CVE-2016-1803

CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Potential Mitigations

References

• http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
• http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
• http://lists.apple.com/archives/security-announce/2016/May/msg00003.html
• http://lists.apple.com/archives/security-announce/2016/May/msg00004.html
• http://packetstormsecurity.com/files/137399/OS-X-CoreCaptureResponder-NULL-Pointer-Dereference.html
• http://www.securityfocus.com/bid/90694
• http://www.securitytracker.com/id/1035890
• http://www.zerodayinitiative.com/advisories/ZDI-16-339
• https://bugs.chromium.org/p/project-zero/issues/detail?id=777
• https://support.apple.com/HT206564
• https://support.apple.com/HT206566
• https://support.apple.com/HT206567
• https://support.apple.com/HT206568
• https://www.exploit-db.com/exploits/39925/