CVE-2016-4669
CVE-2016-4669
Corrige pronto. tiene exploit funcional público.
Vexday Risk Score
38Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS —EPSS 3.7%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Ciclo de vida
25 ago 2016Exploit Metasploit disponible
31 oct 2016PoC pública
20 feb 2017Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system crash) via unspecified vectors.
Productos afectados
n/a · n/aPoCs públicas encontradas — 4
githubgithub.com/i-o-s/CVE-2016-4669★ 0cve_referencepacketstormsecurity.com/files/158874/Safari-Webkit-For-iOS-7.1.2-JIT-Optimization-Bug.htmlno verificadocve_referencewww.exploit-db.com/exploits/40654/no verificadoexploitdbwww.exploit-db.com/exploits/40654no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
Referencias
http://packetstormsecurity.com/files/158874/Safari-Webkit-For-iOS-7.1.2-JIT-Optimization-Bug.htmlhttps://support.apple.com/HT207269https://support.apple.com/HT207270https://support.apple.com/HT207271https://support.apple.com/HT207275https://www.exploit-db.com/exploits/40654/http://www.securityfocus.com/bid/93849http://www.securitytracker.com/id/1037086