CWE-264

CWE-264 Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

CVE-2016-4654

CVE-2016-4654 IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. (CWE-119 , CWE-264) CVSS v2.0 Severity and Metrics: Base Score: 9.3 HIGH Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C CVSS v3.0 Severity and Metrics: Base Score: 7.8 HIGH Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-119

CWE-119 The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. Certain languages allow direct addressing of memory locations and do not automatically ensure that these locations are valid for the memory buffer that is being […]

CVE-2016-1717

CVE-2016-1717 The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. (CWE-119) CVSS v2.0 Severity and Metrics: Base Score: 7.2 HIGH Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C CVSS v3.0 Severity and Metrics: Base Score: 7.8 […]