Vulnerability Change Records for CVE-2016-5131

Change History

Initial CVE Analysis 9/30/2016 10:49:33 AM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:google:chrome:51.0.2704.106:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:o:apple:iphone_os:9.3.5:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:o:apple:watch_os:2.2.2:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:o:apple:apple_tv:9.2.2:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:google:chrome:51.0.2704.106:*:*:*:*:*:*:* (and previous)
Configuration 3
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:* (and previous)
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html Mailing List
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html Mailing List
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html Mailing List
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html Mailing List
Changed Reference Type
https://support.apple.com/HT207141 No Types Assigned
https://support.apple.com/HT207141 Third Party Advisory
Changed Reference Type
https://support.apple.com/HT207142 No Types Assigned
https://support.apple.com/HT207142 Third Party Advisory
Changed Reference Type
https://support.apple.com/HT207143 No Types Assigned
https://support.apple.com/HT207143 Third Party Advisory
Changed Reference Type
https://support.apple.com/HT207170 No Types Assigned
https://support.apple.com/HT207170 Third Party Advisory

Modified Analysis 7/27/2016 2:11:15 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:google:chrome:51.0.2704.106:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-416
Changed Reference Type
http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html No Types Assigned
http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html Vendor Advisory
Changed Reference Type
https://bugzilla.redhat.com/show_bug.cgi?id=1358641 No Types Assigned
https://bugzilla.redhat.com/show_bug.cgi?id=1358641 Issue Tracking
Changed Reference Type
https://codereview.chromium.org/2127493002 No Types Assigned
https://codereview.chromium.org/2127493002 Issue Tracking
Changed Reference Type
https://crbug.com/623378 No Types Assigned
https://crbug.com/623378 Permissions Required

Initial CVE Analysis 7/26/2016 8:42:00 AM

Action Type Old Value New Value

CVE Modified by MITRE 8/31/2017 9:29:28 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1036428 [No Types Assigned]

CVE Modified by MITRE 5/17/2017 9:29:01 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://source.android.com/security/bulletin/2017-05-01 [No Types Assigned]

Modified Analysis 3/26/2019 1:14:08 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to (including) 51.0.2704.106
OR
     *cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to (excluding) 52.0.2743.82
Changed CPE Configuration
OR
     *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (including) 9.3.5
     *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (including) 10.11.6
     *cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to (including) 9.2.2
     *cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to (including) 2.2.2
OR
     *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (excluding) 10.0
     *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (excluding) 10.12
     *cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions up to (excluding) 10.0
     *cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions up to (excluding) 3.0
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html Mailing List
http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html Mailing List, Third Party Advisory
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-1485.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-1485.html Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2016/dsa-3637 No Types Assigned
http://www.debian.org/security/2016/dsa-3637 Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/92053 No Types Assigned
http://www.securityfocus.com/bid/92053 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1036428 No Types Assigned
http://www.securitytracker.com/id/1036428 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1038623 No Types Assigned
http://www.securitytracker.com/id/1038623 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.ubuntu.com/usn/USN-3041-1 No Types Assigned
http://www.ubuntu.com/usn/USN-3041-1 Third Party Advisory
Changed Reference Type
https://bugzilla.redhat.com/show_bug.cgi?id=1358641 Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1358641 Issue Tracking, Third Party Advisory
Changed Reference Type
https://codereview.chromium.org/2127493002 Issue Tracking
https://codereview.chromium.org/2127493002 Issue Tracking, Patch, Vendor Advisory
Changed Reference Type
https://crbug.com/623378 Permissions Required
https://crbug.com/623378 Exploit, Issue Tracking, Mailing List, Vendor Advisory
Changed Reference Type
https://security.gentoo.org/glsa/201610-09 No Types Assigned
https://security.gentoo.org/glsa/201610-09 Third Party Advisory
Changed Reference Type
https://security.gentoo.org/glsa/201701-37 No Types Assigned
https://security.gentoo.org/glsa/201701-37 Third Party Advisory
Changed Reference Type
https://source.android.com/security/bulletin/2017-05-01 No Types Assigned
https://source.android.com/security/bulletin/2017-05-01 Third Party Advisory

CPE Deprecation Remap 3/08/2019 11:6:37 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:apple:apple_tv:*:*:*:*:*:*:*:* versions from (including) 9.2.2
OR
     *cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* versions from (including) 9.2.2

CPE Deprecation Remap 10/30/2018 12:27:24 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:apple:watch_os:*:*:*:*:*:*:*:* versions from (including) 2.2.2
OR
     *cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* versions from (including) 2.2.2

CVE Modified by MITRE 7/07/2017 9:29:02 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1038623 [No Types Assigned]

CVE Modified by MITRE 11/28/2016 3:22:47 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html [No Types Assigned]
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-1485.html [No Types Assigned]
Added Reference

								
							
							
						
http://www.debian.org/security/2016/dsa-3637 [No Types Assigned]
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/92053 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-3041-1 [No Types Assigned]

CVE Modified by MITRE 6/30/2017 9:29:50 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201610-09 [No Types Assigned]
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201701-37 [No Types Assigned]

CVE Modified by Source 9/26/2016 10:0:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html
Added Reference

								
							
							
						
http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html
Added Reference

								
							
							
						
https://support.apple.com/HT207141
Added Reference

								
							
							
						
https://support.apple.com/HT207142
Added Reference

								
							
							
						
https://support.apple.com/HT207143
Added Reference

								
							
							
						
https://support.apple.com/HT207170