormsecurity.com/files/137401/OS-X-AppleGraphicsDeviceControl-NULL-Pointer-Dereference.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://nvd.nist.gov https://www.exploit-db.com/exploits/39923/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-1793

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect