CVE-2016-4614: libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before…

CVE-2016-4614 [CRITICAL] CVE-2016-4614: iTunes 12.4.2 for Windows Apple Security Update: About the security content of iTunes 12.4.2 for Windows Product: iTunes 12.4.2 for Windows CVE: CVE-2016-4614 Component: About Apple security updates Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2016-4614 [CRITICAL] CVE-2016-4614: watchOS 2.2.2 Apple Security Update: About the security content of watchOS 2.2.2 Product: watchOS Version: 2.2.2 CVE: CVE-2016-4614 Component: Libc Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. This issue was addressed through additional bounds checking.

CVE-2016-4614 [CRITICAL] CVE-2016-4614: tvOS 9.2.2 Apple Security Update: About the security content of tvOS 9.2.2 Product: tvOS Version: 9.2.2 CVE: CVE-2016-4614 Component: Kernel Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation.

CVE-2016-4614 [CRITICAL] CVE-2016-4614: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4614 Component: Libc Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. This issue was addressed through additional bounds checking.

CVE-2016-4614 [CRITICAL] CVE-2016-4614: OS X El Capitan v10.11.6 and Security Update 2016-004 Apple Security Update: About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004 Product: OS X El Capitan v10.11.6 and Security Update 2016-004 CVE: CVE-2016-4614 Component: LibreSSL Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7.

CVE-2016-4614 [CRITICAL] CVE-2016-4614: iCloud for Windows 5.2.1 Apple Security Update: About the security content of iCloud for Windows 5.2.1 Product: iCloud for Windows Version: 5.2.1 CVE: CVE-2016-4614 Component: About Apple security updates Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2016-4615 [CRITICAL] CWE-119 GHSA-2793-r34m-9rvh: libxml2 in Apple iOS before 9 libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619.

CVE-2016-4616 [CRITICAL] CWE-119 GHSA-g9cv-jr4f-r3m7: libxml2 in Apple iOS before 9 libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4615, and CVE-2016-4619.

CVE-2016-4614 [CRITICAL] CWE-787 GHSA-7fm3-xf2m-h9gj: libxml2 in Apple iOS before 9 libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4615, CVE-2016-4616, and CVE-2016-4619.