Search criteria
3 vulnerabilities found for transporter by apple
VAR-201702-0263
Vulnerability from variot - Updated: 2025-04-20 23:23An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the "iTMSTransporter" component, which allows attackers to obtain sensitive information via a crafted EPUB. Apple Transporter are prone to an information-disclosure vulnerability. This may lead to further attacks. Versions prior to Apple Transporter 1.9.2 are vulnerable. Apple Transporter is a set of Java-based command-line tools for verifying metadata from Apple (Apple). iTMSTransporter is one of the components to install and run Transporter. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-12-13-8 Transporter 1.9.2
Transporter 1.9.2 is now available and addresses the following:
iTMSTransporter Available for: iTunes Producer 3.1.1, OS X v10.6 and later (64 bit), Windows 7 and later (32 bit), and Red Hat Enterprise Linux (64 bit) Impact: Parsing maliciously crafted EPUB may lead to disclosure of user information Description: An information disclosure issue existed in the parsing of EPUB. This issue was addressed through improved parsing. CVE-2016-7666: Craig Arendt of Stratum Security
Transporter 1.9.2 may be obtained from: https://itunesconnect.apple.com/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJYUD1/AAoJEIOj74w0bLRGYFYQANGsJJk34XxNyanUy0p/YDf7 bL62s4gxuNVwSlD2G054/OvsQjlXFlMlgsWDbVuj5uUffoFYdEhdL6j5t7t996V2 ledTUy84Qv5vHXuJcbuVbRhaPBGyl24Nwz5B4W7QWhARVeF4BaMNyztXdgfv6Y9N /8HzDvP4AoENuNcGdXsLq7CeWPPhUtFyHHJLVXTJXYJHG/ayTb8yLW3quhlK5DrQ E0V5uiwX5AK0MPUfGnwZRhMoOvUc7GdGFrQdpxTtd7pMjms74QICr25X//fD7kAL e6shvDmliCtCxGPMPb3/nGAcwZ0TVRSpJHxmcFdROWpzK3BcOWj0wIJgDtEs9OkY /YwoA3iWM6BUalfAz/kw1jMzm9nc35Y+U/gmt5vS81mPecZ6mMBbjsYsJylW4cEh CxAMiIRThZBlvkn7ZyV3riDUIgO2O149NytgWXLXI31VVlUlM5v2ScQywGSVtskG LDwqhb+o7q+UdYEXZlWs2sf1oYZ2wBZh+ZWqlNx3y7TZgUaoLkL38SbRSyDVdZoE WU94s5sqCRGW40WJoZ/QFkcfO/C9m/6Da5Z4DC1B3R4P4aNh4m2HPowZZE+VZfOl 08Mw7MJqfIjk5Xo8U9BoGNnxbB64htrBHuUw46jLHC9dgij/J6pF7DLOMTwC6fYQ OqI2SnPh/q9HHs1FZuFE =6p61 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0263",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "transporter",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.9.1"
},
{
"model": "transporter",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "1.9.2 (itunes producer 3.1.1)"
},
{
"model": "transporter",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "1.9.2 (os x v10.6 or later (64 bit ))"
},
{
"model": "transporter",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "1.9.2 (red hat enterprise linux (64 bit ))"
},
{
"model": "transporter",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "1.9.2 (windows 7 or later (32 bit ))"
},
{
"model": "transporter",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.9.1"
},
{
"model": "transporter",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "transporter",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "1.9.2"
}
],
"sources": [
{
"db": "BID",
"id": "94912"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
},
{
"db": "NVD",
"id": "CVE-2016-7666"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:transporter",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Craig Arendt of Stratum Security.",
"sources": [
{
"db": "BID",
"id": "94912"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
}
],
"trust": 0.9
},
"cve": "CVE-2016-7666",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-7666",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-96486",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2016-7666",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-7666",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-7666",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-435",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-96486",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-96486"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
},
{
"db": "NVD",
"id": "CVE-2016-7666"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the \"iTMSTransporter\" component, which allows attackers to obtain sensitive information via a crafted EPUB. Apple Transporter are prone to an information-disclosure vulnerability. This may lead to further attacks. \nVersions prior to Apple Transporter 1.9.2 are vulnerable. Apple Transporter is a set of Java-based command-line tools for verifying metadata from Apple (Apple). iTMSTransporter is one of the components to install and run Transporter. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-12-13-8 Transporter 1.9.2\n\nTransporter 1.9.2 is now available and addresses the following:\n\niTMSTransporter\nAvailable for: iTunes Producer 3.1.1, OS X v10.6 and later (64 bit),\nWindows 7 and later (32 bit), and Red Hat Enterprise Linux (64 bit)\nImpact: Parsing maliciously crafted EPUB may lead to disclosure of\nuser information\nDescription: An information disclosure issue existed in the parsing\nof EPUB. This issue was addressed through improved parsing. \nCVE-2016-7666: Craig Arendt of Stratum Security\n\nTransporter 1.9.2 may be obtained from:\nhttps://itunesconnect.apple.com/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJYUD1/AAoJEIOj74w0bLRGYFYQANGsJJk34XxNyanUy0p/YDf7\nbL62s4gxuNVwSlD2G054/OvsQjlXFlMlgsWDbVuj5uUffoFYdEhdL6j5t7t996V2\nledTUy84Qv5vHXuJcbuVbRhaPBGyl24Nwz5B4W7QWhARVeF4BaMNyztXdgfv6Y9N\n/8HzDvP4AoENuNcGdXsLq7CeWPPhUtFyHHJLVXTJXYJHG/ayTb8yLW3quhlK5DrQ\nE0V5uiwX5AK0MPUfGnwZRhMoOvUc7GdGFrQdpxTtd7pMjms74QICr25X//fD7kAL\ne6shvDmliCtCxGPMPb3/nGAcwZ0TVRSpJHxmcFdROWpzK3BcOWj0wIJgDtEs9OkY\n/YwoA3iWM6BUalfAz/kw1jMzm9nc35Y+U/gmt5vS81mPecZ6mMBbjsYsJylW4cEh\nCxAMiIRThZBlvkn7ZyV3riDUIgO2O149NytgWXLXI31VVlUlM5v2ScQywGSVtskG\nLDwqhb+o7q+UdYEXZlWs2sf1oYZ2wBZh+ZWqlNx3y7TZgUaoLkL38SbRSyDVdZoE\nWU94s5sqCRGW40WJoZ/QFkcfO/C9m/6Da5Z4DC1B3R4P4aNh4m2HPowZZE+VZfOl\n08Mw7MJqfIjk5Xo8U9BoGNnxbB64htrBHuUw46jLHC9dgij/J6pF7DLOMTwC6fYQ\nOqI2SnPh/q9HHs1FZuFE\n=6p61\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7666"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"db": "BID",
