Sign-up

ID

VAR-201704-0837


CVE

CVE-2017-2463


TITLE

plural Apple Used in products WebKit Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2017-002429

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within RenderBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to achieve remote code execution under the context of the process. WebKit is prone to multiple information-disclosure and memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in the WebKit component found in several Apple products. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; Windows-based iCloud prior to 6.2; Windows-based iCloud prior to 6.2; tvOS prior to 10.2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-03-28-2 Additional information for APPLE-SA-2017-03-22-1 iTunes for Windows 12.6 iTunes for Windows 12.6 addresses the following: APNs Server Available for: Windows 7 and later Impact: An attacker in a privileged network position can track a user's activity Description: A client certificate was sent in plaintext. This issue was addressed through improved certificate handling. CVE-2017-2383: Matthias Wachs and Quirin Scheitle of Technical University Munich (TUM) Entry added March 28, 2017 iTunes Available for: Windows 7 and later Impact: Multiple issues in SQLite Description: Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2. CVE-2013-7443 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-3717 CVE-2015-6607 CVE-2016-6153 iTunes Available for: Windows 7 and later Impact: Multiple issues in expat Description: Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0. CVE-2009-3270 CVE-2009-3560 CVE-2009-3720 CVE-2012-1147 CVE-2012-1148 CVE-2012-6702 CVE-2015-1283 CVE-2016-0718 CVE-2016-4472 CVE-2016-5300 libxslt Available for: Windows 7 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-5029: Holger Fuhrmannek Entry added March 28, 2017 WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-2463: Kai Kang (4B5F5F4B) of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative Entry added March 28, 2017 WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A validation issue existed in element handling. This issue was addressed through improved validation. CVE-2017-2479: lokihardt of Google Project Zero CVE-2017-2480: lokihardt of Google Project Zero Entry added March 28, 2017 Installation note: iTunes for Windows 12.6 may be obtained from: https://www.apple.com/itunes/download/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJY2sl6AAoJEIOj74w0bLRGEMAQAJjPU9+iTIEs0o4EfazvmkXj /zLRgzdfr1kp9Iu90U/ZxgnAO3ZUqEF/6FWy6dN3zSA7AlP7q+zFlxXqbkoJB+eX sE+vGilHWZ8p2Qud9EikwDKCvLNn/4xYQ9Nm0jCwA14VBS1dBlOrFUlsnM9EoS9/ YKks/NSYV9jtLgKvc42SeTks62tLL5ZQGMKv+Gg0HH2Yeug2eAHGb+u5vYCHTcER AMTKKQtr57IJyz2tg7YZGWvbKIS2690CpIyZGxpbUCKv+dNdEPsDTNHjjpzwMBtc diSIIX8AC6T0nWbrOFtWqhhFyWk6rZAWb8RvDYYd/a6ro7hxYq8xZATBS2BJFskp esMHBuFYgDwIeJiGaCW07UyJzyzDck7pesJeq7gqF+O5Fl6bdHN4b8rNmVtBvDom g7tkwSE9+ZmiPUMJGF2NUWNb4+yY0OPm3Uq2kvoyXl5KGmEaFMoDnPzKIdPmE+b+ lJZUYgQSXlO6B7uz+MBx2ntH1uhIrAdKhFiePYj/lujNB3lTij5zpCOLyivdEXZw iJHX211+FpS8VV1/dHOjgbYnvnw4wofbPN63dkYvwgwwWy7VISThXQuMqtDW/wOE 9h0me2NkZRxQ845p4MaLPqZQFi1WcU4/PbcBBb0CvBwlnonYP/YRnyQrNWx+36Fo VkUmhXDNi0csm+QTi7ZP =hPjT -----END PGP SIGNATURE-----

Trust: 2.79

sources: NVD: CVE-2017-2463 // JVNDB: JVNDB-2017-002429 // ZDI: ZDI-17-241 // BID: 97176 // VULHUB: VHN-110666 // PACKETSTORM: 141936 // PACKETSTORM: 141937

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:10.3

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:6.2

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:10.2

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.6

Trust: 1.0

vendor:applemodel:safariscope:ltversion:10.1

Trust: 1.0

vendor:applemodel:icloudscope:eqversion:6.1.1

Trust: 0.9

vendor:applemodel:icloudscope:ltversion:6.2 (windows 7 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10.3 (ipad first 4 after generation )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10.3 (iphone 5 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:10.3 (ipod touch first 6 after generation )

Trust: 0.8

vendor:applemodel:itunesscope:ltversion:for windows 12.6 (windows 7 or later )

Trust: 0.8

vendor:applemodel:safariscope:ltversion:10.1 (macos sierra 10.12.4)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:10.1 (os x el capitan v10.11.6)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:10.1 (os x yosemite v10.10.5)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:10.2 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:safariscope: - version: -

Trust: 0.7

vendor:applemodel:tvscope:eqversion:10.1.1

Trust: 0.6

vendor:applemodel:iphone osscope:eqversion:10.2.1

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.5.5.5

Trust: 0.6

vendor:applemodel:safariscope:eqversion:10.0.3

Trust: 0.6

vendor:webkitmodel:open source project webkitscope:eqversion:0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.5.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.5.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.4.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.3.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.3.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.2.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.1.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.1.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.1.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.1.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.1.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.0.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.0.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.0.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.6.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.6.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.1.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.5.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.5.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:12.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.0.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:11.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.7

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.6

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.4.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.3.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.1.1.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.1.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10

Trust: 0.3

vendor:applemodel:icloudscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:icloudscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:icloudscope:eqversion:6.0

Trust: 0.3

vendor:applemodel:itunesscope:neversion:12.6

Trust: 0.3

vendor:applemodel:icloudscope:neversion:6.2

Trust: 0.3

sources: ZDI: ZDI-17-241 // BID: 97176 // JVNDB: JVNDB-2017-002429 // CNNVD: CNNVD-201703-1341 // NVD: CVE-2017-2463

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-2463
value: HIGH

Trust: 1.0

NVD: CVE-2017-2463
value: HIGH

Trust: 0.8

ZDI: CVE-2017-2463
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-201703-1341
value: HIGH

Trust: 0.6

VULHUB: VHN-110666
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-2463
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

VULHUB: VHN-110666
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-2463
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-17-241 // VULHUB: VHN-110666 // JVNDB: JVNDB-2017-002429 // CNNVD: CNNVD-201703-1341 // NVD: CVE-2017-2463

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.9

sources: VULHUB: VHN-110666 // JVNDB: JVNDB-2017-002429 // NVD: CVE-2017-2463

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1341

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201703-1341

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-002429

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:HT207601url:https://support.apple.com/en-us/HT207601
Trust: 0.8
title:HT207607url:https://support.apple.com/en-us/HT207607
Trust: 0.8
title:HT207617url:https://support.apple.com/en-us/HT207617
Trust: 0.8
title:HT207599url:https://support.apple.com/en-us/HT207599
Trust: 0.8
title:HT207600url:https://support.apple.com/en-us/HT207600
Trust: 0.8
title:HT207599url:https://support.apple.com/ja-jp/HT207599
Trust: 0.8
title:HT207600url:https://support.apple.com/ja-jp/HT207600
Trust: 0.8
title:HT207601url:https://support.apple.com/ja-jp/HT207601
Trust: 0.8
title:HT207607url:https://support.apple.com/ja-jp/HT207607
Trust: 0.8
title:HT207617url:https://support.apple.com/ja-jp/HT207617
Trust: 0.8
title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/kb/HT201222
Trust: 0.7
title:Multiple Apple product WebKit Fixes for component security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68868
Trust: 0.6
sources:
            
            
            ZDI: ZDI-17-241 // 
            
            
            
            JVNDB: JVNDB-2017-002429 // 
            
            
            
            CNNVD: CNNVD-201703-1341

EXTERNAL IDS
db:NVDid:CVE-2017-2463
Trust: 3.7
db:ZDIid:ZDI-17-241
Trust: 2.4
db:BIDid:97176
Trust: 2.0
db:SECTRACKid:1038157
Trust: 1.7
db:JVNid:JVNVU90482935
Trust: 0.8
db:JVNDBid:JVNDB-2017-002429
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-4452
Trust: 0.7
db:CNNVDid:CNNVD-201703-1341
Trust: 0.7
db:VULHUBid:VHN-110666
Trust: 0.1
db:PACKETSTORMid:141936
Trust: 0.1
db:PACKETSTORMid:141937
Trust: 0.1
sources:
            
            
            ZDI: ZDI-17-241 // 
            
            
            
            VULHUB: VHN-110666 // 
            
            
            
            BID: 97176 // 
            
            
            
            JVNDB: JVNDB-2017-002429 // 
            
            
            
            PACKETSTORM: 141936 // 
            
            
            
            PACKETSTORM: 141937 // 
            
            
            
            CNNVD: CNNVD-201703-1341 // 
            
            
            
            NVD: CVE-2017-2463

REFERENCES
url:http://www.securityfocus.com/bid/97176
Trust: 1.7
url:https://support.apple.com/ht207599
Trust: 1.7
url:https://support.apple.com/ht207600
Trust: 1.7
url:https://support.apple.com/ht207601
Trust: 1.7
url:https://support.apple.com/ht207607
Trust: 1.7
url:https://support.apple.com/ht207617
Trust: 1.7
url:http://zerodayinitiative.com/advisories/zdi-17-241/
Trust: 1.7
url:http://www.securitytracker.com/id/1038157
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2017-2463
Trust: 1.0
url:https://support.apple.com/kb/ht201222
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2463
Trust: 0.8
url:http://jvn.jp/vu/jvnvu90482935/index.html
Trust: 0.8
url:https://www.apple.com/
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2017-2480
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2017-2479
Trust: 0.2
url:https://www.apple.com/support/security/pgp/
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2017-5029
Trust: 0.2
url:http://gpgtools.org
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2017-2383
Trust: 0.2
url:https://support.apple.com/ht204283
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-5300
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-0718
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-3720
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-6153
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3415
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-3270
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-6607
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-3560
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3416
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-1283
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3717
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2015-3414
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-7443
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-6702
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-4472
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1148
Trust: 0.1
url:https://www.apple.com/itunes/download/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1147
Trust: 0.1
sources:
            
            
            ZDI: ZDI-17-241 // 
            
            
            
            VULHUB: VHN-110666 // 
            
            
            
            BID: 97176 // 
            
            
            
            JVNDB: JVNDB-2017-002429 // 
            
            
            
            PACKETSTORM: 141936 // 
            
            
            
            PACKETSTORM: 141937 // 
            
            
            
            CNNVD: CNNVD-201703-1341 // 
            
            
            
            NVD: CVE-2017-2463

CREDITS
Kai Kang (4B5F5F4B) of Tencent's Xuanwu Lab and lokihardt of Google Project Zero
Trust: 0.9
sources:
            
            
            BID: 97176 // 
            
            
            
            CNNVD: CNNVD-201703-1341

SOURCES
db:ZDIid:ZDI-17-241
db:VULHUBid:VHN-110666
db:BIDid:97176
db:JVNDBid:JVNDB-2017-002429
db:PACKETSTORMid:141936
db:PACKETSTORMid:141937
db:CNNVDid:CNNVD-201703-1341
db:NVDid:CVE-2017-2463

LAST UPDATE DATE
2024-11-23T19:29:09.559000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-17-241date:2017-03-30T00:00:00
db:VULHUBid:VHN-110666date:2019-03-19T00:00:00
db:BIDid:97176date:2017-04-04T00:01:00
db:JVNDBid:JVNDB-2017-002429date:2017-04-13T00:00:00
db:CNNVDid:CNNVD-201703-1341date:2019-03-13T00:00:00
db:NVDid:CVE-2017-2463date:2024-11-21T03:23:34.613

SOURCES RELEASE DATE
db:ZDIid:ZDI-17-241date:2017-03-30T00:00:00
db:VULHUBid:VHN-110666date:2017-04-02T00:00:00
db:BIDid:97176date:2017-03-28T00:00:00
db:JVNDBid:JVNDB-2017-002429date:2017-04-13T00:00:00
db:PACKETSTORMid:141936date:2017-03-28T23:02:22
db:PACKETSTORMid:141937date:2017-03-28T23:44:44
db:CNNVDid:CNNVD-201703-1341date:2017-03-31T00:00:00
db:NVDid:CVE-2017-2463date:2017-04-02T01:59:03.090