{"id":"CVE-2016-4610","details":"libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612.","modified":"2026-03-20T11:10:41.714325Z","published":"2016-07-22T02:59:34.180Z","references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"type":"ADVISORY","url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/91826"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"},{"type":"ADVISORY","url":"https://support.apple.com/HT206899"},{"type":"ADVISORY","url":"https://support.apple.com/HT206901"},{"type":"ADVISORY","url":"https://support.apple.com/HT206902"},{"type":"ADVISORY","url":"https://support.apple.com/HT206903"},{"type":"ADVISORY","url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"},{"type":"ADVISORY","url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"},{"type":"ADVISORY","url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"},{"type":"ADVISORY","url":"https://support.apple.com/HT206905"},{"type":"ADVISORY","url":"https://support.apple.com/HT206904"},{"type":"ADVISORY","url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1036348"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/GNOME/libxslt","events":[{"introduced":"0"},{"fixed":"9a1b3ddf6034aa2f6a30b4b7ea4bfc3c4037cd58"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.1.29"}]}}],"versions":["1.1.23","1.1.24","CVE-2015-7995","LIBXSLT_0_0_0","LIBXSLT_0_10_0","LIBXSLT_0_11_0","LIBXSLT_0_12_0","LIBXSLT_0_13_0","LIBXSLT_0_14_0","LIBXSLT_0_1_0","LIBXSLT_0_3_0","LIBXSLT_0_4_0","LIBXSLT_0_6_0","LIBXSLT_0_7_0","LIBXSLT_0_8_0","LIBXSLT_0_9_0","LIBXSLT_1_0_0","LIBXSLT_1_0_10","LIBXSLT_1_0_11","LIBXSLT_1_0_12","LIBXSLT_1_0_13","LIBXSLT_1_0_14","LIBXSLT_1_0_16","LIBXSLT_1_0_17","LIBXSLT_1_0_18","LIBXSLT_1_0_19","LIBXSLT_1_0_2","LIBXSLT_1_0_20","LIBXSLT_1_0_21","LIBXSLT_1_0_22","LIBXSLT_1_0_23","LIBXSLT_1_0_24","LIBXSLT_1_0_25","LIBXSLT_1_0_26","LIBXSLT_1_0_27","LIBXSLT_1_0_28","LIBXSLT_1_0_29","LIBXSLT_1_0_3","LIBXSLT_1_0_30","LIBXSLT_1_0_31","LIBXSLT_1_0_32","LIBXSLT_1_0_33","LIBXSLT_1_0_4","LIBXSLT_1_0_5","LIBXSLT_1_0_6","LIBXSLT_1_0_7","LIBXSLT_1_0_8","LIBXSLT_1_0_9","LIBXSLT_1_1_0","LIBXSLT_1_1_1","LIBXSLT_1_1_10","LIBXSLT_1_1_11","LIBXSLT_1_1_12","LIBXSLT_1_1_13","LIBXSLT_1_1_14","LIBXSLT_1_1_15","LIBXSLT_1_1_16","LIBXSLT_1_1_17","LIBXSLT_1_1_18","LIBXSLT_1_1_2","LIBXSLT_1_1_21","LIBXSLT_1_1_22","LIBXSLT_1_1_3","LIBXSLT_1_1_4","LIBXSLT_1_1_5","LIBXSLT_1_1_6","LIBXSLT_1_1_7","LIBXSLT_1_1_8","LIBXSLT_1_1_9","LIXSLT_0_5_0","v1.1.25","v1.1.26","v1.1.27","v1.1.27-rc1","v1.1.28","v1.1.29-rc1","v1.1.29-rc2"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.2.1"}]},{"events":[{"introduced":"0"},{"fixed":"12.4.2"}]},{"events":[{"introduced":"0"},{"last_affected":"30"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4610.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}