"id": "94912"
},
{
"db": "VULHUB",
"id": "VHN-96486"
},
{
"db": "PACKETSTORM",
"id": "140158"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-7666",
"trust": 2.9
},
{
"db": "BID",
"id": "94912",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007427",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201612-435",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "140158",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-96486",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-96486"
},
{
"db": "BID",
"id": "94912"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"db": "PACKETSTORM",
"id": "140158"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
},
{
"db": "NVD",
"id": "CVE-2016-7666"
}
]
},
"id": "VAR-201702-0263",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-96486"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:23:53.070000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "APPLE-SA-2016-12-13-8 Transporter 1.9.2",
"trust": 0.8,
"url": "https://lists.apple.com/archives/security-announce/2016/Dec/msg00010.html"
},
{
"title": "HT207432",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT207432"
},
{
"title": "HT207432",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT207432"
},
{
"title": "Apple Transporter Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66469"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-96486"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"db": "NVD",
"id": "CVE-2016-7666"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94912"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht207432"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7666"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7666"
},
{
"trust": 0.3,
"url": "https://www.apple.com/"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-us/ht201222"
},
{
"trust": 0.1,
"url": "https://itunesconnect.apple.com/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7666"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-96486"
},
{
"db": "BID",
"id": "94912"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"db": "PACKETSTORM",
"id": "140158"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
},
{
"db": "NVD",
"id": "CVE-2016-7666"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-96486"
},
{
"db": "BID",
"id": "94912"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"db": "PACKETSTORM",
"id": "140158"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
},
{
"db": "NVD",
"id": "CVE-2016-7666"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-20T00:00:00",
"db": "VULHUB",
"id": "VHN-96486"
},
{
"date": "2016-12-13T00:00:00",
"db": "BID",
"id": "94912"
},
{
"date": "2017-03-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"date": "2016-12-14T17:32:22",
"db": "PACKETSTORM",
"id": "140158"
},
{
"date": "2016-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-435"
},
{
"date": "2017-02-20T08:59:04.370000",
"db": "NVD",
"id": "CVE-2016-7666"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-22T00:00:00",
"db": "VULHUB",
"id": "VHN-96486"
},
{
"date": "2016-12-20T01:09:00",
"db": "BID",
"id": "94912"
},
{
"date": "2017-03-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007427"
},
{
"date": "2017-03-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-435"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-7666"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Transporter of iTMSTransporter Vulnerabilities that can capture important information in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007427"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-435"
}
],
"trust": 0.6
}
}
CVE-2016-7666 (GCVE-0-2016-7666)
Vulnerability from nvd – Published: 2017-02-20 08:35 – Updated: 2024-08-06 02:04
VLAI?
Summary
An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the "iTMSTransporter" component, which allows attackers to obtain sensitive information via a crafted EPUB.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT207432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the \"iTMSTransporter\" component, which allows attackers to obtain sensitive information via a crafted EPUB."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-20T10:57:01",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "94912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT207432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the \"iTMSTransporter\" component, which allows attackers to obtain sensitive information via a crafted EPUB."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94912"
},
{
"name": "https://support.apple.com/HT207432",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2016-7666",
"datePublished": "2017-02-20T08:35:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:04:56.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7666 (GCVE-0-2016-7666)
Vulnerability from cvelistv5 – Published: 2017-02-20 08:35 – Updated: 2024-08-06 02:04
VLAI?
Summary
An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the "iTMSTransporter" component, which allows attackers to obtain sensitive information via a crafted EPUB.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT207432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the \"iTMSTransporter\" component, which allows attackers to obtain sensitive information via a crafted EPUB."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-20T10:57:01",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "94912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT207432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the \"iTMSTransporter\" component, which allows attackers to obtain sensitive information via a crafted EPUB."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94912"
},
{
"name": "https://support.apple.com/HT207432",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2016-7666",
"datePublished": "2017-02-20T08:35:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:04:56.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}