Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-1787 (GCVE-0-2016-1787)
Vulnerability from cvelistv5 – Published: 2016-03-24 01:00 – Updated: 2024-08-05 23:10
VLAI?
EPSS
Summary
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:39.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035342",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035342"
},
{
"name": "85054",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/85054"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206173"
},
{
"name": "APPLE-SA-2016-03-21-7",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-16T10:57:01",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "1035342",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035342"
},
{
"name": "85054",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/85054"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206173"
},
{
"name": "APPLE-SA-2016-03-21-7",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035342",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035342"
},
{
"name": "85054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85054"
},
{
"name": "https://support.apple.com/HT206173",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206173"
},
{
"name": "APPLE-SA-2016-03-21-7",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2016-1787",
"datePublished": "2016-03-24T01:00:00",
"dateReserved": "2016-01-13T00:00:00",
"dateUpdated": "2024-08-05T23:10:39.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.0.15\", \"matchCriteriaId\": \"B549527C-F0D8-49B7-846A-822381DBA317\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Wiki Server en Apple OS X Server en versiones anteriores a 5.1 permite a atacantes remotos obtener informaci\\u00f3n sensible de p\\u00e1ginas Wiki a trav\\u00e9s de vectores no especificados.\"}]",
"id": "CVE-2016-1787",
"lastModified": "2024-11-21T02:47:05.160",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false}]}",
"published": "2016-03-24T01:59:54.267",
"references": "[{\"url\": \"http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://www.securityfocus.com/bid/85054\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://www.securitytracker.com/id/1035342\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://support.apple.com/HT206173\", \"source\": \"product-security@apple.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/85054\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1035342\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT206173\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-1787\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2016-03-24T01:59:54.267\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Wiki Server en Apple OS X Server en versiones anteriores a 5.1 permite a atacantes remotos obtener informaci\u00f3n sensible de p\u00e1ginas Wiki a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.0.15\",\"matchCriteriaId\":\"B549527C-F0D8-49B7-846A-822381DBA317\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securityfocus.com/bid/85054\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securitytracker.com/id/1035342\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/HT206173\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/85054\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1035342\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT206173\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2016-AVI-106
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | OS X Mavericks versions 10.9.5 et antérieures n'intégrant pas le correctif de sécurité 2016-002 | ||
| Apple | N/A | tvOS versions antérieures à 9.2 pour Apple TV (4ème génération) | ||
| Apple | N/A | OS X El Capitan 10.11.x versions antérieures à 10.11.4 | ||
| Apple | N/A | iOS versions antérieures à 9.3 pour iPhones 4s, iPod touch (5ème génération), iPad 2 et leurs modèles respectifs plus récents | ||
| Apple | N/A | watchOS versions antérieures à 2.2 | ||
| Apple | N/A | OS X Server versions antérieures à 5.1 pour OS X Yosemite versions 10.10.5 et ultérieures | ||
| Apple | N/A | Xcode versions antérieures à 7.3 pour OS X El Capitan versions 10.11 et ultérieures | ||
| Apple | N/A | OS X Yosemite versions 10.10.5 et antérieures n'intégrant pas le correctif de sécurité 2016-002 | ||
| Apple | Safari | Safari versions antérieures à 9.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OS X Mavericks versions 10.9.5 et ant\u00e9rieures n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 2016-002",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 9.2 pour Apple TV (4\u00e8me g\u00e9n\u00e9ration)",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X El Capitan 10.11.x versions ant\u00e9rieures \u00e0 10.11.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 9.3 pour iPhones 4s, iPod touch (5\u00e8me g\u00e9n\u00e9ration), iPad 2 et leurs mod\u00e8les respectifs plus r\u00e9cents",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X Server versions ant\u00e9rieures \u00e0 5.1 pour OS X Yosemite versions 10.10.5 et ult\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode versions ant\u00e9rieures \u00e0 7.3 pour OS X El Capitan versions 10.11 et ult\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X Yosemite versions 10.10.5 et ant\u00e9rieures n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 2016-002",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 9.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-1753",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1753"
},
{
"name": "CVE-2016-1781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1781"
},
{
"name": "CVE-2016-1736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1736"
},
{
"name": "CVE-2016-1750",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1750"
},
{
"name": "CVE-2016-1779",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1779"
},
{
"name": "CVE-2016-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1748"
},
{
"name": "CVE-2016-1766",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1766"
},
{
"name": "CVE-2016-1758",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1758"
},
{
"name": "CVE-2016-1735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1735"
},
{
"name": "CVE-2016-1763",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1763"
},
{
"name": "CVE-2016-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1767"
},
{
"name": "CVE-2016-1720",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1720"
},
{
"name": "CVE-2016-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1771"
},
{
"name": "CVE-2016-1719",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1719"
},
{
"name": "CVE-2015-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3195"
},
{
"name": "CVE-2016-1727",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1727"
},
{
"name": "CVE-2016-0777",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0777"
},
{
"name": "CVE-2015-3184",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3184"
},
{
"name": "CVE-2015-1819",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1819"
},
{
"name": "CVE-2016-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0801"
},
{
"name": "CVE-2016-1950",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1950"
},
{
"name": "CVE-2016-1768",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1768"
},
{
"name": "CVE-2016-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0802"
},
{
"name": "CVE-2016-1744",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1744"
},
{
"name": "CVE-2016-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1775"
},
{
"name": "CVE-2016-1787",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1787"
},
{
"name": "CVE-2015-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
},
{
"name": "CVE-2016-1788",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1788"
},
{
"name": "CVE-2015-3187",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3187"
},
{
"name": "CVE-2016-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1786"
},
{
"name": "CVE-2016-1717",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1717"
},
{
"name": "CVE-2015-7499",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7499"
},
{
"name": "CVE-2016-1776",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1776"
},
{
"name": "CVE-2009-2197",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2197"
},
{
"name": "CVE-2016-1785",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1785"
},
{
"name": "CVE-2015-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7500"
},
{
"name": "CVE-2016-1755",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1755"
},
{
"name": "CVE-2016-1733",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1733"
},
{
"name": "CVE-2016-1772",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1772"
},
{
"name": "CVE-2016-1723",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1723"
},
{
"name": "CVE-2015-5312",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5312"
},
{
"name": "CVE-2016-1754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1754"
},
{
"name": "CVE-2016-1783",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1783"
},
{
"name": "CVE-2016-1756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1756"
},
{
"name": "CVE-2016-1745",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1745"
},
{
"name": "CVE-2016-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1752"
},
{
"name": "CVE-2014-9495",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9495"
},
{
"name": "CVE-2015-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
},
{
"name": "CVE-2015-7942",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7942"
},
{
"name": "CVE-2015-5333",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5333"
},
{
"name": "CVE-2015-8126",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8126"
},
{
"name": "CVE-2016-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1725"
},
{
"name": "CVE-2016-1761",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1761"
},
{
"name": "CVE-2015-8242",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8242"
},
{
"name": "CVE-2016-1740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1740"
},
{
"name": "CVE-2016-1764",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1764"
},
{
"name": "CVE-2016-1757",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1757"
},
{
"name": "CVE-2016-1769",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1769"
},
{
"name": "CVE-2016-1743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1743"
},
{
"name": "CVE-2016-1746",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1746"
},
{
"name": "CVE-2016-1724",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1724"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2015-8659",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8659"
},
{
"name": "CVE-2016-1770",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1770"
},
{
"name": "CVE-2016-1749",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1749"
},
{
"name": "CVE-2016-1732",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1732"
},
{
"name": "CVE-2016-1773",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1773"
},
{
"name": "CVE-2016-1777",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1777"
},
{
"name": "CVE-2016-1765",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1765"
},
{
"name": "CVE-2016-1741",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1741"
},
{
"name": "CVE-2016-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1737"
},
{
"name": "CVE-2016-1784",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1784"
},
{
"name": "CVE-2016-1759",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1759"
},
{
"name": "CVE-2016-1778",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1778"
