VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201707-1175 CVE-2017-7017 Apple macOS of Intel Graphics Driver Component vulnerable to arbitrary code execution in privileged context CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-2 macOS 10.12.6 macOS 10.12.6 is now available and addresses the following: afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7016: riusksk (ae3aY=) of Tencent Security Platform Department afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7033: riusksk (ae3aY=) of Tencent Security Platform Department AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7021: sss and Axis of Qihoo 360 Nirvan Team Audio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc. CVE-2017-7054: Lufeng Li of Qihoo 360 Vulcan Team, Alex Plaskett of MWR InfoSecurity Contacts Available for: macOS Sierra 10.12.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team curl Available for: macOS Sierra 10.12.5 Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to version 7.54.0. CVE-2016-9586 CVE-2016-9594 CVE-2017-2629 CVE-2017-7468 Foundation Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7014: Axis and sss of Qihoo 360 Nirvan Team, Lee of Minionz CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team Intel Graphics Driver Available for: macOS Sierra 10.12.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team IOUSBFamily Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7026: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team kext tools Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team libarchive Available for: macOS Sierra 10.12.5 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7047: Ian Beer of Google Project Zero Wi-Fi Available for: macOS Sierra 10.12.5 Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Additional recognition curl We would like to acknowledge Dave Murdock of Tangerine Element for their assistance. Installation note: macOS 10.12.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGe3QP/2EYqCofq3zbIdr8qyzqkFea S7TLjRwnRulKBO4/Cj4Qfkc5wp8g4gd6qs0SjpfHIMw5XWwwGSxtljQ+zPhd8Zie AtwDPcjNpNKzcdgs1guEUwkv9gLgDbS6xbCUEnld00lURTAWxtMEP3Ue5chaJMn7 GpYQx8ZDZ15D8cjbtvIYHjmhTEutiqWB0EAcEvuM3ov54oC7qlu7vpXzevcLw9j6 YwZZJz2MSIlhpQh466qBr1Eay+EdTF69D0F18Jlpx9M+QejpHBLy08vk3UypXkqs Jjf/FmqrSuSZrPwU+WOYaps6AvZ+pDMnJIBuWDw1BaI5hrx3KA8eyGSlzedTM7DG r+myZHjIt4EOuSK6rOyZnmTLJM7/gWOm4CpPPbyDNd10nJm5oDWuZnqMlBcC4X/8 99ks/lXKbxtwTVL4AHDb0+rKJ2N9Try5togURREkAC5cI/97+zKzQ9Qobu4iC8MN Yo9dwDDP77vxANrGAUbEJSAWBR+tkLJw1jIJhIXeb/Hhayw4J02qo6RzO9bMotcx RhsNAr3ZN/REBBzinUR13o605W7I3ktRZlc1K8aVQqj4doRLCUAw0TJXs2/4pkKI hdueKoFsS66nbgoThU6VmAkyPfYubvJuDEaZ5wzS1CZOHZSr2Hy5//YfY9UhRcBu RN8FF9CraIvShvn0urgd =wnAu -----END PGP SIGNATURE-----
VAR-201707-1174 CVE-2017-7016 Apple macOS of afclip Vulnerability in arbitrary code execution in components CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "afclip" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. The afclip component is one of the file verification analysis components. A memory corruption vulnerability exists in the afclip component of Apple macOS Sierra prior to 10.12.6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-2 macOS 10.12.6 macOS 10.12.6 is now available and addresses the following: afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7033: riusksk (ae3aY=) of Tencent Security Platform Department AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7021: sss and Axis of Qihoo 360 Nirvan Team Audio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc. CVE-2017-7054: Lufeng Li of Qihoo 360 Vulcan Team, Alex Plaskett of MWR InfoSecurity Contacts Available for: macOS Sierra 10.12.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team curl Available for: macOS Sierra 10.12.5 Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to version 7.54.0. CVE-2016-9586 CVE-2016-9594 CVE-2017-2629 CVE-2017-7468 Foundation Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7014: Axis and sss of Qihoo 360 Nirvan Team, Lee of Minionz CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team Intel Graphics Driver Available for: macOS Sierra 10.12.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team IOUSBFamily Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7026: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team kext tools Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team libarchive Available for: macOS Sierra 10.12.5 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7047: Ian Beer of Google Project Zero Wi-Fi Available for: macOS Sierra 10.12.5 Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Additional recognition curl We would like to acknowledge Dave Murdock of Tangerine Element for their assistance. Installation note: macOS 10.12.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGe3QP/2EYqCofq3zbIdr8qyzqkFea S7TLjRwnRulKBO4/Cj4Qfkc5wp8g4gd6qs0SjpfHIMw5XWwwGSxtljQ+zPhd8Zie AtwDPcjNpNKzcdgs1guEUwkv9gLgDbS6xbCUEnld00lURTAWxtMEP3Ue5chaJMn7 GpYQx8ZDZ15D8cjbtvIYHjmhTEutiqWB0EAcEvuM3ov54oC7qlu7vpXzevcLw9j6 YwZZJz2MSIlhpQh466qBr1Eay+EdTF69D0F18Jlpx9M+QejpHBLy08vk3UypXkqs Jjf/FmqrSuSZrPwU+WOYaps6AvZ+pDMnJIBuWDw1BaI5hrx3KA8eyGSlzedTM7DG r+myZHjIt4EOuSK6rOyZnmTLJM7/gWOm4CpPPbyDNd10nJm5oDWuZnqMlBcC4X/8 99ks/lXKbxtwTVL4AHDb0+rKJ2N9Try5togURREkAC5cI/97+zKzQ9Qobu4iC8MN Yo9dwDDP77vxANrGAUbEJSAWBR+tkLJw1jIJhIXeb/Hhayw4J02qo6RzO9bMotcx RhsNAr3ZN/REBBzinUR13o605W7I3ktRZlc1K8aVQqj4doRLCUAw0TJXs2/4pkKI hdueKoFsS66nbgoThU6VmAkyPfYubvJuDEaZ5wzS1CZOHZSr2Hy5//YfY9UhRcBu RN8FF9CraIvShvn0urgd =wnAu -----END PGP SIGNATURE-----
