Details of VAR-201705-3985

ID

VAR-201705-3985

CVE

CVE-2017-6981

TITLE

Apple iOS and OS X of iBooks Component vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2017-003807

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that uses symlinks. Apple iOS and macOS are prone to multiple security vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Apple iOS is an operating system developed for mobile devices; macOS Sierra is a dedicated operating system developed for Mac computers

Trust: 1.98

sources: NVD: CVE-2017-6981 // JVNDB: JVNDB-2017-003807 // BID: 98472 // VULHUB: VHN-115184

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.12.4	Trust: 1.4
vendor:	apple	model:	mac os x	scope:	lte	version:	10.12.4	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lte	version:	10.3.1	Trust: 1.0
vendor:	apple	model:	ios	scope:	lt	version:	10.3.2 (ipad first 4 generation or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.3.2 (iphone 5 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	10.3.2 (ipod touch first 6 generation )	Trust: 0.8
vendor:	apple	model:	iphone os	scope:	eq	version:	10.3.1	Trust: 0.6
vendor:	apple	model:	macos	scope:	eq	version:	10.12.4	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.12.3	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.12.2	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.12.1	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.12	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	50	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	40	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	30	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.8	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.6	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2.10	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	macos	scope:	ne	version:	10.12.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	10.3.2	Trust: 0.3

sources: BID: 98472 // JVNDB: JVNDB-2017-003807 // CNNVD: CNNVD-201705-969 // NVD: CVE-2017-6981

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6981
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6981
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201705-969
value:	HIGH
Trust: 0.6
VULHUB:	VHN-115184
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-6981
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-115184
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6981
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-115184 // JVNDB: JVNDB-2017-003807 // CNNVD: CNNVD-201705-969 // NVD: CVE-2017-6981

PROBLEMTYPE DATA

problemtype:	CWE-59	Trust: 1.1
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-115184 // JVNDB: JVNDB-2017-003807 // NVD: CVE-2017-6981

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201705-969

TYPE

post link

Trust: 0.6

sources: CNNVD: CNNVD-201705-969

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-003807

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	HT207797	url:	https://support.apple.com/en-us/HT207797	Trust: 0.8
title:	HT207798	url:	https://support.apple.com/en-us/HT207798	Trust: 0.8
title:	HT207797	url:	https://support.apple.com/ja-jp/HT207797	Trust: 0.8
title:	HT207798	url:	https://support.apple.com/ja-jp/HT207798	Trust: 0.8
title:	Apple iOS and macOS Sierra iBooks Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70445	Trust: 0.6

sources: JVNDB: JVNDB-2017-003807 // CNNVD: CNNVD-201705-969

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6981	Trust: 2.8
db:	SECTRACK	id:	1038484	Trust: 1.7
db:	JVN	id:	JVNVU98089541	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-003807	Trust: 0.8
db:	CNNVD	id:	CNNVD-201705-969	Trust: 0.7
db:	BID	id:	98472	Trust: 0.3
db:	VULHUB	id:	VHN-115184	Trust: 0.1

sources: VULHUB: VHN-115184 // BID: 98472 // JVNDB: JVNDB-2017-003807 // CNNVD: CNNVD-201705-969 // NVD: CVE-2017-6981

REFERENCES

url:	https://support.apple.com/ht207797	Trust: 1.7
url:	https://support.apple.com/ht207798	Trust: 1.7
url:	http://www.securitytracker.com/id/1038484	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6981	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu98089541/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6981	Trust: 0.8
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3

sources: VULHUB: VHN-115184 // BID: 98472 // JVNDB: JVNDB-2017-003807 // CNNVD: CNNVD-201705-969 // NVD: CVE-2017-6981

CREDITS

Jun Kokatsu (@shhnjk), evi1m0 of YSRC (sec.ly.com), and Chaitin Security Research Lab (@ChaitinTech)

Trust: 0.3

sources: BID: 98472

SOURCES

db:	VULHUB	id:	VHN-115184
db:	BID	id:	98472
db:	JVNDB	id:	JVNDB-2017-003807
db:	CNNVD	id:	CNNVD-201705-969
db:	NVD	id:	CVE-2017-6981

LAST UPDATE DATE

2025-04-20T21:17:54.031000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-115184	date:	2019-10-03T00:00:00
db:	BID	id:	98472	date:	2017-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-003807	date:	2017-06-08T00:00:00
db:	CNNVD	id:	CNNVD-201705-969	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-6981	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-115184	date:	2017-05-22T00:00:00
db:	BID	id:	98472	date:	2017-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-003807	date:	2017-06-08T00:00:00
db:	CNNVD	id:	CNNVD-201705-969	date:	2017-05-24T00:00:00
db:	NVD	id:	CVE-2017-6981	date:	2017-05-22T05:29:02.770