Apple iOS 9.3.x < 9.3.3 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 9445

Synopsis

The remote host is missing a critical Apple iOS patch update.

Description

The remote host is running a version of iOS 9.3.x prior to version 9.3.3, and the following components contain vulnerabilities :

- CFNetwork
- libxml2
- WebKit
- CoreGraphics
- FaceTime
- ImageIO
- IOHIDFamily
- Sandbox
- Kernel
- libxslt
- Calender
- IOAcceleratorFamily
- Safari
- Siri Contacts
- Web Media

Solution

Upgrade to Apple iOS 9.3.3 or later.

See Also

https://support.apple.com/en-us/HT206902

https://support.apple.com/en-us/HT206903

https://support.apple.com/en-us/HT206904

https://support.apple.com/en-us/HT206905

Plugin Details

Severity: High

ID: 9445

Published: 2016/07/29

Updated: 2019/03/06

Dependencies: 8637

Nessus ID: 92359

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSS v3.0

Base Score: 8.4

Temporal Score: 8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Patch Publication Date: 2016/07/18

Vulnerability Publication Date: 2016/07/20

Reference Information

CVE: CVE-2015-7059, CVE-2015-7060, CVE-2015-7061, CVE-2015-7109, CVE-2016-1762, CVE-2016-1863, CVE-2016-4582, CVE-2016-4586, CVE-2016-4588, CVE-2016-4589, CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, CVE-2016-4612, CVE-2016-4614, CVE-2016-4615, CVE-2016-4616, CVE-2016-4619, CVE-2016-4622, CVE-2016-4623, CVE-2016-4624, CVE-2016-4642, CVE-2016-4643, CVE-2016-4644

BID: 78735, 78733, 91827