VAR-201707-1172 CVE-2017-7014 Apple macOS of Intel Graphics Driver Vulnerability in component execution of arbitrary code in privileged context CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-2 macOS 10.12.6 macOS 10.12.6 is now available and addresses the following: afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7016: riusksk (ae3aY=) of Tencent Security Platform Department afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7033: riusksk (ae3aY=) of Tencent Security Platform Department AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7021: sss and Axis of Qihoo 360 Nirvan Team Audio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc. CVE-2017-7054: Lufeng Li of Qihoo 360 Vulcan Team, Alex Plaskett of MWR InfoSecurity Contacts Available for: macOS Sierra 10.12.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team curl Available for: macOS Sierra 10.12.5 Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to version 7.54.0. CVE-2016-9586 CVE-2016-9594 CVE-2017-2629 CVE-2017-7468 Foundation Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7014: Axis and sss of Qihoo 360 Nirvan Team, Lee of Minionz CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team Intel Graphics Driver Available for: macOS Sierra 10.12.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team IOUSBFamily Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7026: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team kext tools Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team libarchive Available for: macOS Sierra 10.12.5 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7047: Ian Beer of Google Project Zero Wi-Fi Available for: macOS Sierra 10.12.5 Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Additional recognition curl We would like to acknowledge Dave Murdock of Tangerine Element for their assistance. Installation note: macOS 10.12.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGe3QP/2EYqCofq3zbIdr8qyzqkFea S7TLjRwnRulKBO4/Cj4Qfkc5wp8g4gd6qs0SjpfHIMw5XWwwGSxtljQ+zPhd8Zie AtwDPcjNpNKzcdgs1guEUwkv9gLgDbS6xbCUEnld00lURTAWxtMEP3Ue5chaJMn7 GpYQx8ZDZ15D8cjbtvIYHjmhTEutiqWB0EAcEvuM3ov54oC7qlu7vpXzevcLw9j6 YwZZJz2MSIlhpQh466qBr1Eay+EdTF69D0F18Jlpx9M+QejpHBLy08vk3UypXkqs Jjf/FmqrSuSZrPwU+WOYaps6AvZ+pDMnJIBuWDw1BaI5hrx3KA8eyGSlzedTM7DG r+myZHjIt4EOuSK6rOyZnmTLJM7/gWOm4CpPPbyDNd10nJm5oDWuZnqMlBcC4X/8 99ks/lXKbxtwTVL4AHDb0+rKJ2N9Try5togURREkAC5cI/97+zKzQ9Qobu4iC8MN Yo9dwDDP77vxANrGAUbEJSAWBR+tkLJw1jIJhIXeb/Hhayw4J02qo6RzO9bMotcx RhsNAr3ZN/REBBzinUR13o605W7I3ktRZlc1K8aVQqj4doRLCUAw0TJXs2/4pkKI hdueKoFsS66nbgoThU6VmAkyPfYubvJuDEaZ5wzS1CZOHZSr2Hy5//YfY9UhRcBu RN8FF9CraIvShvn0urgd =wnAu -----END PGP SIGNATURE-----
VAR-201707-1173 CVE-2017-7015 Apple macOS Vulnerability in a computer's audio component to retrieve important information from process memory CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Audio" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted audio file. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-2 macOS 10.12.6 macOS 10.12.6 is now available and addresses the following: afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7016: riusksk (ae3aY=) of Tencent Security Platform Department afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7033: riusksk (ae3aY=) of Tencent Security Platform Department AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7015: riusksk (ae3aY=) of Tencent Security Platform Department Bluetooth Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc. CVE-2017-7051: Alex Plaskett of MWR InfoSecurity Bluetooth Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7054: Lufeng Li of Qihoo 360 Vulcan Team, Alex Plaskett of MWR InfoSecurity Contacts Available for: macOS Sierra 10.12.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team curl Available for: macOS Sierra 10.12.5 Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to version 7.54.0. CVE-2016-9586 CVE-2016-9594 CVE-2017-2629 CVE-2017-7468 Foundation Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7031: HappilyCoded (ant4g0nist and r3dsm0k3) Intel Graphics Driver Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7014: Axis and sss of Qihoo 360 Nirvan Team, Lee of Minionz CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team Intel Graphics Driver Available for: macOS Sierra 10.12.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team IOUSBFamily Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7023: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7025: an anonymous researcher CVE-2017-7027: an anonymous researcher CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7026: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team kext tools Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team libarchive Available for: macOS Sierra 10.12.5 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz libxpc Available for: macOS Sierra 10.12.5 and OS X El Capitan v10.11.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7047: Ian Beer of Google Project Zero Wi-Fi Available for: macOS Sierra 10.12.5 Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Additional recognition curl We would like to acknowledge Dave Murdock of Tangerine Element for their assistance. Installation note: macOS 10.12.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGe3QP/2EYqCofq3zbIdr8qyzqkFea S7TLjRwnRulKBO4/Cj4Qfkc5wp8g4gd6qs0SjpfHIMw5XWwwGSxtljQ+zPhd8Zie AtwDPcjNpNKzcdgs1guEUwkv9gLgDbS6xbCUEnld00lURTAWxtMEP3Ue5chaJMn7 GpYQx8ZDZ15D8cjbtvIYHjmhTEutiqWB0EAcEvuM3ov54oC7qlu7vpXzevcLw9j6 YwZZJz2MSIlhpQh466qBr1Eay+EdTF69D0F18Jlpx9M+QejpHBLy08vk3UypXkqs Jjf/FmqrSuSZrPwU+WOYaps6AvZ+pDMnJIBuWDw1BaI5hrx3KA8eyGSlzedTM7DG r+myZHjIt4EOuSK6rOyZnmTLJM7/gWOm4CpPPbyDNd10nJm5oDWuZnqMlBcC4X/8 99ks/lXKbxtwTVL4AHDb0+rKJ2N9Try5togURREkAC5cI/97+zKzQ9Qobu4iC8MN Yo9dwDDP77vxANrGAUbEJSAWBR+tkLJw1jIJhIXeb/Hhayw4J02qo6RzO9bMotcx RhsNAr3ZN/REBBzinUR13o605W7I3ktRZlc1K8aVQqj4doRLCUAw0TJXs2/4pkKI hdueKoFsS66nbgoThU6VmAkyPfYubvJuDEaZ5wzS1CZOHZSr2Hy5//YfY9UhRcBu RN8FF9CraIvShvn0urgd =wnAu -----END PGP SIGNATURE-----
VAR-201707-1167 CVE-2017-7067 Apple OS X Vulnerability in the kernel component that bypasses memory read restrictions CVSS V2: 4.3
CVSS V3: 5.5
Severity: MEDIUM
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Apple OS X Vulnerabilities exist in the kernel component that prevent memory read restrictions.An attacker could bypass the memory read limit through a crafted application. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers
VAR-201707-1161 CVE-2017-7059 plural Apple Used in products WebKit Vulnerable to cross-site scripting CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. Apple iOS , Safari and tvOS Used in etc. WebKit Is DOMParser A cross-site scripting vulnerability exists during processing by.A cross-site scripting attack may be performed. Apple iOS/TvOS/Safari are prone to multiple security vulnerabilities. Attackers can exploit these issues to gain sensitive information or bypass security mechanisms. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML. The following products and versions are affected: Apple iOS prior to 10.3.3; Safari prior to 10.1.2; tvOS prior to 10.2.2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGu+8QAJFXygjh/tXHHRgutWMJ8oVt HGnjco28J9CE15LWYGc40imbEd+QQyAa3zOLwLqIgJ3HUJ2GCrazFiffNa3VQ0BL wraZmXFO9JuC4w25sniApMqxjiGj8SWWelgZTkWJHIfKQi5D1EvB/6FLILIUVdUM v0qH1CtDzsMnO09hoAMDlW8AU5DdWqClb7mV6xENvHbpSvlvD8Z/eNmUxjcY2ANz s2vcplw9i/Ub3Hyx+U1BznPZrGr0X1H5XmIQZ7SL4OYPi6lF0ykzqjcVkIO05r7u y+a+2wVA+4f51n9zLXbg/vCmwiXTOdyQ4MoAaeZcv09e+fxgmjbKvjDt4275ufV5 67icnaMdQLlcXdQOnEsg/92NdcoXBDyVRwJiXyGldRWZhtmJRmEebiQtUshlN72q RtNjxYvXvMIBGxWKZDWP3+4DvGYF9n9TsJUboIS7WuG5GwmjiCj/j/HsNVvTIVhr TWUxuJeZFYUdPzq0yP7JmDZT4rWO4ckHZNW4UIKqhUKGNm6abTajQCifextqVWNx fIKL6H0LzmwmR5jXkFHAY2Ki/qePNNS7MYoVMGCdTnA2492MGhPvnaVsHOOPUK88 DNNonfAHH7WRJTW6JVl/Y3fxGo0vYZdI7lgnXKEbYrMrebtx65Qgfa2iHqey3q7N vbPy12ncIWblI58V+3Re =6kNI -----END PGP SIGNATURE-----
VAR-201707-1162 CVE-2017-7060 Apple iOS and Safari Denial of service in Japan (DoS) Vulnerability CVSS V2: 4.3
CVSS V3: 6.5
Severity: MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "Safari Printing" component. It allows remote attackers to cause a denial of service (excessive print dialogs) via a crafted web site. Apple iOS and Safari are prone to multiple security vulnerabilities. An attacker can exploit these issues to cause denial of service condition, perform unauthorized actions. Apple iOS is an operating system developed for mobile devices; Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGu+8QAJFXygjh/tXHHRgutWMJ8oVt HGnjco28J9CE15LWYGc40imbEd+QQyAa3zOLwLqIgJ3HUJ2GCrazFiffNa3VQ0BL wraZmXFO9JuC4w25sniApMqxjiGj8SWWelgZTkWJHIfKQi5D1EvB/6FLILIUVdUM v0qH1CtDzsMnO09hoAMDlW8AU5DdWqClb7mV6xENvHbpSvlvD8Z/eNmUxjcY2ANz s2vcplw9i/Ub3Hyx+U1BznPZrGr0X1H5XmIQZ7SL4OYPi6lF0ykzqjcVkIO05r7u y+a+2wVA+4f51n9zLXbg/vCmwiXTOdyQ4MoAaeZcv09e+fxgmjbKvjDt4275ufV5 67icnaMdQLlcXdQOnEsg/92NdcoXBDyVRwJiXyGldRWZhtmJRmEebiQtUshlN72q RtNjxYvXvMIBGxWKZDWP3+4DvGYF9n9TsJUboIS7WuG5GwmjiCj/j/HsNVvTIVhr TWUxuJeZFYUdPzq0yP7JmDZT4rWO4ckHZNW4UIKqhUKGNm6abTajQCifextqVWNx fIKL6H0LzmwmR5jXkFHAY2Ki/qePNNS7MYoVMGCdTnA2492MGhPvnaVsHOOPUK88 DNNonfAHH7WRJTW6JVl/Y3fxGo0vYZdI7lgnXKEbYrMrebtx65Qgfa2iHqey3q7N vbPy12ncIWblI58V+3Re =6kNI -----END PGP SIGNATURE-----
VAR-201707-1157 CVE-2017-7054 Apple macOS of Bluetooth Component vulnerable to arbitrary code execution in privileged context CVSS V2: 7.9
CVSS V3: 8.0
Severity: HIGH
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. A memory corruption vulnerability exists in the Bluetooth component of Apple macOS Sierra prior to 10.12.6
VAR-201707-1153 CVE-2017-7050 Apple macOS of Bluetooth Component vulnerable to arbitrary code execution in privileged context CVSS V2: 7.9
CVSS V3: 8.0
Severity: HIGH
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. A memory corruption vulnerability exists in the Bluetooth component of Apple macOS Sierra prior to 10.12.6
VAR-201707-1154 CVE-2017-7051 Apple macOS of Bluetooth Component vulnerable to arbitrary code execution in privileged context CVSS V2: 7.9
CVSS V3: 8.0
Severity: HIGH
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. A memory corruption vulnerability exists in the Bluetooth component of Apple macOS Sierra prior to 10.12.6
VAR-201707-1163 CVE-2017-7061 plural Apple Used in products WebKit Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-6 iTunes 12.6.2 iTunes 12.6.2 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: An application may be able to execute arbitrary code with system privileges Description: An access issue was addressed with additional restrictions. CVE-2017-7053: an anonymous researcher working with Trend Micro's Zero Day Initiative libxml2 Available for: Windows 7 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. =========================================================================== Ubuntu Security Notice USN-3376-1 August 02, 2017 webkit2gtk vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.17.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.17.04.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3376-1 CVE-2017-2538, CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7052, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.17.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.16.04.1 --mEItETklS4NmgqhBw701JL9Mli0Gg3IPs-- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGu+8QAJFXygjh/tXHHRgutWMJ8oVt HGnjco28J9CE15LWYGc40imbEd+QQyAa3zOLwLqIgJ3HUJ2GCrazFiffNa3VQ0BL wraZmXFO9JuC4w25sniApMqxjiGj8SWWelgZTkWJHIfKQi5D1EvB/6FLILIUVdUM v0qH1CtDzsMnO09hoAMDlW8AU5DdWqClb7mV6xENvHbpSvlvD8Z/eNmUxjcY2ANz s2vcplw9i/Ub3Hyx+U1BznPZrGr0X1H5XmIQZ7SL4OYPi6lF0ykzqjcVkIO05r7u y+a+2wVA+4f51n9zLXbg/vCmwiXTOdyQ4MoAaeZcv09e+fxgmjbKvjDt4275ufV5 67icnaMdQLlcXdQOnEsg/92NdcoXBDyVRwJiXyGldRWZhtmJRmEebiQtUshlN72q RtNjxYvXvMIBGxWKZDWP3+4DvGYF9n9TsJUboIS7WuG5GwmjiCj/j/HsNVvTIVhr TWUxuJeZFYUdPzq0yP7JmDZT4rWO4ckHZNW4UIKqhUKGNm6abTajQCifextqVWNx fIKL6H0LzmwmR5jXkFHAY2Ki/qePNNS7MYoVMGCdTnA2492MGhPvnaVsHOOPUK88 DNNonfAHH7WRJTW6JVl/Y3fxGo0vYZdI7lgnXKEbYrMrebtx65Qgfa2iHqey3q7N vbPy12ncIWblI58V+3Re =6kNI -----END PGP SIGNATURE-----
VAR-201707-1148 CVE-2017-7045 Apple macOS of Intel Graphics Driver Vulnerability that bypasses memory read restrictions in components CVSS V2: 4.3
CVSS V3: 5.5
Severity: MEDIUM