},
{
"name": "CVE-2015-5334",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5334"
},
{
"name": "CVE-2016-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1722"
},
{
"name": "CVE-2015-0973",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0973"
},
{
"name": "CVE-2016-1738",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1738"
},
{
"name": "CVE-2016-1747",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1747"
},
{
"name": "CVE-2015-7551",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7551"
},
{
"name": "CVE-2016-1780",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1780"
},
{
"name": "CVE-2016-1774",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1774"
},
{
"name": "CVE-2016-1721",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1721"
},
{
"name": "CVE-2015-8472",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8472"
},
{
"name": "CVE-2016-1782",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1782"
},
{
"name": "CVE-2016-1726",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1726"
},
{
"name": "CVE-2016-1751",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1751"
},
{
"name": "CVE-2016-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0778"
},
{
"name": "CVE-2016-1734",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1734"
}
],
"links": [],
"reference": "CERTFR-2016-AVI-106",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-03-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206173 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206173"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206169 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206169"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206168 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206168"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206171 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206171"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206166 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206166"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206172 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206172"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206167 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206167"
}
]
}
CERTFR-2016-AVI-106
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | OS X Mavericks versions 10.9.5 et antérieures n'intégrant pas le correctif de sécurité 2016-002 | ||
| Apple | N/A | tvOS versions antérieures à 9.2 pour Apple TV (4ème génération) | ||
| Apple | N/A | OS X El Capitan 10.11.x versions antérieures à 10.11.4 | ||
| Apple | N/A | iOS versions antérieures à 9.3 pour iPhones 4s, iPod touch (5ème génération), iPad 2 et leurs modèles respectifs plus récents | ||
| Apple | N/A | watchOS versions antérieures à 2.2 | ||
| Apple | N/A | OS X Server versions antérieures à 5.1 pour OS X Yosemite versions 10.10.5 et ultérieures | ||
| Apple | N/A | Xcode versions antérieures à 7.3 pour OS X El Capitan versions 10.11 et ultérieures | ||
| Apple | N/A | OS X Yosemite versions 10.10.5 et antérieures n'intégrant pas le correctif de sécurité 2016-002 | ||
| Apple | Safari | Safari versions antérieures à 9.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OS X Mavericks versions 10.9.5 et ant\u00e9rieures n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 2016-002",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 9.2 pour Apple TV (4\u00e8me g\u00e9n\u00e9ration)",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X El Capitan 10.11.x versions ant\u00e9rieures \u00e0 10.11.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 9.3 pour iPhones 4s, iPod touch (5\u00e8me g\u00e9n\u00e9ration), iPad 2 et leurs mod\u00e8les respectifs plus r\u00e9cents",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X Server versions ant\u00e9rieures \u00e0 5.1 pour OS X Yosemite versions 10.10.5 et ult\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode versions ant\u00e9rieures \u00e0 7.3 pour OS X El Capitan versions 10.11 et ult\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "OS X Yosemite versions 10.10.5 et ant\u00e9rieures n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 2016-002",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 9.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-1753",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1753"
},
{
"name": "CVE-2016-1781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1781"
},
{
"name": "CVE-2016-1736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1736"
},
{
"name": "CVE-2016-1750",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1750"
},
{
"name": "CVE-2016-1779",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1779"
},
{
"name": "CVE-2016-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1748"
},
{
"name": "CVE-2016-1766",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1766"
},
{
"name": "CVE-2016-1758",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1758"
},
{
"name": "CVE-2016-1735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1735"
},
{
"name": "CVE-2016-1763",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1763"
},
{
"name": "CVE-2016-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1767"
},
{
"name": "CVE-2016-1720",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1720"
},
{
"name": "CVE-2016-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1771"
},
{
"name": "CVE-2016-1719",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1719"
},
{
"name": "CVE-2015-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3195"
},
{
"name": "CVE-2016-1727",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1727"
},
{
"name": "CVE-2016-0777",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0777"
},
{
"name": "CVE-2015-3184",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3184"
},
{
