#VU597 Information disclosure in Apple Inc. products - CVE-2016-4758
Published: September 21, 2016 / Updated: January 16, 2017
Vulnerability identifier: #VU597
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-4758
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Apple Safari
iTunes
Apple iOS
Apple Safari
iTunes
Apple iOS
Software vendor:
Apple Inc.
Apple Inc.
Description
The vulnerability allows a remote user to obtain potentially sensitive information on the target system.
The weakness exists due to permissions flaw in the variable location handling and leads to sensivitive information disclosure.
Successful exploitation of the vulnerability results in access to potentially sensitive data.
The weakness exists due to permissions flaw in the variable location handling and leads to sensivitive information disclosure.
Successful exploitation of the vulnerability results in access to potentially sensitive data.
Remediation
Update to 10.0