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Apple macOS of Intel Graphics Driver A component contains a vulnerability that bypasses memory read restrictions.An attacker could bypass the memory read limit through a crafted application. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-2 macOS 10.12.6 macOS 10.12.6 is now available and addresses the following: afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7016: riusksk (ae3aY=) of Tencent Security Platform Department afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7033: riusksk (ae3aY=) of Tencent Security Platform Department AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7021: sss and Axis of Qihoo 360 Nirvan Team Audio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7015: riusksk (ae3aY=) of Tencent Security Platform Department Bluetooth Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc. CVE-2017-7051: Alex Plaskett of MWR InfoSecurity Bluetooth Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7054: Lufeng Li of Qihoo 360 Vulcan Team, Alex Plaskett of MWR InfoSecurity Contacts Available for: macOS Sierra 10.12.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team curl Available for: macOS Sierra 10.12.5 Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to version 7.54.0. CVE-2016-9586 CVE-2016-9594 CVE-2017-2629 CVE-2017-7468 Foundation Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7014: Axis and sss of Qihoo 360 Nirvan Team, Lee of Minionz CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team Intel Graphics Driver Available for: macOS Sierra 10.12.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team IOUSBFamily Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7023: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7025: an anonymous researcher CVE-2017-7027: an anonymous researcher CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7026: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team kext tools Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team libarchive Available for: macOS Sierra 10.12.5 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz libxpc Available for: macOS Sierra 10.12.5 and OS X El Capitan v10.11.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7047: Ian Beer of Google Project Zero Wi-Fi Available for: macOS Sierra 10.12.5 Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Additional recognition curl We would like to acknowledge Dave Murdock of Tangerine Element for their assistance. Installation note: macOS 10.12.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGe3QP/2EYqCofq3zbIdr8qyzqkFea S7TLjRwnRulKBO4/Cj4Qfkc5wp8g4gd6qs0SjpfHIMw5XWwwGSxtljQ+zPhd8Zie AtwDPcjNpNKzcdgs1guEUwkv9gLgDbS6xbCUEnld00lURTAWxtMEP3Ue5chaJMn7 GpYQx8ZDZ15D8cjbtvIYHjmhTEutiqWB0EAcEvuM3ov54oC7qlu7vpXzevcLw9j6 YwZZJz2MSIlhpQh466qBr1Eay+EdTF69D0F18Jlpx9M+QejpHBLy08vk3UypXkqs Jjf/FmqrSuSZrPwU+WOYaps6AvZ+pDMnJIBuWDw1BaI5hrx3KA8eyGSlzedTM7DG r+myZHjIt4EOuSK6rOyZnmTLJM7/gWOm4CpPPbyDNd10nJm5oDWuZnqMlBcC4X/8 99ks/lXKbxtwTVL4AHDb0+rKJ2N9Try5togURREkAC5cI/97+zKzQ9Qobu4iC8MN Yo9dwDDP77vxANrGAUbEJSAWBR+tkLJw1jIJhIXeb/Hhayw4J02qo6RzO9bMotcx RhsNAr3ZN/REBBzinUR13o605W7I3ktRZlc1K8aVQqj4doRLCUAw0TJXs2/4pkKI hdueKoFsS66nbgoThU6VmAkyPfYubvJuDEaZ5wzS1CZOHZSr2Hy5//YfY9UhRcBu RN8FF9CraIvShvn0urgd =wnAu -----END PGP SIGNATURE-----
VAR-201707-1159 CVE-2017-7056 plural Apple Used in products WebKit Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-6 iTunes 12.6.2 iTunes 12.6.2 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: An application may be able to execute arbitrary code with system privileges Description: An access issue was addressed with additional restrictions. CVE-2017-7053: an anonymous researcher working with Trend Micro's Zero Day Initiative libxml2 Available for: Windows 7 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. =========================================================================== Ubuntu Security Notice USN-3376-1 August 02, 2017 webkit2gtk vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.17.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.17.04.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3376-1 CVE-2017-2538, CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7052, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.17.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.16.04.1 --mEItETklS4NmgqhBw701JL9Mli0Gg3IPs-- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGu+8QAJFXygjh/tXHHRgutWMJ8oVt HGnjco28J9CE15LWYGc40imbEd+QQyAa3zOLwLqIgJ3HUJ2GCrazFiffNa3VQ0BL wraZmXFO9JuC4w25sniApMqxjiGj8SWWelgZTkWJHIfKQi5D1EvB/6FLILIUVdUM v0qH1CtDzsMnO09hoAMDlW8AU5DdWqClb7mV6xENvHbpSvlvD8Z/eNmUxjcY2ANz s2vcplw9i/Ub3Hyx+U1BznPZrGr0X1H5XmIQZ7SL4OYPi6lF0ykzqjcVkIO05r7u y+a+2wVA+4f51n9zLXbg/vCmwiXTOdyQ4MoAaeZcv09e+fxgmjbKvjDt4275ufV5 67icnaMdQLlcXdQOnEsg/92NdcoXBDyVRwJiXyGldRWZhtmJRmEebiQtUshlN72q RtNjxYvXvMIBGxWKZDWP3+4DvGYF9n9TsJUboIS7WuG5GwmjiCj/j/HsNVvTIVhr TWUxuJeZFYUdPzq0yP7JmDZT4rWO4ckHZNW4UIKqhUKGNm6abTajQCifextqVWNx fIKL6H0LzmwmR5jXkFHAY2Ki/qePNNS7MYoVMGCdTnA2492MGhPvnaVsHOOPUK88 DNNonfAHH7WRJTW6JVl/Y3fxGo0vYZdI7lgnXKEbYrMrebtx65Qgfa2iHqey3q7N vbPy12ncIWblI58V+3Re =6kNI -----END PGP SIGNATURE-----
VAR-201707-1152 CVE-2017-7049 plural Apple Used in products WebKit Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-6 iTunes 12.6.2 iTunes 12.6.2 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: An application may be able to execute arbitrary code with system privileges Description: An access issue was addressed with additional restrictions. CVE-2017-7053: an anonymous researcher working with Trend Micro's Zero Day Initiative libxml2 Available for: Windows 7 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGu+8QAJFXygjh/tXHHRgutWMJ8oVt HGnjco28J9CE15LWYGc40imbEd+QQyAa3zOLwLqIgJ3HUJ2GCrazFiffNa3VQ0BL wraZmXFO9JuC4w25sniApMqxjiGj8SWWelgZTkWJHIfKQi5D1EvB/6FLILIUVdUM v0qH1CtDzsMnO09hoAMDlW8AU5DdWqClb7mV6xENvHbpSvlvD8Z/eNmUxjcY2ANz s2vcplw9i/Ub3Hyx+U1BznPZrGr0X1H5XmIQZ7SL4OYPi6lF0ykzqjcVkIO05r7u y+a+2wVA+4f51n9zLXbg/vCmwiXTOdyQ4MoAaeZcv09e+fxgmjbKvjDt4275ufV5 67icnaMdQLlcXdQOnEsg/92NdcoXBDyVRwJiXyGldRWZhtmJRmEebiQtUshlN72q RtNjxYvXvMIBGxWKZDWP3+4DvGYF9n9TsJUboIS7WuG5GwmjiCj/j/HsNVvTIVhr TWUxuJeZFYUdPzq0yP7JmDZT4rWO4ckHZNW4UIKqhUKGNm6abTajQCifextqVWNx fIKL6H0LzmwmR5jXkFHAY2Ki/qePNNS7MYoVMGCdTnA2492MGhPvnaVsHOOPUK88 DNNonfAHH7WRJTW6JVl/Y3fxGo0vYZdI7lgnXKEbYrMrebtx65Qgfa2iHqey3q7N vbPy12ncIWblI58V+3Re =6kNI -----END PGP SIGNATURE-----