"name": "CVE-2015-1819",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1819"
},
{
"name": "CVE-2016-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0801"
},
{
"name": "CVE-2016-1950",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1950"
},
{
"name": "CVE-2016-1768",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1768"
},
{
"name": "CVE-2016-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0802"
},
{
"name": "CVE-2016-1744",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1744"
},
{
"name": "CVE-2016-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1775"
},
{
"name": "CVE-2016-1787",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1787"
},
{
"name": "CVE-2015-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
},
{
"name": "CVE-2016-1788",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1788"
},
{
"name": "CVE-2015-3187",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3187"
},
{
"name": "CVE-2016-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1786"
},
{
"name": "CVE-2016-1717",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1717"
},
{
"name": "CVE-2015-7499",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7499"
},
{
"name": "CVE-2016-1776",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1776"
},
{
"name": "CVE-2009-2197",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2197"
},
{
"name": "CVE-2016-1785",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1785"
},
{
"name": "CVE-2015-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7500"
},
{
"name": "CVE-2016-1755",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1755"
},
{
"name": "CVE-2016-1733",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1733"
},
{
"name": "CVE-2016-1772",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1772"
},
{
"name": "CVE-2016-1723",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1723"
},
{
"name": "CVE-2015-5312",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5312"
},
{
"name": "CVE-2016-1754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1754"
},
{
"name": "CVE-2016-1783",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1783"
},
{
"name": "CVE-2016-1756",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1756"
},
{
"name": "CVE-2016-1745",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1745"
},
{
"name": "CVE-2016-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1752"
},
{
"name": "CVE-2014-9495",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9495"
},
{
"name": "CVE-2015-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
},
{
"name": "CVE-2015-7942",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7942"
},
{
"name": "CVE-2015-5333",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5333"
},
{
"name": "CVE-2015-8126",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8126"
},
{
"name": "CVE-2016-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1725"
},
{
"name": "CVE-2016-1761",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1761"
},
{
"name": "CVE-2015-8242",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8242"
},
{
"name": "CVE-2016-1740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1740"
},
{
"name": "CVE-2016-1764",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1764"
},
{
"name": "CVE-2016-1757",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1757"
},
{
"name": "CVE-2016-1769",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1769"
},
{
"name": "CVE-2016-1743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1743"
},
{
"name": "CVE-2016-1746",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1746"
},
{
"name": "CVE-2016-1724",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1724"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2015-8659",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8659"
},
{
"name": "CVE-2016-1770",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1770"
},
{
"name": "CVE-2016-1749",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1749"
},
{
"name": "CVE-2016-1732",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1732"
},
{
"name": "CVE-2016-1773",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1773"
},
{
"name": "CVE-2016-1777",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1777"
},
{
"name": "CVE-2016-1765",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1765"
},
{
"name": "CVE-2016-1741",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1741"
},
{
"name": "CVE-2016-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1737"
},
{
"name": "CVE-2016-1784",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1784"
},
{
"name": "CVE-2016-1759",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1759"
},
{
"name": "CVE-2016-1778",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1778"
},
{
"name": "CVE-2015-5334",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5334"
},
{
"name": "CVE-2016-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1722"
},
{
"name": "CVE-2015-0973",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0973"
},
{
"name": "CVE-2016-1738",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1738"
},
{
"name": "CVE-2016-1747",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1747"
},
{
"name": "CVE-2015-7551",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7551"
},
{
"name": "CVE-2016-1780",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1780"
},
{
"name": "CVE-2016-1774",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1774"
},
{
"name": "CVE-2016-1721",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1721"
},
{
"name": "CVE-2015-8472",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8472"
},
{
"name": "CVE-2016-1782",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1782"
},
{
"name": "CVE-2016-1726",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1726"
},
{
"name": "CVE-2016-1751",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1751"
