Vulnerability Description
Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Haxx | Curl | < 7.49.1 |
| Apple | Mac Os X | < 10.12.0 |
References
- http://www.securityfocus.com/bid/93055Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1036858Third Party AdvisoryVDB Entry
- https://lists.apple.com/archives/security-announce/2016/Sep/msg00006.htmlMailing ListThird Party Advisory
- http://www.securityfocus.com/bid/93055Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1036858Third Party AdvisoryVDB Entry
- https://lists.apple.com/archives/security-announce/2016/Sep/msg00006.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2016-4606?
CVE-2016-4606 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass s...
How severe is CVE-2016-4606?
CVE-2016-4606 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-4606?
Check the references section above for vendor advisories and patch information. Affected products include: Haxx Curl, Apple Mac Os X.