APPLE-SA-2016-05-16-1

APPLE-SA-2016-05-16-2

APPLE-SA-2016-05-16-5

http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html

20160530 WebKitGTK+ Security Advisory WSA-2016-0004

1035888

https://support.apple.com/HT206564

https://support.apple.com/HT206565

https://support.apple.com/HT206568

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Versions of Apple TV earlier than 9.2.1 are unpatched for vulnerabilities in the following components :

 - CFNetwork Proxies
 - CommonCrypto
 - CoreCapture
 - Disk Images
 - ImageIO
 - IOAcceleratorFamily
 - IOHIDFamily
 - Kernel
 - libc
 - libxml2
 - libxslt
 - OpenGL
 - WebKit
 - WebKit Canvas
 

The remote host is running a version of iOS that is prior to version 9.3.2 and the following components contain vulnerabilities :

 - Accessibility
 - CFNetwork Proxies
 - CommonCrypto
 - CoreCapture
 - Disk Images
 - ImageIO
 - IOAcceleratorFamily
 - IOHIDFamily
 - Kernel
 - libc
 - libxml2
 - libxslt
 - MapKit
 - OpenGL
 - Safari
 - Siri
 - WebKit
 - WebKit Canvas

According to its banner, the version of the remote Apple TV device is prior to 9.2.1. It is, therefore, affected by multiple vulnerabilities in the following components :

  - CFNetwork Proxies
  - CommonCrypto
  - CoreCapture
  - Disk Images
  - ImageIO
  - IOAcceleratorFamily
  - IOHIDFamily
  - Kernel
  - libc
  - libxml2
  - libxslt
  - OpenGL
  - WebKit
  - WebKit Canvas

Note that only 4th generation models are affected by the vulnerabilities.

The mobile device is running a version of iOS prior to 9.3.2. It is, therefore, affected by multiple vulnerabilities in the following components :

  - Accessibility
  - CFNetwork Proxies
  - CommonCrypto
  - CoreCapture
  - Disk Images
  - ImageIO
  - IOAcceleratorFamily
  - IOHIDFamily
  - Kernel
  - libc
  - libxml2
  - libxslt
  - MapKit
  - OpenGL
  - Safari
  - Siri
  - WebKit
  - WebKit Canvas

The version of Apple Safari installed on the remote Mac OS X host is prior to 9.1.1. It is, therefore, affected by the following vulnerabilities :

  - An information disclosure vulnerability exists due to a     failure to completely delete a user's browser history     when using the 'Clear History and Website Data' action.
    An attacker can exploit this to disclose sensitive     information. (CVE-2016-1849)

  - Multiple memory corruption issues exist in WebKit due to     improper validation of user-supplied input. A remote     attacker, via a specially crafted website, can exploit     these issues to execute arbitrary code. (CVE-2016-1854,     CVE-2016-1855, CVE-2016-1856, CVE-2016-1857,     CVE-2016-1859)

  - An information disclosure vulnerability exists in WebKit     due to insufficient taint tracking. A remote attacker     can exploit this, via a specially crafted SVG image, to     disclose information from another website.
    (CVE-2016-1858)

ID	Name	Product	Family	Severity
93511	Ubuntu 16.04 LTS : webkit2gtk vulnerabilities (USN-3079-1)	Nessus	Ubuntu Local Security Checks	high
9337	Apple TV < 9.2.1 Multiple Vulnerabilities	Nessus Network Monitor	Internet Services	high
9332	Apple iOS < 9.3.2 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
91311	Apple TV < 9.2.1 Multiple Vulnerabilities	Nessus	Misc.	high
91225	Apple iOS < 9.3.2 Multiple Vulnerabilities	Nessus	Mobile Devices	high
91221	Mac OS X : Apple Safari < 9.1.1 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high

CVE-2016-1858

MEDIUM

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

high

high

high

high

high

high