},
{
"name": "CVE-2016-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0778"
},
{
"name": "CVE-2016-1734",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1734"
}
],
"links": [],
"reference": "CERTFR-2016-AVI-106",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-03-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206173 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206173"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206169 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206169"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206168 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206168"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206171 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206171"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206166 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206166"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206172 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206172"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206167 du 21 mars 2016",
"url": "https://support.apple.com/en-us/HT206167"
}
]
}
GSD-2016-1787
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-1787",
"description": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.",
"id": "GSD-2016-1787"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-1787"
],
"details": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.",
"id": "GSD-2016-1787",
"modified": "2023-12-13T01:21:24.453798Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035342",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035342"
},
{
"name": "85054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85054"
},
{
"name": "https://support.apple.com/HT206173",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206173"
},
{
"name": "APPLE-SA-2016-03-21-7",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.15",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1787"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2016-03-21-7",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html"
},
{
"name": "https://support.apple.com/HT206173",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206173"
},
{
"name": "1035342",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1035342"
},
{
"name": "85054",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/85054"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM"
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2016-12-20T02:59Z",
"publishedDate": "2016-03-24T01:59Z"
}
}
}
VAR-201603-0209
Vulnerability from variot - Updated: 2023-12-18 11:15Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors. Apple Mac OS X Server is prone to the following security vulnerabilities: 1. Multiple security-bypass vulnerabilities 2. Multiple information-disclosure vulnerabilities An attacker can leverage these issues to obtain sensitive information, bypass security restrictions and perform unauthorized actions. The software enables file sharing, meeting scheduling, website hosting, network remote access, and more. Wiki Server is one of the web-based services that provides functions such as wikis, blogs, calendars, and contacts. An attacker could exploit this vulnerability to disclose sensitive user information with elevated privileges. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-03-21-7 OS X Server 5.1
OS X Server 5.1 is now available and addresses the following:
Server App Available for: OS X Yosemite v10.10.5 and later Impact: An administrator may unknowingly store backups on a volume without permissions enabled Description: An issue in Time Machine server did not properly warn administrators if permissions were ignored when performing a server backup. This issue was addressed through improved warnings. CVE-ID CVE-2016-1774 : CJKApps
Web Server Available for: OS X Yosemite v10.10.5 and later Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm Description: RC4 was removed as a supported cipher. CVE-ID CVE-2016-1777 : Pepi Zawodsky
Web Server Available for: OS X Yosemite v10.10.5 and later Impact: A remote user may be able to view sensitive configuration information Description: A file access issue existed in Apache with .DS_Store and .htaccess files. This issue was addressed through improved access restrictions. This issue was addressed through improved access restrictions.
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJW8JQQAAoJEBcWfLTuOo7txasP/RcVgQ2t03szn0LLt0PSFjD9 PZg339iTYRk7sCHyNYwEnBeqdyDuO3005d4yaZ2R2OAI8Q806DJSpcTMG8Nu3sm3 xXceiVb/k+sRzh0nJaSHSVkw2GRzElsm5i6b3yFndeVnXF9eDphrjTeV2MFvoTRl t2Ml6IiTu944yJlh/NOmdjQZ+Uc2I+REDbUimeCMJVuuVmtd9UNS5VesC5u1BHyb bDmrd+pazmEjGwWwvxTE4raN7o/st7ZV2uxcjl8/73b/lVy9wBR/J4sxltyWNnm8 PJKbn/J5t8+tqKHupVvOuj4L6GnsOe154oL7bbOmrAhkVBeqBSdUBe9eQNIH0ji3 YwUdyDb3Wy1SyVNvN69tTd+ICTyh7XQQWMUTqV3xgp6tNJ19FXPdv9K/E55n62kw alfIzLhRafLV7NzUbAgsY8iuC6b3YTd9EJM0mDuh8hlTWYRC7N8HEtyxe4hAhfuO wMy1sRXWAiTBIZRJKL8KgAiIf7GdyKOvhgfcoL3dEGe5lw2Z9DCHyRihMOWFo2/Q LsJTxV9grMWN4WJLAm0h9z6AVbIELpRp4HBiq95ndaWm7bZbj6tFCRXvQaMerPut kuXD3izfEVZvtCSs7i4HKPgZLRgFRd687yVYeTSx2nyhOIeKd+tTfmUjMEw06PaT 9p0+e+mVlJlCmWiFIwsu =nxck -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0209",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x server",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.15"
},
{
"model": "macos server",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (os x yosemite v10.10.5 or later )"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "5.0.15"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2.6"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2.5"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x5.0.15"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x5.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "50"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "40"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "30"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "12"
},
{
"model": "macos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.2"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x5.1"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "12"
}
],
"sources": [
{
"db": "BID",
"id": "85054"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"db": "NVD",
"id": "CVE-2016-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.15",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1787"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CJKApps, Pepi Zawodsky, Shawn Pullum of University of California, Irvine and an anonymous researcher",
"sources": [
{
"db": "BID",
"id": "85054"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1787",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-1787",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-90606",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1787",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-313",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90606",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90606"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"db": "NVD",
"id": "CVE-2016-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors. Apple Mac OS X Server is prone to the following security vulnerabilities:\n1. Multiple security-bypass vulnerabilities\n2. Multiple information-disclosure vulnerabilities\nAn attacker can leverage these issues to obtain sensitive information, bypass security restrictions and perform unauthorized actions. The software enables file sharing, meeting scheduling, website hosting, network remote access, and more. Wiki Server is one of the web-based services that provides functions such as wikis, blogs, calendars, and contacts. An attacker could exploit this vulnerability to disclose sensitive user information with elevated privileges. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-03-21-7 OS X Server 5.1\n\nOS X Server 5.1 is now available and addresses the following:\n\nServer App\nAvailable for: OS X Yosemite v10.10.5 and later\nImpact: An administrator may unknowingly store backups on a volume\nwithout permissions enabled\nDescription: An issue in Time Machine server did not properly warn\nadministrators if permissions were ignored when performing a server\nbackup. This issue was addressed through improved warnings. \nCVE-ID\nCVE-2016-1774 : CJKApps\n\nWeb Server\nAvailable for: OS X Yosemite v10.10.5 and later\nImpact: An attacker may be able to exploit weaknesses in the RC4\ncryptographic algorithm\nDescription: RC4 was removed as a supported cipher. \nCVE-ID\nCVE-2016-1777 : Pepi Zawodsky\n\nWeb Server\nAvailable for: OS X Yosemite v10.10.5 and later\nImpact: A remote user may be able to view sensitive configuration\ninformation\nDescription: A file access issue existed in Apache with .DS_Store\nand .htaccess files. This issue was addressed through improved access\nrestrictions. This issue\nwas addressed through improved access restrictions. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJW8JQQAAoJEBcWfLTuOo7txasP/RcVgQ2t03szn0LLt0PSFjD9\nPZg339iTYRk7sCHyNYwEnBeqdyDuO3005d4yaZ2R2OAI8Q806DJSpcTMG8Nu3sm3\nxXceiVb/k+sRzh0nJaSHSVkw2GRzElsm5i6b3yFndeVnXF9eDphrjTeV2MFvoTRl\nt2Ml6IiTu944yJlh/NOmdjQZ+Uc2I+REDbUimeCMJVuuVmtd9UNS5VesC5u1BHyb\nbDmrd+pazmEjGwWwvxTE4raN7o/st7ZV2uxcjl8/73b/lVy9wBR/J4sxltyWNnm8\nPJKbn/J5t8+tqKHupVvOuj4L6GnsOe154oL7bbOmrAhkVBeqBSdUBe9eQNIH0ji3\nYwUdyDb3Wy1SyVNvN69tTd+ICTyh7XQQWMUTqV3xgp6tNJ19FXPdv9K/E55n62kw\nalfIzLhRafLV7NzUbAgsY8iuC6b3YTd9EJM0mDuh8hlTWYRC7N8HEtyxe4hAhfuO\nwMy1sRXWAiTBIZRJKL8KgAiIf7GdyKOvhgfcoL3dEGe5lw2Z9DCHyRihMOWFo2/Q\nLsJTxV9grMWN4WJLAm0h9z6AVbIELpRp4HBiq95ndaWm7bZbj6tFCRXvQaMerPut\nkuXD3izfEVZvtCSs7i4HKPgZLRgFRd687yVYeTSx2nyhOIeKd+tTfmUjMEw06PaT\n9p0+e+mVlJlCmWiFIwsu\n=nxck\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1787"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"db": "BID",
"id": "85054"
},
{
"db": "VULHUB",
"id": "VHN-90606"
},
{
"db": "PACKETSTORM",
"id": "136348"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1787",
"trust": 2.9
},
{
"db": "BID",
"id": "85054",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1035342",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU97668313",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001875",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-313",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "69050",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-90606",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136348",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90606"
},
{
"db": "BID",
"id": "85054"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"db": "PACKETSTORM",
"id": "136348"
},
{
"db": "NVD",
"id": "CVE-2016-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
]
},
"id": "VAR-201603-0209",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90606"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:15:46.935000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht201222"
},
{
"title": "APPLE-SA-2016-03-21-7 OS X Server 5.1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/mar/msg00006.html"
},
{
"title": "HT206173",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht206173"
},
{
"title": "HT206173",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht206173"
},
{
"title": "Apple OS X Server Wiki Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60639"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90606"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"db": "NVD",
