CVE-2016-1840

Published on: 05/20/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:05 PM UTC

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain versions of Iphone Os from Apple contain the following vulnerability:

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

  • CVE-2016-1840 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 6.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
About the security content of OS X El Capitan v10.11.5 and Security Update 2016-003 - Apple Support Vendor Advisory
support.apple.com
text/html
URL Logo CONFIRM support.apple.com/HT206567
Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 90691
APPLE-SA-2016-05-16-2 iOS 9.3.2 Mailing List
Vendor Advisory
lists.apple.com
text/html
URL Logo APPLE APPLE-SA-2016-05-16-2
USN-2994-1: libxml2 vulnerabilities | Ubuntu Third Party Advisory
www.ubuntu.com
text/html
URL Logo UBUNTU USN-2994-1
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update 2016-003 Mailing List
Vendor Advisory
lists.apple.com
text/html
URL Logo APPLE APPLE-SA-2016-05-16-4
Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup... (cbb27165) · Commits · GNOME / libxml2 · GitLab Patch
Third Party Advisory
git.gnome.org
text/html
URL Logo CONFIRM git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4
Debian -- Security Information -- DSA-3593-1 libxml2 Third Party Advisory
www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-3593
Oracle Linux Bulletin - July 2016 Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Apple iOS Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service and Let Remote and Local Users Obtain Potentially Sensitive Information - SecurityTracker Third Party Advisory
VDB Entry
www.securitytracker.com
text/html
URL Logo SECTRACK 1035890
Apple - Lists.apple.com Mailing List
Vendor Advisory
lists.apple.com
text/html
URL Logo APPLE APPLE-SA-2016-05-16-1
[R7] LCE 4.8.1 Fixes Multiple Vulnerabilities - Security Advisory | Tenable™ Third Party Advisory
www.tenable.com
text/html
URL Logo CONFIRM www.tenable.com/security/tns-2016-18
About the security content of tvOS 9.2.1 - Apple Support Vendor Advisory
support.apple.com
text/html
URL Logo CONFIRM support.apple.com/HT206564
McAfee Security Bulletin: McAfee Web Gateway update fixes several vulnerabilities related to xml parsing Patch
Third Party Advisory
kc.mcafee.com
text/html
URL Logo CONFIRM kc.mcafee.com/corporate/index?page=content&id=SB10170
Red Hat Customer Portal Third Party Advisory
access.redhat.com
text/html
URL Logo REDHAT RHSA-2016:1292
Oracle VM Server for x86 Bulletin - July 2016 Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Releases Release Notes
Vendor Advisory
xmlsoft.org
text/xml
URL Logo CONFIRM xmlsoft.org/news.html
libxml2: Multiple vulnerabilities (GLSA 201701-37) — Gentoo security Third Party Advisory
security.gentoo.org
text/html
URL Logo GENTOO GLSA-201701-37
APPLE-SA-2016-05-16-3 watchOS 2.2.1 Mailing List
Vendor Advisory
lists.apple.com
text/html
URL Logo APPLE APPLE-SA-2016-05-16-3
About the security content of iOS 9.3.2 - Apple Support Vendor Advisory
support.apple.com
text/html
URL Logo CONFIRM support.apple.com/HT206568
About the security content of watchOS 2.2.1 - Apple Support Vendor Advisory
support.apple.com
text/html
URL Logo CONFIRM support.apple.com/HT206566
Bug 757711 – heap-buffer-overflow in xmlFAParsePosCharGroup Exploit
Issue Tracking
Third Party Advisory
bugzilla.gnome.org
text/html
URL Logo CONFIRM bugzilla.gnome.org/show_bug.cgi?id=757711
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2957
Oracle Solaris Bulletin - July 2016 Third Party Advisory
www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
AppleIphone OsAllAllAllAll
Operating
System
AppleIphone OsAllAllAllAll
Operating
System
AppleMac Os XAllAllAllAll
Operating
System
AppleMac Os XAllAllAllAll
Operating
System
AppleTvosAllAllAllAll
Operating
System
AppleTvosAllAllAllAll
Operating
System
AppleWatchosAllAllAllAll
Operating
System
AppleWatchosAllAllAllAll
Operating
System
CanonicalUbuntu Linux12.04AllAllAll
Operating
System
CanonicalUbuntu Linux14.04AllAllAll
Operating
System
CanonicalUbuntu Linux15.10AllAllAll
Operating
System
CanonicalUbuntu Linux16.04AllAllAll
Operating
System
CanonicalUbuntu Linux12.04AllAllAll
Operating
System
CanonicalUbuntu Linux14.04AllAllAll
Operating
System
CanonicalUbuntu Linux15.10AllAllAll
Operating
System
CanonicalUbuntu Linux16.04AllAllAll
Operating
System
DebianDebian Linux8.0AllAllAll
Operating
System
DebianDebian Linux8.0AllAllAll
ApplicationMcafeeWeb GatewayAllAllAllAll
ApplicationMcafeeWeb GatewayAllAllAllAll
Operating
System
RedhatEnterprise Linux Desktop6.0AllAllAll
Operating
System
RedhatEnterprise Linux Desktop7.0AllAllAll
Operating
System
RedhatEnterprise Linux Desktop6.0AllAllAll
Operating
System
RedhatEnterprise Linux Desktop7.0AllAllAll
Operating
System
RedhatEnterprise Linux Server6.0AllAllAll
Operating
System
RedhatEnterprise Linux Server7.0AllAllAll
Operating
System
RedhatEnterprise Linux Server6.0AllAllAll
Operating
System
RedhatEnterprise Linux Server7.0AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.3AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.4AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.6AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.3AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.4AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.6AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.3AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.4AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.5AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.6AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.3AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.4AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.5AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.6AllAllAll
Operating
System
RedhatEnterprise Linux Server Tus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Tus7.3AllAllAll
Operating
System
RedhatEnterprise Linux Server Tus7.6AllAllAll
Operating
System
RedhatEnterprise Linux Server Tus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Tus7.3AllAllAll
Operating
System
RedhatEnterprise Linux Server Tus7.6AllAllAll
Operating
System
RedhatEnterprise Linux Workstation6.0AllAllAll
Operating
System
RedhatEnterprise Linux Workstation7.0AllAllAll
Operating
System
RedhatEnterprise Linux Workstation6.0AllAllAll
Operating
System
RedhatEnterprise Linux Workstation7.0AllAllAll
ApplicationXmlsoftLibxml2AllAllAllAll
ApplicationXmlsoftLibxml2AllAllAllAll
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*:
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*: