VARIoT IoT vulnerabilities database
| VAR-201704-0829 | CVE-2017-2455 | plural Apple Used in products WebKit Vulnerable to arbitrary code execution |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities.
Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2.
===========================================================================
Ubuntu Security Notice USN-3257-1
April 10, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.10:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.10.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3257-1
CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367,
CVE-2017-2376, CVE-2017-2377, CVE-2017-2386, CVE-2017-2392,
CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405,
CVE-2017-2415, CVE-2017-2419, CVE-2017-2433, CVE-2017-2442,
CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454,
CVE-2017-2455, CVE-2017-2457, CVE-2017-2459, CVE-2017-2460,
CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468,
CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475,
CVE-2017-2476, CVE-2017-2481
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.04.1
.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: June 07, 2017
Bugs: #543650, #573656, #577068, #608958, #614876, #619788
ID: 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which allows remote attackers to execute arbitrary code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4"
References
==========
[ 1 ] CVE-2015-2330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330
[ 2 ] CVE-2015-7096
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096
[ 3 ] CVE-2015-7098
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098
[ 4 ] CVE-2016-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723
[ 5 ] CVE-2016-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724
[ 6 ] CVE-2016-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725
[ 7 ] CVE-2016-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726
[ 8 ] CVE-2016-1727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727
[ 9 ] CVE-2016-1728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728
[ 10 ] CVE-2016-4692
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692
[ 11 ] CVE-2016-4743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743
[ 12 ] CVE-2016-7586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586
[ 13 ] CVE-2016-7587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587
[ 14 ] CVE-2016-7589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589
[ 15 ] CVE-2016-7592
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592
[ 16 ] CVE-2016-7598
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598
[ 17 ] CVE-2016-7599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599
[ 18 ] CVE-2016-7610
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610
[ 19 ] CVE-2016-7611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611
[ 20 ] CVE-2016-7623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623
[ 21 ] CVE-2016-7632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632
[ 22 ] CVE-2016-7635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635
[ 23 ] CVE-2016-7639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639
[ 24 ] CVE-2016-7640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640
[ 25 ] CVE-2016-7641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641
[ 26 ] CVE-2016-7642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642
[ 27 ] CVE-2016-7645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645
[ 28 ] CVE-2016-7646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646
[ 29 ] CVE-2016-7648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648
[ 30 ] CVE-2016-7649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649
[ 31 ] CVE-2016-7652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652
[ 32 ] CVE-2016-7654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654
[ 33 ] CVE-2016-7656
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656
[ 34 ] CVE-2016-9642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642
[ 35 ] CVE-2016-9643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643
[ 36 ] CVE-2017-2350
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350
[ 37 ] CVE-2017-2354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354
[ 38 ] CVE-2017-2355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355
[ 39 ] CVE-2017-2356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356
[ 40 ] CVE-2017-2362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362
[ 41 ] CVE-2017-2363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363
[ 42 ] CVE-2017-2364
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364
[ 43 ] CVE-2017-2365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365
[ 44 ] CVE-2017-2366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366
[ 45 ] CVE-2017-2367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367
[ 46 ] CVE-2017-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369
[ 47 ] CVE-2017-2371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371
[ 48 ] CVE-2017-2373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373
[ 49 ] CVE-2017-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376
[ 50 ] CVE-2017-2377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377
[ 51 ] CVE-2017-2386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386
[ 52 ] CVE-2017-2392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392
[ 53 ] CVE-2017-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394
[ 54 ] CVE-2017-2395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395
[ 55 ] CVE-2017-2396
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396
[ 56 ] CVE-2017-2405
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405
[ 57 ] CVE-2017-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415
[ 58 ] CVE-2017-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419
[ 59 ] CVE-2017-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433
[ 60 ] CVE-2017-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442
[ 61 ] CVE-2017-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445
[ 62 ] CVE-2017-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446
[ 63 ] CVE-2017-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447
[ 64 ] CVE-2017-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454
[ 65 ] CVE-2017-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455
[ 66 ] CVE-2017-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457
[ 67 ] CVE-2017-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459
[ 68 ] CVE-2017-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460
[ 69 ] CVE-2017-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464
[ 70 ] CVE-2017-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465
[ 71 ] CVE-2017-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466
[ 72 ] CVE-2017-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468
[ 73 ] CVE-2017-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469
[ 74 ] CVE-2017-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470
[ 75 ] CVE-2017-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471
[ 76 ] CVE-2017-2475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475
[ 77 ] CVE-2017-2476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476
[ 78 ] CVE-2017-2481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481
[ 79 ] CVE-2017-2496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496
[ 80 ] CVE-2017-2504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504
[ 81 ] CVE-2017-2505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505
[ 82 ] CVE-2017-2506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506
[ 83 ] CVE-2017-2508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508
[ 84 ] CVE-2017-2510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510
[ 85 ] CVE-2017-2514
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514
[ 86 ] CVE-2017-2515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515
[ 87 ] CVE-2017-2521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521
[ 88 ] CVE-2017-2525
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525
[ 89 ] CVE-2017-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526
[ 90 ] CVE-2017-2528
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528
[ 91 ] CVE-2017-2530
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530
[ 92 ] CVE-2017-2531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531
[ 93 ] CVE-2017-2536
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536
[ 94 ] CVE-2017-2539
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539
[ 95 ] CVE-2017-2544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544
[ 96 ] CVE-2017-2547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547
[ 97 ] CVE-2017-2549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549
[ 98 ] CVE-2017-6980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980
[ 99 ] CVE-2017-6984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-15
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-2 Safari 10.1
Safari 10.1 is now available and addresses the following:
CoreGraphics
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2017-2376: Chris Hlady of Google Inc, Muneaki Nishimura
(nishimunea) of Recruit Technologies Co., Ltd., Yuyang Zhou of
Tencent Security Platform Department (security.tencent.com), Michal
Zalewski of Google Inc, an anonymous researcher, an anonymous
researcher
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may present
authentication sheets over arbitrary web sites
Description: A spoofing issue existed in the handling of HTTP
authentication. This issue was addressed through making HTTP
authentication sheets non-modal.
CVE-2017-2389: ShenYeYinJiu of Tencent Security Response Center, TSRC
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: A spoofing issue existed in the handling of FaceTime
prompts. This issue was addressed through improved input validation.
CVE-2017-2453: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari Login AutoFill
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A local user may be able to access locked keychain items
Description: A keychain handling issue was addressed through improved
keychain item management.
CVE-2017-2385: Simon Woodside of MedStack
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Dragging and dropping a maliciously crafted link may lead to
bookmark spoofing or arbitrary code execution
Description: A validation issue existed in bookmark creation. This
issue was addressed through improved input validation.
CVE-2017-2378: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2386: André Bargull
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-9642: Gustavo Grieco
CVE-2017-2394: Apple
CVE-2017-2396: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2395: Apple
CVE-2017-2454: Ivan Fratric of Google Project Zero
CVE-2017-2455: Ivan Fratric of Google Project Zero
CVE-2017-2459: Ivan Fratric of Google Project Zero
CVE-2017-2460: Ivan Fratric of Google Project Zero
CVE-2017-2464: Natalie Silvanovich of Google Project Zero, Jeonghoon
Shin
CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab
CVE-2017-2466: Ivan Fratric of Google Project Zero
CVE-2017-2468: lokihardt of Google Project Zero
CVE-2017-2469: lokihardt of Google Project Zero
CVE-2017-2470: lokihardt of Google Project Zero
CVE-2017-2476: Ivan Fratric of Google Project Zero
CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
unexpectedly unenforced Content Security Policy
Description: An access issue existed in Content Security Policy. This
issue was addressed through improved access restrictions.
CVE-2017-2419: Nicolai Grødum of Cisco Systems
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An information disclosure issue existed in the
processing of OpenGL shaders. This issue was addressed through
improved memory management.
CVE-2017-2424: Paul Thomson (using the GLFuzz tool) of the Multicore
Programming Group, Imperial College London
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2433: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2364: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A validation issue existed in the handling of page
loading. This issue was addressed through improved logic.
CVE-2017-2367: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of frame objects.
This issue was addressed with improved state management.
CVE-2017-2445: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed in the handling of strict mode
functions. This issue was addressed with improved state management.
CVE-2017-2446: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a maliciously crafted website may compromise user
information
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2447: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame handling. This issue was
addressed through improved state management.
CVE-2017-2475: lokihardt of Google Project Zero
WebKit JavaScript Bindings
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2442: lokihardt of Google Project Zero
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Closing a window while paused in the debugger may lead to
unexpected application termination
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2377: Vicki Pfau
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2405: Apple
Installation note:
Safari 10.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo6AAoJEIOj74w0bLRGhF4QALEOLTqQHF6gZnvahvF3wasA
86D3oE4LHUVVSiRq5qLr0mT2Tm4/qQEwDrbUgA7lqR5jJ1ZxB+6cNJf8AeGYwSYs
NYx3kzhSV6y2Bw98JE3NIPbEsnYNKyYK6ExJLpwHbt1a9HdU+VY8Z4tJiEs3pCRW
ndC6znbfia9p9PkLcv+mwkCrGQetgjuTzEofPoUPy1EKvexWiKImrlhtDlNSPP2I
b1v7puQfGTH2iGecMvCIENTyNW7OOmRwN7bzs7S5m+ztGBq1Ti6auAT/59mSD5HI
CQgqfTYPvvIN6oowMiGsy5l5uIAXF7/5eP9jyf2ygewGvVY26gum/PGskhWERRHl
RwYOwCs5EEfPRj0z2m+8BcRe5YVfrB8A1mSHkPQU+UaScwYxh0kjN9fsQPT1PCSd
Ks8H+1FVgcbTH2zp4bYPgdupyerX8Dh2cC3Doaemp4qW0d+/v5mhSPHq4zIBQoJ6
C5TsVM7JyVOMHXHGpWooyPDVVtzb5/ve0UgCqJ1rTFEzOFuJN313hP5f00woguTY
4B0NV+XlVrfmk3CWy7vx0grs5vKC6Vgz8rDilLeBfmVqUlZ4Hn75W24pEHIa24sB
lPDffw4xrnGYFASDRC/Ch464/myq9TIETzTkW5zzLw4jLnIAXjpPWusiT6gKdQP8
GmR5lxoaaeZxH8hQc5ui
=p/K5
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
| VAR-201704-0825 | CVE-2017-2451 | plural Apple Vulnerability in the security component of a product that allows arbitrary code execution within a privileged context |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. Mac OS is an operating system that runs on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features.
A buffer overflow vulnerability exists in the "Security" component of many Apple products. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-5 watchOS 3.2
watchOS 3.2 is now available and addresses the following:
Audio
Available for: All Apple Watch models
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2430: an anonymous researcher working with Trend Microas
Zero Day Initiative
CVE-2017-2462: an anonymous researcher working with Trend Microas
Zero Day Initiative
Carbon
Available for: All Apple Watch models
Impact: Processing a maliciously crafted .dfont file may lead to
arbitrary code execution
Description: A buffer overflow existed in the handling of font files.
This issue was addressed through improved bounds checking.
CVE-2017-2379: John Villamil, Doyensec, riusksk (ae3aY=) of Tencent
Security Platform Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An infinite recursion was addressed through improved
state management.
CVE-2017-2417: riusksk (ae3aY=) of Tencent Security Platform
Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2435: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2450: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted text message may lead to
application denial of service
Description: A resource exhaustion issue was addressed through
improved input validation.
CVE-2017-2461: Isaac Archambault of IDAoADI, an anonymous researcher
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2406: riusksk (ae3aY=) of Tencent Security Platform
Department
CVE-2017-2487: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Parsing a maliciously crafted font file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2407: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2439: John Villamil, Doyensec
HTTPProtocol
Available for: All Apple Watch models
Impact: A malicious HTTP/2 server may be able to cause undefined
behavior
Description: Multiple issues existed in nghttp2 before 1.17.0. These
were addressed by updating LibreSSL to version 1.17.0.
CVE-2017-2428
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2416: Qidan He (a1/2ae*a,1, @flanker_hqd) of KeenLab, Tencent
ImageIO
Available for: All Apple Watch models
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2432: an anonymous researcher working with Trend Micro's
Zero Day Initiative
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2467
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to unexpected
application termination
Description: An out-of-bound read existed in LibTIFF versions before
4.0.7. This was addressed by updating LibTIFF in ImageIO to version
4.0.7.
CVE-2016-3619
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2401: Lufeng Li of Qihoo 360 Vulcan Team
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An integer overflow was addressed through improved input
validation.
CVE-2017-2440: an anonymous researcher
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with root privileges
Description: A race condition was addressed through improved memory
handling.
CVE-2017-2456: lokihardt of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2472: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2473: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An off-by-one issue was addressed through improved
bounds checking.
CVE-2017-2474: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed through improved locking.
CVE-2017-2478: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2482: Ian Beer of Google Project Zero
CVE-2017-2483: Ian Beer of Google Project Zero
Keyboards
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2458: Shashank (@cyberboyIndia)
libarchive
Available for: All Apple Watch models
Impact: A local attacker may be able to change file system
permissions on arbitrary directories
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2017-2390: Omer Medan of enSilo Ltd
libc++abi
Available for: All Apple Watch models
Impact: Demangling a malicious C++ application may lead to arbitrary
code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2451: Alex Radocea of Longterm Security, Inc.
