CVE-2016-4738

Published: 25 September 2016

libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
libxslt
Launchpad, Ubuntu, Debian
Upstream
Released (1.1.29-2)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1.1.28-2.1ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.1.28-2ubuntu0.1)
Patches:
Upstream: https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880