CVE-2016-4643

CWE-200Information Exposure6 documents4 sources
Severity
6.5MEDIUM
EPSS
0.4%
top 42.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple Apple TVApple Iphone OSApple MAC OS
Timeline
PublishedJan 11
Latest updateMay 14

Description

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

NVDapple/mac_os10.11.010.11.6
NVDapple/apple_tv< 9.2.2
NVDapple/iphone_os< 9.3.3

🔴Vulnerability Details

2
GHSA
GHSA-8jrg-2wj2-p7hp: In iOS before 92022-05-14
CVEList
CVE-2016-4643: In iOS before 92019-01-11

📋Vendor Advisories

3
Apple
CVE-2016-4643: OS X El Capitan v10.11.6 and Security Update 2016-0042016-07-18
Apple
CVE-2016-4643: iOS 9.3.32016-07-18
Apple
CVE-2016-4643: tvOS 9.2.22016-07-18
CVE-2016-4643 (MEDIUM CVSS 6.5) | In iOS before 9.3.3 | cvebase.io