"id": "CVE-2016-1787"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/mar/msg00006.html"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206173"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/85054"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035342"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1787"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97668313/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1787"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/69050"
},
{
"trust": 0.3,
"url": "https://www.apple.com/osx/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/server/macosx/"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-us/ht209106"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-us/ht209107"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-us/ht209108"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1776"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1774"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1787"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1777"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90606"
},
{
"db": "BID",
"id": "85054"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"db": "PACKETSTORM",
"id": "136348"
},
{
"db": "NVD",
"id": "CVE-2016-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90606"
},
{
"db": "BID",
"id": "85054"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"db": "PACKETSTORM",
"id": "136348"
},
{
"db": "NVD",
"id": "CVE-2016-1787"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-24T00:00:00",
"db": "VULHUB",
"id": "VHN-90606"
},
{
"date": "2016-03-21T00:00:00",
"db": "BID",
"id": "85054"
},
{
"date": "2016-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"date": "2016-03-22T15:23:11",
"db": "PACKETSTORM",
"id": "136348"
},
{
"date": "2016-03-24T01:59:54.267000",
"db": "NVD",
"id": "CVE-2016-1787"
},
{
"date": "2016-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-90606"
},
{
"date": "2018-09-25T04:00:00",
"db": "BID",
"id": "85054"
},
{
"date": "2016-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001875"
},
{
"date": "2016-12-20T02:59:19.963000",
"db": "NVD",
"id": "CVE-2016-1787"
},
{
"date": "2016-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple OS X Server of Wiki On the server Wiki Vulnerability that can retrieve important information from the page",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001875"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-313"
}
],
"trust": 0.6
}
}
GHSA-G2VF-5H4X-MWMC
Vulnerability from github – Published: 2022-05-17 03:21 – Updated: 2022-05-17 03:21
VLAI?
Details
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
Severity ?
5.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2016-1787"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-03-24T01:59:00Z",
"severity": "MODERATE"
},
"details": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.",
"id": "GHSA-g2vf-5h4x-mwmc",
"modified": "2022-05-17T03:21:04Z",
"published": "2022-05-17T03:21:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1787"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT206173"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/85054"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1035342"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2016-1787
Vulnerability from fkie_nvd - Published: 2016-03-24 01:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B549527C-F0D8-49B7-846A-822381DBA317",
"versionEndIncluding": "5.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors."
},
{
"lang": "es",
"value": "Wiki Server en Apple OS X Server en versiones anteriores a 5.1 permite a atacantes remotos obtener informaci\u00f3n sensible de p\u00e1ginas Wiki a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-1787",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-24T01:59:54.267",
"references": [
{
"source": "product-security@apple.com",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html"
},
{
"source": "product-security@apple.com",
"url": "http://www.securityfocus.com/bid/85054"
},
{
"source": "product-security@apple.com",
"url": "http://www.securitytracker.com/id/1035342"
},
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/85054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206173"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2016-01848
Vulnerability from cnvd - Published: 2016-03-25
VLAI Severity ?
Title
Apple OS X Server信息泄露漏洞
Description
Apple OS X是一款苹果公司的操作系统。
Apple OS X Server 5.1之前版本中的Wiki Server存在安全漏洞,允许远程攻击者从Wiki页面获得敏感信息。
Severity
中
Patch Name
Apple OS X Server信息泄露漏洞的补丁
Patch Description
Apple OS X是一款苹果公司的操作系统。
Apple OS X Server 5.1之前版本中的Wiki Server存在安全漏洞,允许远程攻击者从Wiki页面获得敏感信息。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://support.apple.com/zh-cn/HT206173
Reference
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1787
Impacted products
| Name | Apple OS X Server <5.1 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-1787"
}
},
"description": "Apple OS X\u662f\u4e00\u6b3e\u82f9\u679c\u516c\u53f8\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple OS X Server 5.1\u4e4b\u524d\u7248\u672c\u4e2d\u7684Wiki Server\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u4eceWiki\u9875\u9762\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u3002",
"discovererName": "unknown",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://support.apple.com/zh-cn/HT206173",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-01848",
"openTime": "2016-03-25",
"patchDescription": "Apple OS X\u662f\u4e00\u6b3e\u82f9\u679c\u516c\u53f8\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple OS X Server 5.1\u4e4b\u524d\u7248\u672c\u4e2d\u7684Wiki Server\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u4eceWiki\u9875\u9762\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apple OS X Server\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Apple OS X Server \u003c5.1"
},
"referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1787",
"serverity": "\u4e2d",
"submitTime": "2016-03-24",
"title": "Apple OS X Server\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…