Details of VAR-201704-0804

ID

VAR-201704-0804

CVE

CVE-2017-2481

TITLE

plural Apple Used in products WebKit Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2017-002336

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS , Safari ,and tvOS Used in etc. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of ElementData objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to achieve remote code execution under the context of the current process. WebKit is prone to multiple security vulnerabilities. Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A memory corruption vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201706-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple vulnerabilities Date: June 07, 2017 Bugs: #543650, #573656, #577068, #608958, #614876, #619788 ID: 201706-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which allows remote attackers to execute arbitrary code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4" References ========== [ 1 ] CVE-2015-2330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330 [ 2 ] CVE-2015-7096 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096 [ 3 ] CVE-2015-7098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098 [ 4 ] CVE-2016-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723 [ 5 ] CVE-2016-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724 [ 6 ] CVE-2016-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725 [ 7 ] CVE-2016-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726 [ 8 ] CVE-2016-1727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727 [ 9 ] CVE-2016-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728 [ 10 ] CVE-2016-4692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692 [ 11 ] CVE-2016-4743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743 [ 12 ] CVE-2016-7586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586 [ 13 ] CVE-2016-7587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587 [ 14 ] CVE-2016-7589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589 [ 15 ] CVE-2016-7592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592 [ 16 ] CVE-2016-7598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598 [ 17 ] CVE-2016-7599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599 [ 18 ] CVE-2016-7610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610 [ 19 ] CVE-2016-7611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611 [ 20 ] CVE-2016-7623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623 [ 21 ] CVE-2016-7632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632 [ 22 ] CVE-2016-7635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635 [ 23 ] CVE-2016-7639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639 [ 24 ] CVE-2016-7640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640 [ 25 ] CVE-2016-7641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641 [ 26 ] CVE-2016-7642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642 [ 27 ] CVE-2016-7645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645 [ 28 ] CVE-2016-7646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646 [ 29 ] CVE-2016-7648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648 [ 30 ] CVE-2016-7649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649 [ 31 ] CVE-2016-7652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652 [ 32 ] CVE-2016-7654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654 [ 33 ] CVE-2016-7656 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656 [ 34 ] CVE-2016-9642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642 [ 35 ] CVE-2016-9643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643 [ 36 ] CVE-2017-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350 [ 37 ] CVE-2017-2354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354 [ 38 ] CVE-2017-2355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355 [ 39 ] CVE-2017-2356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356 [ 40 ] CVE-2017-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362 [ 41 ] CVE-2017-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363 [ 42 ] CVE-2017-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364 [ 43 ] CVE-2017-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365 [ 44 ] CVE-2017-2366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366 [ 45 ] CVE-2017-2367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367 [ 46 ] CVE-2017-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369 [ 47 ] CVE-2017-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371 [ 48 ] CVE-2017-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373 [ 49 ] CVE-2017-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376 [ 50 ] CVE-2017-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377 [ 51 ] CVE-2017-2386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386 [ 52 ] CVE-2017-2392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392 [ 53 ] CVE-2017-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394 [ 54 ] CVE-2017-2395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395 [ 55 ] CVE-2017-2396 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396 [ 56 ] CVE-2017-2405 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405 [ 57 ] CVE-2017-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415 [ 58 ] CVE-2017-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419 [ 59 ] CVE-2017-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433 [ 60 ] CVE-2017-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442 [ 61 ] CVE-2017-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445 [ 62 ] CVE-2017-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446 [ 63 ] CVE-2017-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447 [ 64 ] CVE-2017-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454 [ 65 ] CVE-2017-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455 [ 66 ] CVE-2017-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457 [ 67 ] CVE-2017-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459 [ 68 ] CVE-2017-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460 [ 69 ] CVE-2017-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464 [ 70 ] CVE-2017-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465 [ 71 ] CVE-2017-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466 [ 72 ] CVE-2017-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468 [ 73 ] CVE-2017-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469 [ 74 ] CVE-2017-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470 [ 75 ] CVE-2017-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471 [ 76 ] CVE-2017-2475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475 [ 77 ] CVE-2017-2476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476 [ 78 ] CVE-2017-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481 [ 79 ] CVE-2017-2496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496 [ 80 ] CVE-2017-2504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504 [ 81 ] CVE-2017-2505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505 [ 82 ] CVE-2017-2506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506 [ 83 ] CVE-2017-2508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508 [ 84 ] CVE-2017-2510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510 [ 85 ] CVE-2017-2514 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514 [ 86 ] CVE-2017-2515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515 [ 87 ] CVE-2017-2521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521 [ 88 ] CVE-2017-2525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525 [ 89 ] CVE-2017-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526 [ 90 ] CVE-2017-2528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528 [ 91 ] CVE-2017-2530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530 [ 92 ] CVE-2017-2531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531 [ 93 ] CVE-2017-2536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536 [ 94 ] CVE-2017-2539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539 [ 95 ] CVE-2017-2544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544 [ 96 ] CVE-2017-2547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547 [ 97 ] CVE-2017-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549 [ 98 ] CVE-2017-6980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980 [ 99 ] CVE-2017-6984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201706-15 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--

Trust: 2.7

sources: NVD: CVE-2017-2481 // JVNDB: JVNDB-2017-002336 // ZDI: ZDI-17-191 // BID: 97130 // VULHUB: VHN-110684 // PACKETSTORM: 142825

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	lte	version:	10.2.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	lte	version:	10.0.3	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lte	version:	10.1.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	10.0.3	Trust: 0.9
vendor:	apple	model:	ios	scope:	lt	version:	10.3 (ipad first 4 after generation )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.3 (iphone 5 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.3 (ipod touch first 6 after generation )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (macos sierra 10.12.4)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (os x el capitan v10.11.6)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (os x yosemite v10.10.5)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	10.2 (apple tv first 4 generation )	Trust: 0.8
vendor:	apple	model:	safari	scope:	-	version:	-	Trust: 0.7
vendor:	apple	model:	tv	scope:	eq	version:	10.1.1	Trust: 0.6
vendor:	apple	model:	iphone os	scope:	eq	version:	10.2.1	Trust: 0.6
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.31	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.4	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	ne	version:	10.1	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.2.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.4	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.12.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	10.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1.1	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.11.6	Trust: 0.3
vendor:	ubuntu	model:	linux	scope:	eq	version:	16.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.5	Trust: 0.3
vendor:	apple	model:	tvos	scope:	ne	version:	10.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.34	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.1	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.52	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.31	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.28	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.5	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	ubuntu	model:	linux lts	scope:	eq	version:	16.04	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.33	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.30	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	tvos	scope:	eq	version:	9.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.10.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3

sources: ZDI: ZDI-17-191 // BID: 97130 // JVNDB: JVNDB-2017-002336 // CNNVD: CNNVD-201704-110 // NVD: CVE-2017-2481

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-2481
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-2481
value:	HIGH
Trust: 0.8
ZDI:	CVE-2017-2481
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201704-110
value:	HIGH
Trust: 0.6
VULHUB:	VHN-110684
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-2481
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.5
VULHUB:	VHN-110684
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-2481
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: ZDI: ZDI-17-191 // VULHUB: VHN-110684 // JVNDB: JVNDB-2017-002336 // CNNVD: CNNVD-201704-110 // NVD: CVE-2017-2481

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-110684 // JVNDB: JVNDB-2017-002336 // NVD: CVE-2017-2481

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 142825 // CNNVD: CNNVD-201704-110

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201704-110

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002336

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	HT207617	url:	https://support.apple.com/en-us/HT207617	Trust: 0.8
title:	HT207600	url:	https://support.apple.com/en-us/HT207600	Trust: 0.8
title:	HT207601	url:	https://support.apple.com/en-us/HT207601	Trust: 0.8
title:	HT207600	url:	https://support.apple.com/ja-jp/HT207600	Trust: 0.8
title:	HT207601	url:	https://support.apple.com/ja-jp/HT207601	Trust: 0.8
title:	HT207617	url:	https://support.apple.com/ja-jp/HT207617	Trust: 0.8
title:	Apple has issued an update to correct this vulnerability.	url:	https://support.apple.com/kb/HT201222	Trust: 0.7
title:	Multiple Apple product WebKit Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69003	Trust: 0.6

sources: ZDI: ZDI-17-191 // JVNDB: JVNDB-2017-002336 // CNNVD: CNNVD-201704-110

EXTERNAL IDS

db:	NVD	id:	CVE-2017-2481	Trust: 3.6
db:	ZDI	id:	ZDI-17-191	Trust: 2.4
db:	BID	id:	97130	Trust: 2.0
db:	SECTRACK	id:	1038137	Trust: 1.7
db:	JVN	id:	JVNVU90482935	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-002336	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-4454	Trust: 0.7
db:	CNNVD	id:	CNNVD-201704-110	Trust: 0.7
db:	VULHUB	id:	VHN-110684	Trust: 0.1
db:	PACKETSTORM	id:	142825	Trust: 0.1

sources: ZDI: ZDI-17-191 // VULHUB: VHN-110684 // BID: 97130 // JVNDB: JVNDB-2017-002336 // PACKETSTORM: 142825 // CNNVD: CNNVD-201704-110 // NVD: CVE-2017-2481

REFERENCES

url:	https://security.gentoo.org/glsa/201706-15	Trust: 1.8
url:	http://www.securityfocus.com/bid/97130	Trust: 1.7
url:	https://support.apple.com/ht207600	Trust: 1.7
url:	https://support.apple.com/ht207601	Trust: 1.7
url:	https://support.apple.com/ht207617	Trust: 1.7
url:	http://zerodayinitiative.com/advisories/zdi-17-191/	Trust: 1.7
url:	http://www.securitytracker.com/id/1038137	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2481	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu90482935/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-2481	Trust: 0.8
url:	https://support.apple.com/kb/ht201222	Trust: 0.7
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3
url:	https://www.apple.com/osx/	Trust: 0.3
url:	http://www.apple.com/safari/download/	Trust: 0.3
url:	http://www.webkit.org/	Trust: 0.3
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7096	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2394	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7652	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2363	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2457	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2386	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7587	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2350	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2366	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7589	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2466	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2475	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7586	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7654	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2442	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7646	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7586	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2367	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7599	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2373	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2530	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2459	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7611	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7598	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7611	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2465	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-6980	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1727	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2454	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2455	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1727	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7656	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2544	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2354	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9643	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4692	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2447	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2377	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2464	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7632	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1728	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2470	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7648	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2365	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2506	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7646	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1728	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7589	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7587	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2549	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2471	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2526	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7639	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1726	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4743	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7598	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2514	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2515	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2521	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2539	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2369	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7632	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2460	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2371	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7623	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2419	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2481	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7635	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7645	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2364	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2469	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7096	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7642	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2468	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7645	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2505	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2510	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1723	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7610	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-6984	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7610	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2330	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4692	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2547	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-7098	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2476	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2376	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1723	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2405	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2395	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7639	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2362	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7599	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2396	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7649	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2525	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2433	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7098	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9642	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2445	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2356	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7623	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2504	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2508	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2531	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2528	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4743	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7635	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2496	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7642	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1726	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2392	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2446	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2355	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7592	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2536	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-2330	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-7592	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2415	Trust: 0.1

sources: ZDI: ZDI-17-191 // VULHUB: VHN-110684 // BID: 97130 // JVNDB: JVNDB-2017-002336 // PACKETSTORM: 142825 // CNNVD: CNNVD-201704-110 // NVD: CVE-2017-2481

CREDITS

0011

Trust: 0.7

sources: ZDI: ZDI-17-191

SOURCES

db:	ZDI	id:	ZDI-17-191
db:	VULHUB	id:	VHN-110684
db:	BID	id:	97130
db:	JVNDB	id:	JVNDB-2017-002336
db:	PACKETSTORM	id:	142825
db:	CNNVD	id:	CNNVD-201704-110
db:	NVD	id:	CVE-2017-2481

LAST UPDATE DATE

2024-11-23T20:54:04.265000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-191	date:	2017-03-28T00:00:00
db:	VULHUB	id:	VHN-110684	date:	2019-03-08T00:00:00
db:	BID	id:	97130	date:	2017-06-08T08:02:00
db:	JVNDB	id:	JVNDB-2017-002336	date:	2017-04-12T00:00:00
db:	CNNVD	id:	CNNVD-201704-110	date:	2019-03-13T00:00:00
db:	NVD	id:	CVE-2017-2481	date:	2024-11-21T03:23:36.830

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-17-191	date:	2017-03-28T00:00:00
db:	VULHUB	id:	VHN-110684	date:	2017-04-02T00:00:00
db:	BID	id:	97130	date:	2017-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2017-002336	date:	2017-04-12T00:00:00
db:	PACKETSTORM	id:	142825	date:	2017-06-07T14:18:30
db:	CNNVD	id:	CNNVD-201704-110	date:	2017-04-07T00:00:00
db:	NVD	id:	CVE-2017-2481	date:	2017-04-02T01:59:03.793