CVE-2016-4669

Related Files

Safari Webkit For iOS 7.1.2 JIT Optimization Bug

Posted Aug 14, 2020

Authored by timwr, Ian Beer, kudima, WanderingGlitch | Site metasploit.com

This Metasploit module exploits a JIT optimization bug in Safari Webkit. This allows us to write shellcode to an RWX memory section in JavaScriptCore and execute it. The shellcode contains a kernel exploit (CVE-2016-4669) that obtains kernel rw, obtains root and disables code signing. Finally we download and execute the meterpreter payload. This module has been tested against iOS 7.1.2 on an iPhone 4.

tags | exploit, kernel, root, shellcode

systems | apple, iphone, ios

advisories | CVE-2016-4669, CVE-2018-4162

SHA-256 | 8ca4b125e9aba514f4d2bd3c12b5189f4dceafcaab577262cc602a11c87480fb

Download | Favorite | View

Mac OS X / iOS mach_ports_register Memory Safety Issues

Posted Oct 29, 2016

Authored by Google Security Research, Ian Beer

Multiple memory safety issues exist in Mac OS X and iOS inside of mach_ports_register.

tags | exploit

systems | cisco, apple, osx, ios

advisories | CVE-2016-4669

SHA-256 | 164ada40109fdf8bff76ff09d76b270061f06289e2e74b857944849bdf5cb42e

Download | Favorite | View

Apple Security Advisory 2016-10-24-5

Posted Oct 24, 2016

Authored by Apple | Site apple.com

Apple Security Advisory 2016-10-24-5 - watchOS 3.1 is now available and addresses code execution, information disclosure, and various other vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure

systems | apple

advisories | CVE-2016-4660, CVE-2016-4664, CVE-2016-4665, CVE-2016-4669, CVE-2016-4673, CVE-2016-4675, CVE-2016-4679, CVE-2016-4680

SHA-256 | 03010c4d89859734e65a52fb3f0f18be0e1933849a9dae3b4f8573ecd3767e7a

Download | Favorite | View

Apple Security Advisory 2016-10-24-4

Posted Oct 24, 2016

Authored by Apple | Site apple.com

Apple Security Advisory 2016-10-24-4 - tvOS 10.0.1 is now available and addresses phishing, information disclosure, code execution, and other vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure

systems | apple

advisories | CVE-2016-4660, CVE-2016-4664, CVE-2016-4665, CVE-2016-4669, CVE-2016-4673, CVE-2016-4675, CVE-2016-4677, CVE-2016-4679, CVE-2016-4680, CVE-2016-7579

SHA-256 | 8cf97ea4c246c77b3989cfb6cd8004c5f151ea63b3538383ecb66851efa37dd5

Download | Favorite | View

Apple Security Advisory 2016-10-24-2

Posted Oct 24, 2016

Authored by Apple | Site apple.com

Apple Security Advisory 2016-10-24-2 - macOS Sierra 10.12.1 is now available and addresses code execution, privilege escalation, and various other vulnerabilities.

tags | advisory, vulnerability, code execution

systems | apple

advisories | CVE-2016-4635, CVE-2016-4660, CVE-2016-4661, CVE-2016-4662, CVE-2016-4663, CVE-2016-4667, CVE-2016-4669, CVE-2016-4671, CVE-2016-4673, CVE-2016-4674, CVE-2016-4675, CVE-2016-4678, CVE-2016-4679, CVE-2016-4682, CVE-2016-7579

SHA-256 | 329e7fab2964a6ead2b00b8b8ef210ce7b2d6f242311f20577681b8c43bcaa08

Download | Favorite | View

Apple Security Advisory 2016-10-24-1

Posted Oct 24, 2016

Authored by Apple | Site apple.com

Apple Security Advisory 2016-10-24-1 - iOS 10.1 is now available and addresses information leaks, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution

systems | apple, ios

advisories | CVE-2016-4635, CVE-2016-4660, CVE-2016-4664, CVE-2016-4665, CVE-2016-4669, CVE-2016-4673, CVE-2016-4675, CVE-2016-4677, CVE-2016-4679, CVE-2016-4680, CVE-2016-4686, CVE-2016-7579

SHA-256 | 9f0a6f969f80f483dca826b35be26d9f6b2ebae0d4a46bd852a8c2beb5e25529

Download | Favorite | View