Information Disclosure Vulnerability in CCrypt Function in Apple iOS and OS X

Information Disclosure Vulnerability in CCrypt Function in Apple iOS and OS X

CVE-2016-4711 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output.

Learn more about our Cis Benchmark Audit For Apple Ios.