CVE-2016-4643: Infoleak
First published: Fri Jan 11 2019(Updated: )
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Apple Tv | <9.2.2 | |
| Apple iPhone OS | <9.3.3 | |
| Apple Mac Os | >=10.11.0<10.11.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-4643?
The severity of CVE-2016-4643 is medium with a severity value of 6.5.
Which versions of iOS are affected by CVE-2016-4643?
iOS versions before 9.3.3 are affected by CVE-2016-4643.
Which versions of tvOS are affected by CVE-2016-4643?
tvOS versions before 9.2.2 are affected by CVE-2016-4643.
Which versions of OS X El Capitan are affected by CVE-2016-4643?
OS X El Capitan versions between 10.11.0 and 10.11.6 are affected by CVE-2016-4643.
How was the validation issue in CVE-2016-4643 addressed?
The validation issue in CVE-2016-4643 was addressed through improved response validation.
- collector/nvd-index
- vendor/apple
- canonical/apple apple tv
- canonical/apple iphone os
- canonical/apple mac os
- version/apple mac os/10.11.0