VAR-201707-1158 CVE-2017-7055 plural Apple Used in products WebKit Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A memory corruption vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple Safari prior to 10.1.2; tvOS prior to 10.2.2; iOS prior to 10.3.3; Windows-based iCloud prior to 6.2.2; Windows-based iTunes 12.6 Versions prior to .2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-6 iTunes 12.6.2 iTunes 12.6.2 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: An application may be able to execute arbitrary code with system privileges Description: An access issue was addressed with additional restrictions. CVE-2017-7053: an anonymous researcher working with Trend Micro's Zero Day Initiative libxml2 Available for: Windows 7 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. =========================================================================== Ubuntu Security Notice USN-3376-1 August 02, 2017 webkit2gtk vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.17.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.17.04.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3376-1 CVE-2017-2538, CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7052, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.17.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.16.04.1 --mEItETklS4NmgqhBw701JL9Mli0Gg3IPs-- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGu+8QAJFXygjh/tXHHRgutWMJ8oVt HGnjco28J9CE15LWYGc40imbEd+QQyAa3zOLwLqIgJ3HUJ2GCrazFiffNa3VQ0BL wraZmXFO9JuC4w25sniApMqxjiGj8SWWelgZTkWJHIfKQi5D1EvB/6FLILIUVdUM v0qH1CtDzsMnO09hoAMDlW8AU5DdWqClb7mV6xENvHbpSvlvD8Z/eNmUxjcY2ANz s2vcplw9i/Ub3Hyx+U1BznPZrGr0X1H5XmIQZ7SL4OYPi6lF0ykzqjcVkIO05r7u y+a+2wVA+4f51n9zLXbg/vCmwiXTOdyQ4MoAaeZcv09e+fxgmjbKvjDt4275ufV5 67icnaMdQLlcXdQOnEsg/92NdcoXBDyVRwJiXyGldRWZhtmJRmEebiQtUshlN72q RtNjxYvXvMIBGxWKZDWP3+4DvGYF9n9TsJUboIS7WuG5GwmjiCj/j/HsNVvTIVhr TWUxuJeZFYUdPzq0yP7JmDZT4rWO4ckHZNW4UIKqhUKGNm6abTajQCifextqVWNx fIKL6H0LzmwmR5jXkFHAY2Ki/qePNNS7MYoVMGCdTnA2492MGhPvnaVsHOOPUK88 DNNonfAHH7WRJTW6JVl/Y3fxGo0vYZdI7lgnXKEbYrMrebtx65Qgfa2iHqey3q7N vbPy12ncIWblI58V+3Re =6kNI -----END PGP SIGNATURE-----
VAR-201707-1147 CVE-2017-7044 Apple macOS of Intel Graphics Driver Component vulnerable to arbitrary code execution in privileged context CVSS V2: 9.3
CVSS V3: 7.8
Severity: HIGH
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-2 macOS 10.12.6 macOS 10.12.6 is now available and addresses the following: afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7016: riusksk (ae3aY=) of Tencent Security Platform Department afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7033: riusksk (ae3aY=) of Tencent Security Platform Department AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7021: sss and Axis of Qihoo 360 Nirvan Team Audio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc. CVE-2017-7054: Lufeng Li of Qihoo 360 Vulcan Team, Alex Plaskett of MWR InfoSecurity Contacts Available for: macOS Sierra 10.12.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team curl Available for: macOS Sierra 10.12.5 Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to version 7.54.0. CVE-2016-9586 CVE-2016-9594 CVE-2017-2629 CVE-2017-7468 Foundation Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7014: Axis and sss of Qihoo 360 Nirvan Team, Lee of Minionz CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team Intel Graphics Driver Available for: macOS Sierra 10.12.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team IOUSBFamily Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7026: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team kext tools Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team libarchive Available for: macOS Sierra 10.12.5 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7047: Ian Beer of Google Project Zero Wi-Fi Available for: macOS Sierra 10.12.5 Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Additional recognition curl We would like to acknowledge Dave Murdock of Tangerine Element for their assistance. Installation note: macOS 10.12.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGe3QP/2EYqCofq3zbIdr8qyzqkFea S7TLjRwnRulKBO4/Cj4Qfkc5wp8g4gd6qs0SjpfHIMw5XWwwGSxtljQ+zPhd8Zie AtwDPcjNpNKzcdgs1guEUwkv9gLgDbS6xbCUEnld00lURTAWxtMEP3Ue5chaJMn7 GpYQx8ZDZ15D8cjbtvIYHjmhTEutiqWB0EAcEvuM3ov54oC7qlu7vpXzevcLw9j6 YwZZJz2MSIlhpQh466qBr1Eay+EdTF69D0F18Jlpx9M+QejpHBLy08vk3UypXkqs Jjf/FmqrSuSZrPwU+WOYaps6AvZ+pDMnJIBuWDw1BaI5hrx3KA8eyGSlzedTM7DG r+myZHjIt4EOuSK6rOyZnmTLJM7/gWOm4CpPPbyDNd10nJm5oDWuZnqMlBcC4X/8 99ks/lXKbxtwTVL4AHDb0+rKJ2N9Try5togURREkAC5cI/97+zKzQ9Qobu4iC8MN Yo9dwDDP77vxANrGAUbEJSAWBR+tkLJw1jIJhIXeb/Hhayw4J02qo6RzO9bMotcx RhsNAr3ZN/REBBzinUR13o605W7I3ktRZlc1K8aVQqj4doRLCUAw0TJXs2/4pkKI hdueKoFsS66nbgoThU6VmAkyPfYubvJuDEaZ5wzS1CZOHZSr2Hy5//YfY9UhRcBu RN8FF9CraIvShvn0urgd =wnAu -----END PGP SIGNATURE-----
VAR-201707-1177 CVE-2017-7019 plural Apple Used in products WebKit Arbitrary code execution vulnerability in page loading component CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit Page Loading" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple Safari, a web browser, is the default browser included with the Mac OS X and iOS operating systems; tvOS is an operating system for smart TVs; and iOS is an operating system developed for mobile devices. The following products and versions are affected: Apple Safari prior to 10.1.2; tvOS prior to 10.2.2; iOS prior to 10.3.3; Windows-based iCloud prior to 6.2.2; Windows-based iTunes 12.6 Versions prior to .2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-1 iOS 10.3.3 iOS 10.3.3 is now available and addresses the following: Contacts Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team EventKitUI Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may cause an unexpected application termination Description: A resource exhaustion issue was addressed through improved input