Apple iOS < 10.0 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 9619

Synopsis

The remote host is missing a critical Apple iOS patch update.

Description

The version of iOS running on the mobile device is prior to 10.0, and is affected by multiple vulnerabilities in the following components :

- AppleMobileFileIntegrity (CVE-2016-4698)
- Assets (CVE-2016-4741)
- Audio (CVE-2016-4702)
- CFNetwork (CVE-2016-4707, CVE-2016-4708)
- CommonCrypto (CVE-2016-4711, CVE-2016-4712)
- FontParser (CVE-2016-4718)
- GeoServices (CVE-2016-4719)
- IDS - Connectivity (CVE-2016-4722)
- IOAcceleratorFamily (CVE-2016-4724, CVE-2016-4725, CVE-2016-4726)
- Kernel (CVE-2016-4771, CVE-2016-4772, CVE-2016-4773, CVE-2016-4774, CVE-2016-4776, CVE-2016-4777, CVE-2016-4778)
- Keyboards (CVE-2016-4746)
- libxml2 (CVE-2016-4658, CVE-2016-5131)
- libxslt (CVE-2016-4738)
- Mail (CVE-2016-4747)
- Messages (CVE-2016-4740)
- Printing UIKit (CVE-2016-4749)
- S2 Camera (CVE-2016-4750)
- Safari Reader (CVE-2016-4618)
- Sandbox Profiles (CVE-2016-4620)
- Security (CVE-2016-4753)
- Springboard (CVE-2016-7759)
- WebKit (CVE-2016-4728, CVE-2016-4758, CVE-2016-4611, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4759, CVE-2016-4762, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4760, CVE-2016-4733, CVE-2016-4765, CVE-2016-4763)

Solution

Upgrade to Apple iOS 10.0 or later.

See Also

https://support.apple.com/en-us/HT207143

Plugin Details

Severity: Critical

ID: 9619

Published: 2016/10/03

Updated: 2019/03/06

Dependencies: 8637

Nessus ID: 93515

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Patch Publication Date: 2016/09/13

Vulnerability Publication Date: 2016/09/13

Reference Information

CVE: CVE-2016-4611, CVE-2016-4618, CVE-2016-4620, CVE-2016-4658, CVE-2016-4698, CVE-2016-4702, CVE-2016-4707, CVE-2016-4708, CVE-2016-4711, CVE-2016-4712, CVE-2016-4718, CVE-2016-4719, CVE-2016-4722, CVE-2016-4724, CVE-2016-4725, CVE-2016-4726, CVE-2016-4728, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4733, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4738, CVE-2016-4740, CVE-2016-4741, CVE-2016-4746, CVE-2016-4747, CVE-2016-4749, CVE-2016-4750, CVE-2016-4753, CVE-2016-4758, CVE-2016-4759, CVE-2016-4760, CVE-2016-4762, CVE-2016-4763, CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4771, CVE-2016-4772, CVE-2016-4773, CVE-2016-4774, CVE-2016-4776, CVE-2016-4777, CVE-2016-4778, CVE-2016-5131, CVE-2016-7759

BID: 92932