Vulnerability detail

Vendor

Apple

Product

iOS

Published

Aug 25, 2016

EPSS

—

Description

The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.

SSVC decision points

Exploitation

active

Automatable

No

Technical impact

partial

References

• http://lists.apple.com/archives/security-announce/2016/Sep/msg00005.html
• https://blog.lookout.com/blog/2016/08/25/trident-pegasus/
• https://www.exploit-db.com/exploits/44836/
• http://www.securityfocus.com/bid/92651
• https://support.apple.com/HT207107
• http://lists.apple.com/archives/security-announce/2016/Aug/msg00000.html
• http://www.securitytracker.com/id/1036694
• http://www.securityfocus.com/bid/92965
• https://support.apple.com/HT207145