validation. CVE-2017-7007: JosA(c) Antonio Esteban (@Erratum_) of Sapsi Consultores IOUSBFamily Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher CVE-2017-7026: an anonymous researcher Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7023: an anonymous researcher CVE-2017-7025: an anonymous researcher CVE-2017-7027: an anonymous researcher CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher libarchive Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz libxpc Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7047: Ian Beer of Google Project Zero Messages Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may cause an unexpected application termination Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-7063: Shashank (@cyberboyIndia) Notifications Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Notifications may appear on the lock screen when disabled Description: A lock screen issue was addressed with improved state management. CVE-2017-7058: Beyza SevinASS of SA1/4leyman Demirel Aniversitesi Safari Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-2517: xisigr of Tencent's Xuanwu Lab (tencent.com) Safari Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana Telephony Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-8248 WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security, Neil Jenkins of FastMail Pty Ltd CVE-2017-7059: an anonymous researcher WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Wi-Fi Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10.3.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGpo4QAJ2hfs2yF+Iia3g7giHDBfd2 j8FJ8HvENOOaKGn1RkF6AR7l5QJI25LvnO0pjQh7pzUUCDLXg3e/eb0DNiVtVg5J shJOVSRGR7tq3V+OUZ1QNwsG6YRjxE+vseThHalVy1loox072N6qilEHvGY4RWIr yFPLCvSDKERldls2cVsaOiNo9VTPCj1tJyLHbqShFDzuR4jYgIgnS6kb8nvgbjIo Cnl+VwDClj7aMBG2Hq4QkEq6zUW261fU8DN4VM/qtISV2H4VkrOxrTwDQCKihQ+l qa+ylvg+PTQ2dvjgBxxm+znmiB6gpa2kPJcU9VgujjEUAoaZgE2Hopay65JPw9G0 nrtBvyMPtv+StxgD/UCm2J5PiIZfMrzHxt+GlauUwrGXdRJYJ6FsJla55wVygxd4 WsrUj03qS/jc6B2wkF1smOsHPgUUVlK05PvuK6bTmDwRPH9/ybIIIlUFx5mXj4jS wSiVHe0DRaJkWxcLx6p2HJaY2OnUJAFGfOfLBcTkxCoPkt/Wdain8k2eAtrIGCs1 AFCOqXxOo30aaUD9qUkX42fr6bE1N8gfMN36f8VGyv5e4gz5snljQ8arAD1+eFyh vE+N3JdR/rfM4KnCTAmOQcyEIZXB48rEwWOVnHVqYf6qyyw2W5+pseKEkU5+4R/a GcaYRxNitIzBC6tAXWPF =LiU+ -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple Vulnerabilities Date: October 13, 2017 Bugs: #626142 ID: 201710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebkitGTK+, the worst of which may allow remote attackers to execute arbitrary code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, offers Webkitas full functionality and is used on a wide range of systems. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.16.6:4 >= 2.16.6:4 Description =========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the references below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.6" Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages. References ========== [ 1 ] CVE-2017-7006 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7006 [ 2 ] CVE-2017-7011 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7011 [ 3 ] CVE-2017-7012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7012 [ 4 ] CVE-2017-7018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7018 [ 5 ] CVE-2017-7019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7019 [ 6 ] CVE-2017-7020 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7020 [ 7 ] CVE-2017-7030 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7030 [ 8 ] CVE-2017-7034 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7034 [ 9 ] CVE-2017-7037 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7037 [ 10 ] CVE-2017-7038 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7038 [ 11 ] CVE-2017-7039 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7039 [ 12 ] CVE-2017-7040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7040 [ 13 ] CVE-2017-7041 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7041 [ 14 ] CVE-2017-7042 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7042 [ 15 ] CVE-2017-7043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7043 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201710-14 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store
VAR-201707-1176 CVE-2017-7018 plural Apple Used in products WebKit Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A memory corruption vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple Safari prior to 10.1.2; tvOS prior to 10.2.2; iOS prior to 10.3.3; Windows-based iCloud prior to 6.2.2; Windows-based iTunes 12.6 Versions prior to .2. =========================================================================== Ubuntu Security Notice USN-3376-1 August 02, 2017 webkit2gtk vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.17.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.17.04.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-1 iOS 10.3.3 iOS 10.3.3 is now available and addresses the following: Contacts Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team EventKitUI Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may cause an unexpected application termination Description: A resource exhaustion issue was addressed through improved input validation. CVE-2017-7007: JosA(c) Antonio Esteban (@Erratum_) of Sapsi Consultores IOUSBFamily Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher CVE-2017-7026: an anonymous researcher Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7023: an anonymous researcher CVE-2017-7025: an anonymous researcher CVE-2017-7027: an anonymous researcher CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher libarchive Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz libxpc Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7047: Ian Beer of Google Project Zero Messages Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may cause an unexpected application termination Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-7063: Shashank (@cyberboyIndia) Notifications Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Notifications may appear on the lock screen when disabled Description: A lock screen issue was addressed with improved state management. CVE-2017-7058: Beyza SevinASS of SA1/4leyman Demirel Aniversitesi Safari Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-2517: xisigr of Tencent's Xuanwu Lab (tencent.com) Safari Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana Telephony Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-8248 WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security, Neil Jenkins of FastMail Pty Ltd CVE-2017-7059: an anonymous researcher WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Wi-Fi Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10.3.