Apple iOS ImageIO Memory Corruption Vulnerability (CVE-2016-4631)

Apple iOS ImageIO Memory Corruption Vulnerability (CVE-2016-4631)
Apple iOS ImageIO Memory Corruption Vulnerability (CVE-2016-4631)

Release date:
Updated on:

Affected Systems:

Apple iOS < 9.3.3
Apple OS X < 10.11.6
Apple watchOS < 2.2.2

Description:

CVE (CAN) ID: CVE-2016-4631

IOS is an operating system developed by Apple for mobile devices. It supports iPhone, iPod touch, iPad, and Apple TV.

Security Vulnerabilities exist in Apple iOS <9.3.3, OS X <10.11.6, tvOS <9.2.2, and watchOS <2.2.2. Remote attackers can exploit this vulnerability to execute arbitrary code or cause DoS (Memory Corruption) by constructing TIFF files ).

<* Source: Apple
*>

Suggestion:

Vendor patch:

Apple
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.talosintelligence.com/reports/TALOS-2016-0171/
Https://support.apple.com/HT206902
Https://support.apple.com/HT206903
Https://support.apple.com/HT206904
Https://support.apple.com/HT206905
APPLE: APPLE-SA-2016-07-18-1
URL: http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
APPLE: APPLE-SA-2016-07-18-2
URL: http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
APPLE: APPLE-SA-2016-07-18-3
URL: http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
APPLE: APPLE-SA-2016-07-18-4
URL: http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

This article permanently updates the link address: