Details of VAR-201704-0798

ID

VAR-201704-0798

CVE

CVE-2017-2475

TITLE

plural Apple Used in products WebKit Vulnerable to universal cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2017-002334

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities. Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201706-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple vulnerabilities Date: June 07, 2017 Bugs: #543650, #573656, #577068, #608958, #614876, #619788 ID: 201706-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which allows remote attackers to execute arbitrary code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Impact ====== A remote attack can use multiple vectors to execute arbitrary code or cause a denial of service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4" References ========== [ 1 ] CVE-2015-2330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330 [ 2 ] CVE-2015-7096 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096 [ 3 ] CVE-2015-7098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098 [ 4 ] CVE-2016-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723 [ 5 ] CVE-2016-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724 [ 6 ] CVE-2016-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725 [ 7 ] CVE-2016-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726 [ 8 ] CVE-2016-1727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727 [ 9 ] CVE-2016-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728 [ 10 ] CVE-2016-4692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692 [ 11 ] CVE-2016-4743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743 [ 12 ] CVE-2016-7586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586 [ 13 ] CVE-2016-7587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587 [ 14 ] CVE-2016-7589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589 [ 15 ] CVE-2016-7592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592 [ 16 ] CVE-2016-7598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598 [ 17 ] CVE-2016-7599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599 [ 18 ] CVE-2016-7610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610 [ 19 ] CVE-2016-7611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611 [ 20 ] CVE-2016-7623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623 [ 21 ] CVE-2016-7632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632 [ 22 ] CVE-2016-7635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635 [ 23 ] CVE-2016-7639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639 [ 24 ] CVE-2016-7640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640 [ 25 ] CVE-2016-7641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641 [ 26 ] CVE-2016-7642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642 [ 27 ] CVE-2016-7645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645 [ 28 ] CVE-2016-7646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646 [ 29 ] CVE-2016-7648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648 [ 30 ] CVE-2016-7649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649 [ 31 ] CVE-2016-7652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652 [ 32 ] CVE-2016-7654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654 [ 33 ] CVE-2016-7656 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656 [ 34 ] CVE-2016-9642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642 [ 35 ] CVE-2016-9643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643 [ 36 ] CVE-2017-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350 [ 37 ] CVE-2017-2354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354 [ 38 ] CVE-2017-2355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355 [ 39 ] CVE-2017-2356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356 [ 40 ] CVE-2017-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362 [ 41 ] CVE-2017-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363 [ 42 ] CVE-2017-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364 [ 43 ] CVE-2017-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365 [ 44 ] CVE-2017-2366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366 [ 45 ] CVE-2017-2367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367 [ 46 ] CVE-2017-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369 [ 47 ] CVE-2017-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371 [ 48 ] CVE-2017-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373 [ 49 ] CVE-2017-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376 [ 50 ] CVE-2017-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377 [ 51 ] CVE-2017-2386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386 [ 52 ] CVE-2017-2392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392 [ 53 ] CVE-2017-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394 [ 54 ] CVE-2017-2395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395 [ 55 ] CVE-2017-2396 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396 [ 56 ] CVE-2017-2405 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405 [ 57 ] CVE-2017-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415 [ 58 ] CVE-2017-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419 [ 59 ] CVE-2017-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433 [ 60 ] CVE-2017-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442 [ 61 ] CVE-2017-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445 [ 62 ] CVE-2017-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446 [ 63 ] CVE-2017-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447 [ 64 ] CVE-2017-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454 [ 65 ] CVE-2017-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455 [ 66 ] CVE-2017-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457 [ 67 ] CVE-2017-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459 [ 68 ] CVE-2017-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460 [ 69 ] CVE-2017-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464 [ 70 ] CVE-2017-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465 [ 71 ] CVE-2017-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466 [ 72 ] CVE-2017-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468 [ 73 ] CVE-2017-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469 [ 74 ] CVE-2017-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470 [ 75 ] CVE-2017-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471 [ 76 ] CVE-2017-2475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475 [ 77 ] CVE-2017-2476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476 [ 78 ] CVE-2017-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481 [ 79 ] CVE-2017-2496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496 [ 80 ] CVE-2017-2504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504 [ 81 ] CVE-2017-2505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505 [ 82 ] CVE-2017-2506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506 [ 83 ] CVE-2017-2508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508 [ 84 ] CVE-2017-2510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510 [ 85 ] CVE-2017-2514 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514 [ 86 ] CVE-2017-2515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515 [ 87 ] CVE-2017-2521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521 [ 88 ] CVE-2017-2525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525 [ 89 ] CVE-2017-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526 [ 90 ] CVE-2017-2528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528 [ 91 ] CVE-2017-2530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530 [ 92 ] CVE-2017-2531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531 [ 93 ] CVE-2017-2536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536 [ 94 ] CVE-2017-2539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539 [ 95 ] CVE-2017-2544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544 [ 96 ] CVE-2017-2547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547 [ 97 ] CVE-2017-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549 [ 98 ] CVE-2017-6980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980 [ 99 ] CVE-2017-6984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201706-15 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--

Trust: 2.16

sources: NVD: CVE-2017-2475 // JVNDB: JVNDB-2017-002334 // BID: 97130 // VULHUB: VHN-110678 // VULMON: CVE-2017-2475 // PACKETSTORM: 142825

AFFECTED PRODUCTS

vendor:	apple	model:	tvos	scope:	lt	version:	10.2	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	10.3	Trust: 1.0
vendor:	apple	model:	safari	scope:	lt	version:	10.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	10.0.3	Trust: 0.9
vendor:	apple	model:	ios	scope:	lt	version:	10.3 (ipad first 4 after generation )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.3 (iphone 5 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.3 (ipod touch first 6 after generation )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (macos sierra 10.12.4)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (os x el capitan v10.11.6)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (os x yosemite v10.10.5)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	10.2 (apple tv first 4 generation )	Trust: 0.8
vendor:	apple	model:	tv	scope:	eq	version:	10.1.1	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	10.2.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.31	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.4	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	ne	version:	10.1	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.2.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.4	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.12.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	10.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1.1	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.6	Trust: 0.3
vendor:	ubuntu	model:	linux	scope:	eq	version:	16.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.5	Trust: 0.3
vendor:	apple	model:	tvos	scope:	ne	version:	10.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.34	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.52	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.31	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.28	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.5	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	ubuntu	model:	linux lts	scope:	eq	version:	16.04	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.33	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.30	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3

sources: BID: 97130 // JVNDB: JVNDB-2017-002334 // CNNVD: CNNVD-201704-106 // NVD: CVE-2017-2475

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-2475
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-2475
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201704-106
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-110678
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2017-2475
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-2475
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-110678
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-2475
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-110678 // VULMON: CVE-2017-2475 // JVNDB: JVNDB-2017-002334 // CNNVD: CNNVD-201704-106 // NVD: CVE-2017-2475

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-110678 // JVNDB: JVNDB-2017-002334 // NVD: CVE-2017-2475

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 142825 // CNNVD: CNNVD-201704-106

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201704-106

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002334

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	HT207617	url:	https://support.apple.com/en-us/HT207617	Trust: 0.8
title:	HT207600	url:	https://support.apple.com/en-us/HT207600	Trust: 0.8
title:	HT207601	url:	https://support.apple.com/en-us/HT207601	Trust: 0.8
title:	HT207600	url:	https://support.apple.com/ja-jp/HT207600	Trust: 0.8
title:	HT207601	url:	https://support.apple.com/ja-jp/HT207601	Trust: 0.8
title:	HT207617	url:	https://support.apple.com/ja-jp/HT207617	Trust: 0.8
title:	Multiple Apple product WebKit Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68999	Trust: 0.6
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2017-2475	Trust: 0.1
title:	Apple: tvOS 10.2	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=96152d4695ab80cff7cf110b4458ab10	Trust: 0.1
title:	Apple: Safari 10.1	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=5c4ba20f7a3a0bac6dc3db074ec0daa4	Trust: 0.1
title:	Ubuntu Security Notice: webkit2gtk vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3257-1	Trust: 0.1
title:	Apple: iOS 10.3	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=e3eec66a6152b7f2dac0fe21bb8ee9cd	Trust: 0.1
title:	Arch Linux Advisories: [ASA-201704-9] webkit2gtk: multiple issues	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201704-9	Trust: 0.1
title:	uxss-db	url:	https://github.com/Metnew/uxss-db	Trust: 0.1
title:	tensorflow	url:	https://github.com/elmasryelec/tensorflow	Trust: 0.1
title:	uxss-db	url:	https://github.com/0xR0/uxss-db	Trust: 0.1
title:	Exp101tsArchiv30thers	url:	https://github.com/nu11secur1ty/Exp101tsArchiv30thers	Trust: 0.1
title:	awesome-cve-poc_qazbnm456	url:	https://github.com/xbl3/awesome-cve-poc_qazbnm456	Trust: 0.1

sources: VULMON: CVE-2017-2475 // JVNDB: JVNDB-2017-002334 // CNNVD: CNNVD-201704-106

EXTERNAL IDS

db:	NVD	id:	CVE-2017-2475	Trust: 3.0
db:	BID	id:	97130	Trust: 2.1
db:	SECTRACK	id:	1038137	Trust: 1.8
db:	JVN	id:	JVNVU90482935	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-002334	Trust: 0.8
db:	CNNVD	id:	CNNVD-201704-106	Trust: 0.7
db:	VULHUB	id:	VHN-110678	Trust: 0.1
db:	VULMON	id:	CVE-2017-2475	Trust: 0.1
db:	PACKETSTORM	id:	142825	Trust: 0.1

sources: VULHUB: VHN-110678 // VULMON: CVE-2017-2475 // BID: 97130 // JVNDB: JVNDB-2017-002334 // PACKETSTORM: 142825 // CNNVD: CNNVD-201704-106 // NVD: CVE-2017-2475

REFERENCES

url:	http://www.securityfocus.com/bid/97130	Trust: 1.9
url:	https://security.gentoo.org/glsa/201706-15	Trust: 1.9
url:	https://support.apple.com/ht207600	Trust: 1.8
url:	https://support.apple.com/ht207601	Trust: 1.8
url:	https://support.apple.com/ht207617	Trust: 1.8
url:	http://www.securitytracker.com/id/1038137	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2475	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu90482935/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-2475	Trust: 0.8
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3
url:	https://www.apple.com/osx/	Trust: 0.3
url:	http://www.apple.com/safari/download/	Trust: 0.3
url:	http://www.webkit.org/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/79.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://security.archlinux.org/cve-2017-2475	Trust: 0.1
url:	https://support.apple.com/kb/ht207601	Trust: 0.1
url:	https://usn.ubuntu.com/3257-1/	Trust: 0.1
url:	https://tools.cisco.com/security/center/viewalert.x?alertid=53194	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7096	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2394	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7652	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2363	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2457	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2386	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7587	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2350	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2366	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7589	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2466	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2475	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7586	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7654	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2442	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7646	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7586	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2367	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7599	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2373	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2530	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2459	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7611	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7598	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7611	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2465	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-6980	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1727	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2454	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2455	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1727	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7656	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2544	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2354	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9643	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4692	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2447	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2377	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2464	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7632	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1728	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2470	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7648	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2365	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2506	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7646	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1728	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7589	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7587	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2549	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2471	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2526	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7639	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1726	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4743	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7598	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2514	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2515	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2521	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2539	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2369	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7632	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2460	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2371	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7623	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2419	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2481	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7635	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7645	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2364	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2469	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7096	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7642	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2468	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7645	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2505	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2510	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1723	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7610	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-6984	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7610	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2330	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4692	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2547	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7098	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2476	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2376	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1723	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2405	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2395	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7639	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2362	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7599	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2396	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7649	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2525	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2433	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7098	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9642	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2445	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2356	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7623	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2504	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2508	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2531	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2528	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4743	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7635	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2496	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7642	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1726	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2392	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2446	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2355	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7592	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2536	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-2330	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7592	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2415	Trust: 0.1

sources: VULHUB: VHN-110678 // VULMON: CVE-2017-2475 // BID: 97130 // JVNDB: JVNDB-2017-002334 // PACKETSTORM: 142825 // CNNVD: CNNVD-201704-106 // NVD: CVE-2017-2475

CREDITS

lokihardt of Google Project Zero, Andr&eacute; Bargull, Apple, Ivan Fratric of Google Project Zero, Natalie Silvanovich of Google Project Zero, Jeonghoon Shin, Zheng Huang and Wei Yuan of Baidu Security Lab, 0011 working with Trend Micro's Zero Day Ini

Trust: 0.3

sources: BID: 97130

SOURCES

db:	VULHUB	id:	VHN-110678
db:	VULMON	id:	CVE-2017-2475
db:	BID	id:	97130
db:	JVNDB	id:	JVNDB-2017-002334
db:	PACKETSTORM	id:	142825
db:	CNNVD	id:	CNNVD-201704-106
db:	NVD	id:	CVE-2017-2475

LAST UPDATE DATE

2024-11-23T19:54:23.165000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-110678	date:	2019-03-25T00:00:00
db:	VULMON	id:	CVE-2017-2475	date:	2019-03-25T00:00:00
db:	BID	id:	97130	date:	2017-06-08T08:02:00
db:	JVNDB	id:	JVNDB-2017-002334	date:	2017-04-12T00:00:00
db:	CNNVD	id:	CNNVD-201704-106	date:	2019-03-13T00:00:00
db:	NVD	id:	CVE-2017-2475	date:	2024-11-21T03:23:36.083

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-110678	date:	2017-04-02T00:00:00
db:	VULMON	id:	CVE-2017-2475	date:	2017-04-02T00:00:00
db:	BID	id:	97130	date:	2017-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2017-002334	date:	2017-04-12T00:00:00
db:	PACKETSTORM	id:	142825	date:	2017-06-07T14:18:30
db:	CNNVD	id:	CNNVD-201704-106	date:	2017-04-06T00:00:00
db:	NVD	id:	CVE-2017-2475	date:	2017-04-02T01:59:03.543