UBUNTU-CVE-2016-4610

Description

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612.

CVSS Metrics

• v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
• v3.0•CRITICAL•Score: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• ubuntu•libxslt

  < 1.1.28-2ubuntu0.1 | < 1.1.28-2.1ubuntu0.1

References (14)

• https://ubuntu.com/security/CVE-2016-4610
• http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
• http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
• http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
• http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
• http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
• https://support.apple.com/HT206899
• https://support.apple.com/HT206901
• https://support.apple.com/HT206902
• https://support.apple.com/HT206903
• https://support.apple.com/HT206904
• https://support.apple.com/HT206905
• https://ubuntu.com/security/notices/USN-3271-1
• https://www.cve.org/CVERecord?id=CVE-2016-4610