Details of VAR-201804-1059

ID

VAR-201804-1059

CVE

CVE-2017-7071

TITLE

Apple Safari Used in etc. Webkit Vulnerability in arbitrary code execution in components

Trust: 0.8

sources: JVNDB: JVNDB-2017-013125

DESCRIPTION

An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of HTMLSlotElement objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. WebKit is prone to a remote code-execution vulnerability. Failed exploit attempts will result in a denial-of-service condition. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome

Trust: 2.61

sources: NVD: CVE-2017-7071 // JVNDB: JVNDB-2017-013125 // ZDI: ZDI-17-714 // BID: 100613 // VULHUB: VHN-115274

AFFECTED PRODUCTS

vendor:	apple	model:	safari	scope:	lt	version:	10.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	5.0.5	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	10.0.3	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	9.1.3	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	9.1.1	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	9.0.2	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	9.1	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	9.0.3	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	8.0.8	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	8.0.6	Trust: 0.9
vendor:	apple	model:	safari	scope:	eq	version:	9.0.1	Trust: 0.9
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (macos sierra 10.12.4)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (os x el capitan 10.11.6)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	10.1 (os x yosemite 10.10.5)	Trust: 0.8
vendor:	apple	model:	safari	scope:	-	version:	-	Trust: 0.7
vendor:	apple	model:	safari	scope:	eq	version:	7.1.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.31	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	ne	version:	10.1	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.34	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.52	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.31	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.28	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.33	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.8	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.30	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.10	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	7.1.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	9.1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3.2.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.5	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	8.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	1.3.1	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	4.0.2	Trust: 0.3

sources: ZDI: ZDI-17-714 // BID: 100613 // JVNDB: JVNDB-2017-013125 // CNNVD: CNNVD-201709-539 // NVD: CVE-2017-7071

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7071
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-7071
value:	HIGH
Trust: 0.8
ZDI:	CVE-2017-7071
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201709-539
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-115274
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-7071
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.5
VULHUB:	VHN-115274
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-7071
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: ZDI: ZDI-17-714 // VULHUB: VHN-115274 // JVNDB: JVNDB-2017-013125 // CNNVD: CNNVD-201709-539 // NVD: CVE-2017-7071

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-115274 // JVNDB: JVNDB-2017-013125 // NVD: CVE-2017-7071

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-539

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201709-539

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-013125

PATCH

title:	HT207600	url:	https://support.apple.com/en-us/HT207600	Trust: 0.8
title:	HT207600	url:	https://support.apple.com/ja-jp/HT207600	Trust: 0.8
title:	Apple has issued an update to correct this vulnerability.	url:	https://support.apple.com/HT207600	Trust: 0.7
title:	WebKit Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74745	Trust: 0.6

sources: ZDI: ZDI-17-714 // JVNDB: JVNDB-2017-013125 // CNNVD: CNNVD-201709-539

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7071	Trust: 3.5
db:	BID	id:	100613	Trust: 2.0
db:	ZDI	id:	ZDI-17-714	Trust: 1.0
db:	JVNDB	id:	JVNDB-2017-013125	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-4521	Trust: 0.7
db:	CNNVD	id:	CNNVD-201709-539	Trust: 0.7
db:	VULHUB	id:	VHN-115274	Trust: 0.1

sources: ZDI: ZDI-17-714 // VULHUB: VHN-115274 // BID: 100613 // JVNDB: JVNDB-2017-013125 // CNNVD: CNNVD-201709-539 // NVD: CVE-2017-7071

REFERENCES

url:	https://support.apple.com/ht207600	Trust: 2.4
url:	http://www.securityfocus.com/bid/100613	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7071	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7071	Trust: 0.8
url:	http://www.apple.com/safari/	Trust: 0.3
url:	http://www.webkit.org/	Trust: 0.3
url:	https://support.apple.com/en-us/ht207600	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-17-714/	Trust: 0.3

sources: ZDI: ZDI-17-714 // VULHUB: VHN-115274 // BID: 100613 // JVNDB: JVNDB-2017-013125 // CNNVD: CNNVD-201709-539 // NVD: CVE-2017-7071

CREDITS

Kai Kang(a.k.a 4B5F5F4B) of Tencent's Xuanwu LAB

Trust: 0.9

sources: BID: 100613 // CNNVD: CNNVD-201709-539

SOURCES

db:	ZDI	id:	ZDI-17-714
db:	VULHUB	id:	VHN-115274
db:	BID	id:	100613
db:	JVNDB	id:	JVNDB-2017-013125
db:	CNNVD	id:	CNNVD-201709-539
db:	NVD	id:	CVE-2017-7071

LAST UPDATE DATE

2024-11-23T23:05:08.210000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-714	date:	2017-09-05T00:00:00
db:	VULHUB	id:	VHN-115274	date:	2018-04-27T00:00:00
db:	BID	id:	100613	date:	2017-08-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-013125	date:	2018-06-01T00:00:00
db:	CNNVD	id:	CNNVD-201709-539	date:	2017-09-13T00:00:00
db:	NVD	id:	CVE-2017-7071	date:	2024-11-21T03:31:06.963

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-17-714	date:	2017-09-05T00:00:00
db:	VULHUB	id:	VHN-115274	date:	2018-04-03T00:00:00
db:	BID	id:	100613	date:	2017-08-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-013125	date:	2018-06-01T00:00:00
db:	CNNVD	id:	CNNVD-201709-539	date:	2017-08-23T00:00:00
db:	NVD	id:	CVE-2017-7071	date:	2018-04-03T06:29:02.093