Published: 20/02/2017 Updated: 08/03/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

An issue exists in certain Apple products. iOS prior to 10.1 is affected. tvOS prior to 10.0.1 is affected. watchOS prior to 3.1 is affected. The issue involves the "Sandbox Profiles" component, which allows malicious users to read audio-recording metadata via a crafted app.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone os
apple watchos
apple tvos

It's nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad

The Register • Shaun Nichols in San Francisco • 24 Oct 2016

Get patching now

Apple has distributed a fresh round of security updates to address remote-code execution holes in iOS, macOS, Safari, and the firmware for Apple Watch and AppleTV. Miscreants who exploit these flaws can take over the vulnerable device – all a victim has to do is open a JPEG or PDF file booby-trapped with malicious code, so get patching before you're caught out. The fixes come just days before the Cupertino developer of TextEdit is set to hold a special event to introduce a (presumed) refresh o...

CVE-2016-4665

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect