ID

VAR-201707-1151

CVE

CVE-2017-7048

TITLE

plural Apple Used in products WebKit Vulnerable to arbitrary code execution

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. =========================================================================== Ubuntu Security Notice USN-3376-1 August 02, 2017 webkit2gtk vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.17.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.17.04.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3376-1 CVE-2017-2538, CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7052, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.17.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.16.04.1 --mEItETklS4NmgqhBw701JL9Mli0Gg3IPs-- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-4 tvOS 10.2.2 tvOS 10.2.2 is now available and addresses the following: Contacts Available for: Apple TV (4th generation) Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team IOUSBFamily Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher CVE-2017-7026: an anonymous researcher Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7023: an anonymous researcher CVE-2017-7025: an anonymous researcher CVE-2017-7027: an anonymous researcher CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team Kernel Available for: Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher libarchive Available for: Apple TV (4th generation) Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: Apple TV (4th generation) Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz libxpc Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7047: Ian Beer of Google Project Zero WebKit Available for: Apple TV (4th generation) Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department Wi-Fi Available for: Apple TV (4th generation) Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRG94QP/Avj0tRTG+Ld6urUIeOKNNLt 98QOLh6sjPwu3wWKG3D/gIZFvR1jxEkPbwm7XRieaWpLlBQPSBTf5yvTcAcCot9z dANfWoigyII12dX5QXTh0wbTcf1mpcVgLWwEwljnSlEDxvRVUtSV08La/wJSbNqb H0B88xo6cBfm1icR/JYVB1P75oNAS0YNWmV2klJ0eJEnlU1zhWSOEc5Zb5PKjpud 65BGwEZF7fowT1vnbGA58ZSmo/vYWt2VpG1w5aicQP97C3YvgkXo9m2ia7UXMj9h +/qlRGjl8hH0ltQTGvJBEdiyPl7hbbvldL8+LFVpigD+YPT8xD3rTaqe9FuxGcrA 3UVgKbwvtfgJ/F87X1zBV8c/YmGuRXaAsbu+7Pkeb3Cn+cBJ1G0wt12MFbxm+8ZU tylpn/nqAcB6PhmEmIcSj6OkTJTi8daiep/4/Dq1S/cWfXKzXFnjyM8lpqTM0Osl 7uPgnQ0TuNF03pp+Ix6+B42MCVbUssxF60sWCujUkwbdp9I99KxR5TvrLtXUN5xX eQMZSlVRE6FoozNv8SdZwpMYhaWArloMfUrW5xQN8UCOlbtG83sBng1J2P9xTL6q OROFoSN8g33RcIrMdmH21P+R+J85DEj/1xWH/UHvAZZcj21IzKDbk4oagc5GB+Kv 2abirE4zVCVena/2l/KV =M8lR -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

buffer error

CONFIGURATIONS

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Apple

SOURCES

LAST UPDATE DATE

2024-11-23T21:00:02.854000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE