CVE-2016-1854Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer37 documents6 sources
Severity
8.8HIGHNVD
EPSS
0.6%
top 30.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple Iphone OSApple SafariApple Tvos+2 more
Timeline
PublishedMay 20
Latest updateMay 14

Description

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages7 packages

NVDapple/tvos< 9.2.1
NVDapple/safari< 9.1.1
Appleapple/tvos9.2.1
Appleapple/safari9.1.1
NVDapple/iphone_os< 9.3.2

🔴Vulnerability Details

8
GHSA
GHSA-85vp-6cqm-7qc3: WebKit, as used in Apple iOS before 92022-05-14
GHSA
GHSA-68cm-fjjx-wg58: WebKit, as used in Apple iOS before 92022-05-14
GHSA
GHSA-6m76-6xhh-37hj: WebKit, as used in Apple iOS before 92022-05-14
GHSA
GHSA-p26q-77vf-4pcg: WebKit, as used in Apple iOS before 92022-05-14
OSV
CVE-2016-1857: WebKit, as used in Apple iOS before 92016-05-20

📋Vendor Advisories

4
Ubuntu
WebKitGTK+ vulnerabilities2016-09-14
Apple
CVE-2016-1854: iOS 9.3.2
Apple
CVE-2016-1854: Safari 9.1.1
Apple
CVE-2016-1854: tvOS 9.2.1

💬Community

21
Bugzilla
CVE-2016-5155 chromium-browser: address bar spoofing2016-09-01
Bugzilla
CVE-2016-5161 chromium-browser: type confusion in blink2016-09-01
Bugzilla
CVE-2016-5165 chromium-browser: script injection in devtools2016-09-01
Bugzilla
CVE-2016-5159 chromium-browser, openjpeg: heap overflow in parsing of JPEG2000 code blocks2016-09-01
Bugzilla
CVE-2016-5149 chromium-browser: script injection in extensions2016-09-01
CVE-2016-1854 — Apple Iphone OS vulnerability | cvebase