Vulnerability Change Records for CVE-2016-4609

Change History

CVE Modified by Apple Inc. 7/22/2019 3:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html [No Types Assigned]

Modified Analysis 3/20/2019 9:27:02 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:* versions up to (excluding) 5.2.1
          *cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:* versions up to (excluding) 12.4.2
     OR
          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (excluding) 9.3.3
     *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (excluding) 10.11.6
     *cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.2
     *cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to (excluding) 2.2.2
Changed CPE Configuration
AND
     OR
          *cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
     OR
          cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:* versions up to (including) 5.2
          cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:* versions up to (including) 12.4.1
          cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (including) 9.3.2
          cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (including) 10.11.5
          cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to (including) 9.2.1
          cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to (including) 2.2.1
OR
     *cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html Mailing List, Vendor Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html Mailing List, Vendor Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html Mailing List, Vendor Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html Mailing List, Vendor Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html Mailing List, Vendor Advisory
Changed Reference Type
http://www.securityfocus.com/bid/91826 No Types Assigned
http://www.securityfocus.com/bid/91826 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1036348 No Types Assigned
http://www.securitytracker.com/id/1036348 Third Party Advisory, VDB Entry

Initial CVE Analysis 7/26/2016 4:53:21 PM

Action Type Old Value New Value

CVE Modified by Apple Inc. 11/28/2016 3:19:34 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/91826 [No Types Assigned]

CVE Modified by Apple Inc. 6/18/2019 4:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/ [No Types Assigned]

CPE Deprecation Remap 3/08/2019 11:6:37 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:apple:apple_tv:*:*:*:*:*:*:*:* versions from (including) 9.2.1
OR
     *cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions from (including) 9.2.1

Modified Analysis 10/09/2020 2:32:31 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.29
Removed CVSS V3
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

								
						
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Changed Reference Type
https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html No Types Assigned
https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html Mailing List, Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/ Third Party Advisory

CVE Modified by Apple Inc. 8/31/2017 9:29:25 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1036348 [No Types Assigned]