CVE-2016-1777

CWE-31010 documents5 sources

Severity

7.5HIGH

EPSS

0.4%

top 39.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Server

Timeline

PublishedMar 24

Latest updateMay 17

Description

Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDapple/mac_os_x_server5.0.15

🔴Vulnerability Details

GHSA

GHSA-xcwp-4r9f-392x: Web Server in Apple OS X Server before 5↗2022-05-17

▶

CVEList

CVE-2016-1777: Web Server in Apple OS X Server before 5↗2016-03-24

▶

📋Vendor Advisories

Apple

CVE-2016-1777: macOS Mojave 10.14↗2018-09-24

▶

Apple

CVE-2016-1777: iOS 12↗2018-09-17

▶

Apple

CVE-2016-1777: watchOS 5↗2018-09-17

▶

Apple

CVE-2016-1777: tvOS 12↗2018-09-17

▶

Apple

CVE-2016-1777: macOS Sierra 10.12.2, Security Update 2016-003 El Capitan, and Security Update 2016-007 Yosemite↗2016-12-13

▶

💬Community

Bugzilla

pcre: Heap buffer overflow in pcretest causing infinite loop (8.39/15)↗2016-02-29

▶