CVE-2016-4769
published 2016-09-25CVE-2016-4769: WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | itunes | <= 12.4.3 | — |
| apple | itunes_12.5.1_for_windows | — | — |
| apple | safari | <= 9.1.3 | — |
| apple | safari | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
Ubuntu
WebKitGTK+ vulnerabilities
vendor_ubuntu·2017-01-10
CVE-2016-4613 WebKitGTK+ vulnerabilities
Title: WebKitGTK+ vulnerabilities
Summary: Several security issues were fixed in WebKitGTK+.
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
Instructions: This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
Apple
CVE-2016-4769: Safari 10
vendor_apple·2016-09-20·CVSS 8.8
CVE-2016-4769 [HIGH] CVE-2016-4769: Safari 10
Apple Security Update: About the security content of Safari 10
Product: Safari
Version: 10
CVE: CVE-2016-4769
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed through improved memory handling.
Apple
CVE-2016-4769: iTunes 12.5.1 for Windows
vendor_apple·2016-09-13·CVSS 8.8
CVE-2016-4769 [HIGH] CVE-2016-4769: iTunes 12.5.1 for Windows
Apple Security Update: About the security content of iTunes 12.5.1 for Windows
Product: iTunes 12.5.1 for Windows
CVE: CVE-2016-4769
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved input validation.
GHSA
GHSA-w859-c4fc-cw6h: WebKit in Apple iTunes before 12
ghsa_unreviewed·2022-05-17
CVE-2016-4769 [HIGH] CWE-119 GHSA-w859-c4fc-cw6h: WebKit in Apple iTunes before 12
WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
OSV
CVE-2016-4769: WebKit in Apple iTunes before 12
osv·2016-09-25·CVSS 8.8
CVE-2016-4769 [HIGH] CVE-2016-4769: WebKit in Apple iTunes before 12
WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.htmlhttp://lists.apple.com/archives/security-announce/2016/Sep/msg00012.htmlhttp://www.securityfocus.com/bid/93062http://www.securitytracker.com/id/1036854https://support.apple.com/HT207157https://support.apple.com/HT207158http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.htmlhttp://lists.apple.com/archives/security-announce/2016/Sep/msg00012.htmlhttp://www.securityfocus.com/bid/93062http://www.securitytracker.com/id/1036854https://support.apple.com/HT207157https://support.apple.com/HT207158
2016-09-25
Published