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGpo4QAJ2hfs2yF+Iia3g7giHDBfd2 j8FJ8HvENOOaKGn1RkF6AR7l5QJI25LvnO0pjQh7pzUUCDLXg3e/eb0DNiVtVg5J shJOVSRGR7tq3V+OUZ1QNwsG6YRjxE+vseThHalVy1loox072N6qilEHvGY4RWIr yFPLCvSDKERldls2cVsaOiNo9VTPCj1tJyLHbqShFDzuR4jYgIgnS6kb8nvgbjIo Cnl+VwDClj7aMBG2Hq4QkEq6zUW261fU8DN4VM/qtISV2H4VkrOxrTwDQCKihQ+l qa+ylvg+PTQ2dvjgBxxm+znmiB6gpa2kPJcU9VgujjEUAoaZgE2Hopay65JPw9G0 nrtBvyMPtv+StxgD/UCm2J5PiIZfMrzHxt+GlauUwrGXdRJYJ6FsJla55wVygxd4 WsrUj03qS/jc6B2wkF1smOsHPgUUVlK05PvuK6bTmDwRPH9/ybIIIlUFx5mXj4jS wSiVHe0DRaJkWxcLx6p2HJaY2OnUJAFGfOfLBcTkxCoPkt/Wdain8k2eAtrIGCs1 AFCOqXxOo30aaUD9qUkX42fr6bE1N8gfMN36f8VGyv5e4gz5snljQ8arAD1+eFyh vE+N3JdR/rfM4KnCTAmOQcyEIZXB48rEwWOVnHVqYf6qyyw2W5+pseKEkU5+4R/a GcaYRxNitIzBC6tAXWPF =LiU+ -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple Vulnerabilities Date: October 13, 2017 Bugs: #626142 ID: 201710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebkitGTK+, the worst of which may allow remote attackers to execute arbitrary code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, offers Webkitas full functionality and is used on a wide range of systems. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.16.6:4 >= 2.16.6:4 Description =========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the references below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.6" Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages. References ========== [ 1 ] CVE-2017-7006 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7006 [ 2 ] CVE-2017-7011 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7011 [ 3 ] CVE-2017-7012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7012 [ 4 ] CVE-2017-7018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7018 [ 5 ] CVE-2017-7019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7019 [ 6 ] CVE-2017-7020 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7020 [ 7 ] CVE-2017-7030 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7030 [ 8 ] CVE-2017-7034 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7034 [ 9 ] CVE-2017-7037 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7037 [ 10 ] CVE-2017-7038 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7038 [ 11 ] CVE-2017-7039 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7039 [ 12 ] CVE-2017-7040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7040 [ 13 ] CVE-2017-7041 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7041 [ 14 ] CVE-2017-7042 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7042 [ 15 ] CVE-2017-7043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7043 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201710-14 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store
VAR-201707-1151 CVE-2017-7048 plural Apple Used in products WebKit Vulnerable to arbitrary code execution CVSS V2: 6.8
CVSS V3: 8.8
Severity: HIGH
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. =========================================================================== Ubuntu Security Notice USN-3376-1 August 02, 2017 webkit2gtk vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.17.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.17.04.1 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3376-1 CVE-2017-2538, CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7052, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.17.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.6-0ubuntu0.16.04.1 --mEItETklS4NmgqhBw701JL9Mli0Gg3IPs-- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-4 tvOS 10.2.2 tvOS 10.2.2 is now available and addresses the following: Contacts Available for: Apple TV (4th generation) Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team IOUSBFamily Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher CVE-2017-7026: an anonymous researcher Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7023: an anonymous researcher CVE-2017-7025: an anonymous researcher CVE-2017-7027: an anonymous researcher CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team Kernel Available for: Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher libarchive Available for: Apple TV (4th generation) Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: Apple TV (4th generation) Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz libxpc Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7047: Ian Beer of Google Project Zero WebKit Available for: Apple TV (4th generation) Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security CVE-2017-7059: an anonymous researcher WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department Wi-Fi Available for: Apple TV (4th generation) Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRG94QP/Avj0tRTG+Ld6urUIeOKNNLt 98QOLh6sjPwu3wWKG3D/gIZFvR1jxEkPbwm7XRieaWpLlBQPSBTf5yvTcAcCot9z dANfWoigyII12dX5QXTh0wbTcf1mpcVgLWwEwljnSlEDxvRVUtSV08La/wJSbNqb H0B88xo6cBfm1icR/JYVB1P75oNAS0YNWmV2klJ0eJEnlU1zhWSOEc5Zb5PKjpud 65BGwEZF7fowT1vnbGA58ZSmo/vYWt2VpG1w5aicQP97C3YvgkXo9m2ia7UXMj9h +/qlRGjl8hH0ltQTGvJBEdiyPl7hbbvldL8+LFVpigD+YPT8xD3rTaqe9FuxGcrA 3UVgKbwvtfgJ/F87X1zBV8c/YmGuRXaAsbu+7Pkeb3Cn+cBJ1G0wt12MFbxm+8ZU tylpn/nqAcB6PhmEmIcSj6OkTJTi8daiep/4/Dq1S/cWfXKzXFnjyM8lpqTM0Osl 7uPgnQ0TuNF03pp+Ix6+B42MCVbUssxF60sWCujUkwbdp9I99KxR5TvrLtXUN5xX eQMZSlVRE6FoozNv8SdZwpMYhaWArloMfUrW5xQN8UCOlbtG83sBng1J2P9xTL6q OROFoSN8g33RcIrMdmH21P+R+J85DEj/1xWH/UHvAZZcj21IzKDbk4oagc5GB+Kv 2abirE4zVCVena/2l/KV =M8lR -----END PGP SIGNATURE-----
VAR-201707-1144 CVE-2017-7011 Apple iOS and Safari Used in etc. WebKit Vulnerable to address bar spoofing CVSS V2: 4.3
CVSS V3: 6.5
Severity: MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site that uses FRAME elements. Apple iOS and Safari Used in etc. An attacker can exploit these issues to cause denial of service condition, perform unauthorized actions. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-1 iOS 10.3.3 iOS 10.3.3 is now available and addresses the following: Contacts Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team EventKitUI Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may cause an unexpected application termination Description: A resource exhaustion issue was addressed through improved input validation. CVE-2017-7007: JosA(c) Antonio Esteban (@Erratum_) of Sapsi Consultores IOUSBFamily Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher CVE-2017-7026: an anonymous researcher Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7023: an anonymous researcher CVE-2017-7025: an anonymous researcher CVE-2017-7027: an anonymous researcher CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher libarchive Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz libxpc Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7047: Ian Beer of Google Project Zero Messages Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may cause an unexpected application termination Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-7063: Shashank (@cyberboyIndia) Notifications Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Notifications may appear on the lock screen when disabled Description: A lock screen issue was addressed with improved state management. CVE-2017-7058: Beyza SevinASS of SA1/4leyman Demirel Aniversitesi Safari Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-2517: xisigr of Tencent's Xuanwu Lab (tencent.com) Safari Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs. CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana Telephony Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-8248 WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered. CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous researcher WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: A state management issue was addressed with improved frame handling. CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management. CVE-2017-7038: Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security, Neil Jenkins of FastMail Pty Ltd CVE-2017-7059: an anonymous researcher WebKit Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Wi-Fi Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "10.3.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGpo4QAJ2hfs2yF+Iia3g7giHDBfd2 j8FJ8HvENOOaKGn1RkF6AR7l5QJI25LvnO0pjQh7pzUUCDLXg3e/eb0DNiVtVg5J shJOVSRGR7tq3V+OUZ1QNwsG6YRjxE+vseThHalVy1loox072N6qilEHvGY4RWIr yFPLCvSDKERldls2cVsaOiNo9VTPCj1tJyLHbqShFDzuR4jYgIgnS6kb8nvgbjIo Cnl+VwDClj7aMBG2Hq4QkEq6zUW261fU8DN4VM/qtISV2H4VkrOxrTwDQCKihQ+l qa+ylvg+PTQ2dvjgBxxm+znmiB6gpa2kPJcU9VgujjEUAoaZgE2Hopay65JPw9G0 nrtBvyMPtv+StxgD/UCm2J5PiIZfMrzHxt+GlauUwrGXdRJYJ6FsJla55wVygxd4 WsrUj03qS/jc6B2wkF1smOsHPgUUVlK05PvuK6bTmDwRPH9/ybIIIlUFx5mXj4jS wSiVHe0DRaJkWxcLx6p2HJaY2OnUJAFGfOfLBcTkxCoPkt/Wdain8k2eAtrIGCs1 AFCOqXxOo30aaUD9qUkX42fr6bE1N8gfMN36f8VGyv5e4gz5snljQ8arAD1+eFyh vE+N3JdR/rfM4KnCTAmOQcyEIZXB48rEwWOVnHVqYf6qyyw2W5+pseKEkU5+4R/a GcaYRxNitIzBC6tAXWPF =LiU+ -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebKitGTK+: Multiple Vulnerabilities Date: October 13, 2017 Bugs: #626142 ID: 201710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebkitGTK+, the worst of which may allow remote attackers to execute arbitrary code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, offers Webkitas full functionality and is used on a wide range of systems. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.16.6:4 >= 2.16.6:4 Description =========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the references below for details. Impact ====== A remote attacker could execute arbitrary code, cause a Denial of Service condition, bypass intended memory-read restrictions, conduct a timing side-channel attack to bypass the Same Origin Policy, obtain sensitive information, or spoof the address bar. Workaround ========== There is no known workaround at this time. Resolution ========== All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.6" Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages. References ========== [ 1 ] CVE-2017-7006 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7006 [ 2 ] CVE-2017-7011 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7011 [ 3 ] CVE-2017-7012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7012 [ 4 ] CVE-2017-7018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7018 [ 5 ] CVE-2017-7019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7019 [ 6 ] CVE-2017-7020 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7020 [ 7 ] CVE-2017-7030 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7030 [ 8 ] CVE-2017-7034 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7034 [ 9 ] CVE-2017-7037 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7037 [ 10 ] CVE-2017-7038 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7038 [ 11 ] CVE-2017-7039 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7039 [ 12 ] CVE-2017-7040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7040 [ 13 ] CVE-2017-7041 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7041 [ 14 ] CVE-2017-7042 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7042 [ 15 ] CVE-2017-7043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7043 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201710-14 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . CVE-2017-7012: Apple Installation note: Safari 10.1.2 may be obtained from the Mac App Store