Published: 20/02/2017 Updated: 29/07/2017

CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 4.4 | Impact Score: 2.5 | Exploitability Score: 1.8

VMScore: 320

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N

An issue exists in certain Apple products. iOS prior to 10.1 is affected. The issue involves the "Contacts" component, which does not prevent an app's Address Book access after access revocation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone os

It's nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad

The Register • Shaun Nichols in San Francisco • 24 Oct 2016

Get patching now

Apple has distributed a fresh round of security updates to address remote-code execution holes in iOS, macOS, Safari, and the firmware for Apple Watch and AppleTV. Miscreants who exploit these flaws can take over the vulnerable device – all a victim has to do is open a JPEG or PDF file booby-trapped with malicious code, so get patching before you're caught out. The fixes come just days before the Cupertino developer of TextEdit is set to hold a special event to introduce a (presumed) refresh o...

CVE-2016-4686

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect