Search for vulnerabilities
Vulnerability details: VCID-7bvq-pfjf-aaaa
Vulnerability ID VCID-7bvq-pfjf-aaaa
Aliases CVE-2016-4657
Summary WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Status Published
Exploitability 2.0
Weighted Severity 7.9
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-787 Out-of-bounds Write
System Score Found at
cvssv3.1 8.8 http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html
generic_textual Medium http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html
ssvc Attend http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4657.html
epss 0.68099 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.68099 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.68099 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.68099 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.76364 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.77493 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.77493 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.77493 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78136 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78192 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78192 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78192 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78192 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78192 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78192 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.78858 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
epss 0.79219 https://api.first.org/data/v1/epss?cve=CVE-2016-4657
cvssv3.1 8.8 https://blog.lookout.com/blog/2016/08/25/trident-pegasus/
ssvc Attend https://blog.lookout.com/blog/2016/08/25/trident-pegasus/
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4657
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2016-4657
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2016-4657
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2016-4657
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2016-4657
cvssv3.1 8.8 https://support.apple.com/HT207107
generic_textual Medium https://support.apple.com/HT207107
ssvc Attend https://support.apple.com/HT207107
generic_textual Medium https://ubuntu.com/security/notices/USN-3166-1
generic_textual Medium https://webkitgtk.org/security/WSA-2016-0006.html
cvssv3.1 8.8 https://www.exploit-db.com/exploits/44836/
ssvc Attend https://www.exploit-db.com/exploits/44836/
cvssv3.1 8.8 https://www.youtube.com/watch?v=xkdPjbaLngE
ssvc Attend https://www.youtube.com/watch?v=xkdPjbaLngE
cvssv3.1 8.8 http://www.securityfocus.com/bid/92653
ssvc Attend http://www.securityfocus.com/bid/92653
cvssv3.1 8.8 http://www.securitytracker.com/id/1036694
ssvc Attend http://www.securitytracker.com/id/1036694
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4657.html
https://api.first.org/data/v1/epss?cve=CVE-2016-4657
https://blog.lookout.com/blog/2016/08/25/trident-pegasus/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4657
https://support.apple.com/HT207107
https://ubuntu.com/security/notices/USN-3166-1
https://webkitgtk.org/security/WSA-2016-0006.html
https://www.exploit-db.com/exploits/44836/
https://www.youtube.com/watch?v=xkdPjbaLngE
http://www.securityfocus.com/bid/92653
http://www.securitytracker.com/id/1036694
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
CVE-2016-4657 Exploit https://github.com/LiveOverflow/lo_nintendoswitch/tree/f69ac68de64480de6be4b38b091c1bdad2a88d1c
CVE-2016-4657 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/dos/44213.html
CVE-2016-4657 https://nvd.nist.gov/vuln/detail/CVE-2016-4657
CVE-2016-4657;CVE-2016-4656;CVE-2016-4655 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/44836.rb
CVE-2016-4657;CVE-2016-4656;CVE-2016-4655 Exploit https://raw.githubusercontent.com/rapid7/metasploit-framework/61a98b94b62c8ae33148f8d9a21d07fd1bbe8745/modules/exploits/apple_ios/browser/webkit_trident.rb
USN-3166-1 https://usn.ubuntu.com/3166-1/
Data source Exploit-DB
Date added June 5, 2018
Description WebKit - not_number defineProperties UAF (Metasploit)
Ransomware campaign use Known
Source publication date June 5, 2018
Exploit type remote
Platform ios
Source update date June 5, 2018
Source URL https://raw.githubusercontent.com/rapid7/metasploit-framework/61a98b94b62c8ae33148f8d9a21d07fd1bbe8745/modules/exploits/apple_ios/browser/webkit_trident.rb
Data source Metasploit
Description This module exploits a UAF vulnerability in WebKit's JavaScriptCore library.
Note 
Stability:
  - crash-service-down
SideEffects:
  - ioc-in-logs
Reliability:
  - unreliable-session
Ransomware campaign use Unknown
Source publication date Aug. 25, 2016
Platform Apple_iOS
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/apple_ios/browser/webkit_trident.rb
Data source KEV
Date added May 24, 2022
Description Apple iOS WebKit contains a memory corruption vulnerability that allows attackers to execute remote code or cause a denial-of-service (DoS) via a crafted web site. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required action Apply updates per vendor instructions.
Due date June 14, 2022
Note 
https://nvd.nist.gov/vuln/detail/CVE-2016-4657
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:45:08Z/ Found at http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://blog.lookout.com/blog/2016/08/25/trident-pegasus/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:45:08Z/ Found at https://blog.lookout.com/blog/2016/08/25/trident-pegasus/
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-4657
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-4657
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-4657
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-4657
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/HT207107
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:45:08Z/ Found at https://support.apple.com/HT207107
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.exploit-db.com/exploits/44836/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:45:08Z/ Found at https://www.exploit-db.com/exploits/44836/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.youtube.com/watch?v=xkdPjbaLngE
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:45:08Z/ Found at https://www.youtube.com/watch?v=xkdPjbaLngE
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/92653
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:45:08Z/ Found at http://www.securityfocus.com/bid/92653
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securitytracker.com/id/1036694
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:45:08Z/ Found at http://www.securitytracker.com/id/1036694
Exploit Prediction Scoring System (EPSS)
Percentile 0.98138
EPSS Score 0.68099
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.