CVE-2016-1751

EPSS 0.23%
Veröffentlicht 24.03.2016 01:59:21
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle product-security@apple.com
Teams Watchlist Login
Unerledigt Login

The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ iPhone OS Version < 9.3

Apple ≫ tvOS Version < 9.2

Apple ≫ watchOS Version < 2.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.46

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html

Vendor Advisory

Mailing List

http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html

Vendor Advisory

Mailing List

http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html

Vendor Advisory

Mailing List

https://support.apple.com/HT206166

Vendor Advisory

https://support.apple.com/HT206168

Vendor Advisory

https://support.apple.com/HT206169

Vendor Advisory

http://www.securitytracker.com/id/1035353

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-1751

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-1751

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-1751

EUVD