ID

VAR-201707-1152

CVE

CVE-2017-7049

TITLE

plural Apple Used in products WebKit Vulnerable to arbitrary code execution

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-6 iTunes 12.6.2 iTunes 12.6.2 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: An application may be able to execute arbitrary code with system privileges Description: An access issue was addressed with additional restrictions. CVE-2017-7053: an anonymous researcher working with Trend Micro's Zero Day Initiative libxml2 Available for: Windows 7 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGu+8QAJFXygjh/tXHHRgutWMJ8oVt HGnjco28J9CE15LWYGc40imbEd+QQyAa3zOLwLqIgJ3HUJ2GCrazFiffNa3VQ0BL wraZmXFO9JuC4w25sniApMqxjiGj8SWWelgZTkWJHIfKQi5D1EvB/6FLILIUVdUM v0qH1CtDzsMnO09hoAMDlW8AU5DdWqClb7mV6xENvHbpSvlvD8Z/eNmUxjcY2ANz s2vcplw9i/Ub3Hyx+U1BznPZrGr0X1H5XmIQZ7SL4OYPi6lF0ykzqjcVkIO05r7u y+a+2wVA+4f51n9zLXbg/vCmwiXTOdyQ4MoAaeZcv09e+fxgmjbKvjDt4275ufV5 67icnaMdQLlcXdQOnEsg/92NdcoXBDyVRwJiXyGldRWZhtmJRmEebiQtUshlN72q RtNjxYvXvMIBGxWKZDWP3+4DvGYF9n9TsJUboIS7WuG5GwmjiCj/j/HsNVvTIVhr TWUxuJeZFYUdPzq0yP7JmDZT4rWO4ckHZNW4UIKqhUKGNm6abTajQCifextqVWNx fIKL6H0LzmwmR5jXkFHAY2Ki/qePNNS7MYoVMGCdTnA2492MGhPvnaVsHOOPUK88 DNNonfAHH7WRJTW6JVl/Y3fxGo0vYZdI7lgnXKEbYrMrebtx65Qgfa2iHqey3q7N vbPy12ncIWblI58V+3Re =6kNI -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

buffer error

CONFIGURATIONS

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

lokihardt of Google Project Zero, Zhiyang Zeng of Tencent Security Platform Department, likemeng of Baidu Security Lab, chenqin of Ant-financial Light-Year Security Lab, Ivan Fratric of Google Project Zero

SOURCES

LAST UPDATE DATE

2024-11-23T19:57:35.785000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE