Sign-up

ID

VAR-201710-1352


CVE

CVE-2017-7074


TITLE

Apple macOS of AppSandbox Service disruption in components (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2017-009368

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app. Apple macOS of AppSandbox Component has a service disruption (DoS) There are vulnerabilities that are put into a state.Denial of service operations through a specially crafted application by an attacker (DoS) There is a possibility of being put into a state. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. Failed exploit attempts will likely cause a denial-of-service condition. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. The AppSandbox component is one of the sandboxing system components that provides the operating system with the means to limit the use of system resources by applications. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-25-1 macOS High Sierra 10.13 macOS High Sierra 10.13 is now available and addresses the following: Application Firewall Available for: OS X Lion v10.8 and later Impact: A previously denied application firewall setting may take effect after upgrading Description: An upgrade issue existed in the handling of firewall settings. This issue was addressed through improved handling of firewall settings during upgrades. CVE-2017-7084: an anonymous researcher AppSandbox Available for: OS X Lion v10.8 and later Impact: An application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7074: Daniel Jalkut of Red Sweater Software Captive Network Assistant Available for: OS X Lion v10.8 and later Impact: A local user may unknowingly send a password unencrypted over the network Description: The security state of the captive portal browser was not obvious. This issue was addressed with improved visibility of the captive portal browser security state. CVE-2017-7143: an anonymous researcher CFNetwork Proxies Available for: OS X Lion v10.8 and later Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7083: Abhinav Bansal of Zscaler Inc. CoreAudio Available for: OS X Lion v10.8 and later Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4. CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro Directory Utility Available for: OS X Lion v10.8 and later Impact: A local attacker may be able to determine the Apple ID of the owner of the computer Description: A permissions issue existed in the handling of the Apple ID. This issue was addressed with improved access controls. CVE-2017-7138: an anonymous researcher file Available for: OS X Lion v10.8 and later Impact: Multiple issues in file Description: Multiple issues were addressed by updating to version 5.30. CVE-2017-7121: found by OSS-Fuzz CVE-2017-7122: found by OSS-Fuzz CVE-2017-7123: found by OSS-Fuzz CVE-2017-7124: found by OSS-Fuzz CVE-2017-7125: found by OSS-Fuzz CVE-2017-7126: found by OSS-Fuzz Heimdal Available for: OS X Lion v10.8 and later Impact: An attacker in a privileged network position may be able to impersonate a service Description: A validation issue existed in the handling of the KDC- REP service name. This issue was addressed through improved validation. CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams IOFireWireFamily Available for: OS X Lion v10.8 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7077: Brandon Azad IOFireWireFamily Available for: OS X Lion v10.8 and later Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7119: Xiaolong Bai, Min (Spark) Zheng of Alibaba Inc., Benjamin Gnahm (@mitp0sh) of PDX Kernel Available for: OS X Lion v10.8 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7114: Alex Plaskett of MWR InfoSecurity libc Available for: OS X Lion v10.8 and later Impact: A remote attacker may be able to cause a denial-of-service Description: A resource exhaustion issue in glob() was addressed through an improved algorithm. CVE-2017-7086: Russ Cox of Google libc Available for: OS X Lion v10.8 and later Impact: An application may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-1000373 libexpat Available for: OS X Lion v10.8 and later Impact: Multiple issues in expat Description: Multiple issues were addressed by updating to version 2.2.1 CVE-2016-9063 CVE-2017-9233 Mail Available for: OS X Lion v10.8 and later Impact: The sender of an email may be able to determine the IP address of the recipient Description: Turning off "Load remote content in messages" did not apply to all mailboxes. This issue was addressed with improved setting propagation. CVE-2017-7141: an anonymous researcher Mail Drafts Available for: OS X Lion v10.8 and later Impact: An attacker with a privileged network position may be able to intercept mail contents Description: An encryption issue existed in the handling of mail drafts. This issue was addressed with improved handling of mail drafts meant to be sent encrypted. CVE-2017-7078: an anonymous researcher, an anonymous researcher, an anonymous researcher ntp Available for: OS X Lion v10.8 and later Impact: Multiple issues in ntp Description: Multiple issues were addressed by updating to version 4.2.8p10 CVE-2017-6451: Cure53 CVE-2017-6452: Cure53 CVE-2017-6455: Cure53 CVE-2017-6458: Cure53 CVE-2017-6459: Cure53 CVE-2017-6460: Cure53 CVE-2017-6462: Cure53 CVE-2017-6463: Cure53 CVE-2017-6464: Cure53 CVE-2016-9042: Matthew Van Gundy of Cisco Screen Lock Available for: OS X Lion v10.8 and later Impact: Application Firewall prompts may appear over Login Window Description: A window management issue was addressed through improved state management. CVE-2017-7082: Tim Kingman Security Available for: OS X Lion v10.8 and later Impact: A revoked certificate may be trusted Description: A certificate validation issue existed in the handling of revocation data. This issue was addressed through improved validation. CVE-2017-7080: Sven Driemecker of adesso mobile solutions gmbh, Rune Darrud (@theflyingcorpse) of BA|rum kommune, an anonymous researcher, an anonymous researcher SQLite Available for: OS X Lion v10.8 and later Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3. CVE-2017-10989: found by OSS-Fuzz CVE-2017-7128: found by OSS-Fuzz CVE-2017-7129: found by OSS-Fuzz CVE-2017-7130: found by OSS-Fuzz SQLite Available for: OS X Lion v10.8 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7127: an anonymous researcher WebKit Available for: OS X Lion v10.8 and later Impact: A malicious website may be able to track users in Safari private browsing mode Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. CVE-2017-7144: an anonymous researcher zlib Available for: OS X Lion v10.8 and later Impact: Multiple issues in zlib Description: Multiple issues were addressed by updating to version 1.2.11. CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Additional recognition Security We would like to acknowledge Abhinav Bansal of Zscaler, Inc. for their assistance. Installation note: macOS 10.13 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZyUQfAAoJEIOj74w0bLRGmSEP/0wgqASRSNneoBx/AMLk0Qac mZhI8HuyJRTFwCOT7P7vkZTmoxtyOOdh4XaInvKMsW5I2G64YEmW86pcofHwdOTz TSWIAdus34xErUZ13rMzfg8Z3XAberG1E31QU2y2EXenpJSZIL8nzLgt8ySPVyzu PrQJxGxCMq1WAOSemGe+4rK2rMwpw5UDZyTbNPDi6lfKz0ZmtfvBzrgBq2xhA9iF /2NVs5rRog38N6F6xR6GNqi0dVoZmh1umQINh9nzTn8crbSuI3ixRtQYxstxU91/ 0wrgV03YF297n6bwVhawEDPU8obZzFgQRiKOjghE6h4YBVccWxMI9n42PwVc+G/Z X48wuSavpOEV6WEC+hWtALl/W73uH3jF2iK8rPBcDENheRlFi/y5+XeOK8TGJftS 6raj+IgbgERaY3uXcRoi0mLflpzxvGBYlTiJRRj7H7HFZO6v14hYyEMVrWmhFUiZ Xgy/qxHdWd/NW4AZz8Ke+ZMaJr21DozzI8ejug9shD7O/N31ZNq2qsNmxEweCPvt yMauTPAUutApHTEUXfwCdOy+ZGgTtWDnOC+g3ezkAOdigvjFcwlFH0Sbjxnhxbbp LVLz7tHwyKa5Xcwet0ZRH3WCHBsTzzkpsgxoyEMabE2KGS461uZw20t2uZozNsV0 bniy26PJZ5xGrFOSZYUa =wBKW -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2017-7074 // JVNDB: JVNDB-2017-009368 // BID: 100993 // VULHUB: VHN-115277 // PACKETSTORM: 144366

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.12.6

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.8 or later 10.13

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.12.6

Trust: 0.6

vendor:applemodel:macosscope:eqversion:10.12.6

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.5

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.4

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.3

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.2

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.1

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:applemodel:macosscope:neversion:10.13

Trust: 0.3

sources: BID: 100993 // JVNDB: JVNDB-2017-009368 // CNNVD: CNNVD-201710-1092 // NVD: CVE-2017-7074

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-7074
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-7074
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201710-1092
value: MEDIUM

Trust: 0.6

VULHUB: VHN-115277
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-7074
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-115277
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-7074
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-115277 // JVNDB: JVNDB-2017-009368 // CNNVD: CNNVD-201710-1092 // NVD: CVE-2017-7074

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-115277 // JVNDB: JVNDB-2017-009368 // NVD: CVE-2017-7074

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201710-1092

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201710-1092

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-009368

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:HT208144url:https://support.apple.com/en-us/HT208144
Trust: 0.8
title:HT208144url:https://support.apple.com/ja-jp/HT208144
Trust: 0.8
title:Apple macOS High Sierra AppSandbox Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75951
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-009368 // 
            
            
            
            CNNVD: CNNVD-201710-1092

EXTERNAL IDS
db:NVDid:CVE-2017-7074
Trust: 2.9
db:BIDid:100993
Trust: 1.4
db:SECTRACKid:1039427
Trust: 1.1
db:JVNid:JVNVU99806334
Trust: 0.8
db:JVNDBid:JVNDB-2017-009368
Trust: 0.8
db:CNNVDid:CNNVD-201710-1092
Trust: 0.7
db:VULHUBid:VHN-115277
Trust: 0.1
db:PACKETSTORMid:144366
Trust: 0.1
sources:
            
            
            VULHUB: VHN-115277 // 
            
            
            
            BID: 100993 // 
            
            
            
            JVNDB: JVNDB-2017-009368 // 
            
            
            
            PACKETSTORM: 144366 // 
            
            
            
            CNNVD: CNNVD-201710-1092 // 
            
            
            
            NVD: CVE-2017-7074

REFERENCES
url:https://support.apple.com/ht208144
Trust: 1.7
url:http://www.securityfocus.com/bid/100993
Trust: 1.1
url:http://www.securitytracker.com/id/1039427
Trust: 1.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-7074
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7074
Trust: 0.8
url:http://jvn.jp/vu/jvnvu99806334/index.html
Trust: 0.8
url:https://www.apple.com/
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2017-7114
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-10989
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-7080
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-7078
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6451
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-0381
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6460
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-7077
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-9842
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6459
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-1000373
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-7083
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6458
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-11103
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-9042
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6463
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-7082
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6455
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6452
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6462
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-9840
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-7084
Trust: 0.1
url:https://www.apple.com/support/downloads/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-9063
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-9841
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-7086
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-6464
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-9843
Trust: 0.1
sources:
            
            
            VULHUB: VHN-115277 // 
            
            
            
            BID: 100993 // 
            
            
            
            JVNDB: JVNDB-2017-009368 // 
            
            
            
            PACKETSTORM: 144366 // 
            
            
            
            CNNVD: CNNVD-201710-1092 // 
            
            
            
            NVD: CVE-2017-7074

CREDITS
Daniel Jalkut of Red Sweater Software, Brandon Azad, Tim Kingman, Xiaolong Bai, Min (Spark) Zheng of Alibaba Inc., Benjamin Gnahm (@mitp0sh) of PDX.
Trust: 0.3
sources:
            
            
            BID: 100993

SOURCES
db:VULHUBid:VHN-115277
db:BIDid:100993
db:JVNDBid:JVNDB-2017-009368
db:PACKETSTORMid:144366
db:CNNVDid:CNNVD-201710-1092
db:NVDid:CVE-2017-7074

LAST UPDATE DATE
2024-11-23T19:49:30.768000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-115277date:2017-10-26T00:00:00
db:BIDid:100993date:2017-09-25T00:00:00
db:JVNDBid:JVNDB-2017-009368date:2017-11-09T00:00:00
db:CNNVDid:CNNVD-201710-1092date:2017-10-24T00:00:00
db:NVDid:CVE-2017-7074date:2024-11-21T03:31:07.210

SOURCES RELEASE DATE
db:VULHUBid:VHN-115277date:2017-10-23T00:00:00
db:BIDid:100993date:2017-09-25T00:00:00
db:JVNDBid:JVNDB-2017-009368date:2017-11-09T00:00:00
db:PACKETSTORMid:144366date:2017-09-28T00:13:55
db:CNNVDid:CNNVD-201710-1092date:2017-10-24T00:00:00
db:NVDid:CVE-2017-7074date:2017-10-23T01:29:11.440