Detections
Analytics

Apple iOS < 10.0 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 9619

Synopsis

The remote host is missing a critical Apple iOS patch update.

Description

The version of iOS running on the mobile device is prior to 10.0, and is affected by multiple vulnerabilities in the following components :

 - AppleMobileFileIntegrity (CVE-2016-4698)
 - Assets (CVE-2016-4741)
 - Audio (CVE-2016-4702)
 - CFNetwork (CVE-2016-4707, CVE-2016-4708)
 - CommonCrypto (CVE-2016-4711, CVE-2016-4712)
 - FontParser (CVE-2016-4718)
 - GeoServices (CVE-2016-4719)
 - IDS - Connectivity (CVE-2016-4722)
 - IOAcceleratorFamily (CVE-2016-4724, CVE-2016-4725, CVE-2016-4726)
 - Kernel (CVE-2016-4771, CVE-2016-4772, CVE-2016-4773, CVE-2016-4774, CVE-2016-4776, CVE-2016-4777, CVE-2016-4778)
 - Keyboards (CVE-2016-4746)
 - libxml2 (CVE-2016-4658, CVE-2016-5131)
 - libxslt (CVE-2016-4738)
 - Mail (CVE-2016-4747)
 - Messages (CVE-2016-4740)
 - Printing UIKit (CVE-2016-4749)
 - S2 Camera (CVE-2016-4750)
 - Safari Reader (CVE-2016-4618)
 - Sandbox Profiles (CVE-2016-4620)
 - Security (CVE-2016-4753)
 - Springboard (CVE-2016-7759)
 - WebKit (CVE-2016-4728, CVE-2016-4758, CVE-2016-4611, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4759, CVE-2016-4762, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4760, CVE-2016-4733, CVE-2016-4765, CVE-2016-4763)

Solution

Upgrade to Apple iOS 10.0 or later.

See Also

https://support.apple.com/en-us/HT207143

Plugin Details

Severity: Critical

ID: 9619

Published: 10/3/2016

Updated: 3/6/2019

Nessus ID: 93515

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.7

Temporal Score: 7.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Patch Publication Date: 9/13/2016

Vulnerability Publication Date: 9/13/2016

Reference Information

CVE: CVE-2016-4611, CVE-2016-4618, CVE-2016-4620, CVE-2016-4658, CVE-2016-4698, CVE-2016-4702, CVE-2016-4707, CVE-2016-4708, CVE-2016-4711, CVE-2016-4712, CVE-2016-4718, CVE-2016-4719, CVE-2016-4722, CVE-2016-4724, CVE-2016-4725, CVE-2016-4726, CVE-2016-4728, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4733, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4738, CVE-2016-4740, CVE-2016-4741, CVE-2016-4746, CVE-2016-4747, CVE-2016-4749, CVE-2016-4750, CVE-2016-4753, CVE-2016-4758, CVE-2016-4759, CVE-2016-4760, CVE-2016-4762, CVE-2016-4763, CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4771, CVE-2016-4772, CVE-2016-4773, CVE-2016-4774, CVE-2016-4776, CVE-2016-4777, CVE-2016-4778, CVE-2016-5131, CVE-2016-7759

BID: 92932