Back to search
CVE-2016-1823
Published: May 20, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDReportType enum, which triggers an incorrect cast, a different vulnerability than CVE-2016-1824.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://support.apple.com/HT206567
x_refsource_CONFIRM
APPLE-SA-2016-05-16-4
vendor-advisory
x_refsource_APPLE
https://support.apple.com/HT206566
x_refsource_CONFIRM
https://bugs.chromium.org/p/project-zero/issues/detail?id=774
x_refsource_MISC
39927
exploit
x_refsource_EXPLOIT-DB
APPLE-SA-2016-05-16-3
vendor-advisory
x_refsource_APPLE
https://support.apple.com/HT206564
x_refsource_CONFIRM
1035890
vdb-entry
x_refsource_SECTRACK
APPLE-SA-2016-05-16-2
vendor-advisory
x_refsource_APPLE
90698
vdb-entry
x_refsource_BID
https://support.apple.com/HT206568
x_refsource_CONFIRM
APPLE-SA-2016-05-16-1
vendor-advisory
x_refsource_APPLE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now