Security
Available for: All Apple Watch models
Impact: Processing a maliciously crafted x509 certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the parsing of
certificates. This issue was addressed through improved input
validation.
CVE-2017-2485: Aleksandar Nikolic of Cisco Talos
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGnz8P/2pCIIMej7VvKEMeeOblPHII
ZwaSR8nzRIlL5IsPgPcq/e2vkZoyPs3ee5dQGX4yJTgzEY0FuD1S/NxeFntxFlzm
8Ei+PQJco8xdZtlL1HXjg+UlY0HAm1TJGYyriDPjbJiqCBRktv3ta/uzJY+yvXK8
3KtO0PXmEGFod9eyQZIRqFZ6GLxNdeFIxabp1SkOoiGk29jC3E9YjgR5qldMAjfN
AuYWiBBhMOmal8dbnamtcJh93ElzuXX77cCUlw7wQMz6NaqNS3FWaGEUHsxn6y/4
P8XIfwYAaoWhaCJpEari+GkxmmuXmtbuKyMTDQqCWQyG3ThkYDk6kKQNcQMDbxnh
pcyEB7WI9sRQ7CoFH7rmyl8BqQr4Ys0uGPtRDvCVO91kNUMYXeBiNC+StyqWt6Wd
3p/QUxYnM+kG8Zd0lMEaF3LNolr1w54APxMYD3sW3/tOmf8C7d6+qGTGlrumizkD
Z0zr/xRNNpd0m4PVmlNt7YJMjN6s1xJwpEUC1n4FyRifdQktqsKMrumq7VGplHYO
VNKToB3BuHHjTi2HOocvUXfj55htqrCxETEyHD7NhKVpLEf15vDgyXKFGgF95/HR
gomW+ApttZNiz/vOOoI9DL2ZSOnwzo5uO8W4GYSpDpQ36YaYQj/jei2MgtVqqKo+
bNi/H1Oquz40IhKoGR/B
=4Uvv
-----END PGP SIGNATURE-----
| VAR-201704-0834 | CVE-2017-2460 | plural Apple Used in products WebKit Vulnerable to arbitrary code execution |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities.
Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2.
===========================================================================
Ubuntu Security Notice USN-3257-1
April 10, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.10:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.10.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3257-1
CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367,
CVE-2017-2376, CVE-2017-2377, CVE-2017-2386, CVE-2017-2392,
CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405,
CVE-2017-2415, CVE-2017-2419, CVE-2017-2433, CVE-2017-2442,
CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454,
CVE-2017-2455, CVE-2017-2457, CVE-2017-2459, CVE-2017-2460,
CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468,
CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475,
CVE-2017-2476, CVE-2017-2481
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.04.1
.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: June 07, 2017
Bugs: #543650, #573656, #577068, #608958, #614876, #619788
ID: 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which allows remote attackers to execute arbitrary code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4"
References
==========
[ 1 ] CVE-2015-2330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330
[ 2 ] CVE-2015-7096
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096
[ 3 ] CVE-2015-7098
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098
[ 4 ] CVE-2016-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723
[ 5 ] CVE-2016-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724
[ 6 ] CVE-2016-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725
[ 7 ] CVE-2016-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726
[ 8 ] CVE-2016-1727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727
[ 9 ] CVE-2016-1728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728
[ 10 ] CVE-2016-4692
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692
[ 11 ] CVE-2016-4743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743
[ 12 ] CVE-2016-7586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586
[ 13 ] CVE-2016-7587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587
[ 14 ] CVE-2016-7589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589
[ 15 ] CVE-2016-7592
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592
[ 16 ] CVE-2016-7598
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598
[ 17 ] CVE-2016-7599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599
[ 18 ] CVE-2016-7610
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610
[ 19 ] CVE-2016-7611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611
[ 20 ] CVE-2016-7623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623
[ 21 ] CVE-2016-7632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632
[ 22 ] CVE-2016-7635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635
[ 23 ] CVE-2016-7639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639
[ 24 ] CVE-2016-7640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640
[ 25 ] CVE-2016-7641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641
[ 26 ] CVE-2016-7642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642
[ 27 ] CVE-2016-7645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645
[ 28 ] CVE-2016-7646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646
[ 29 ] CVE-2016-7648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648
[ 30 ] CVE-2016-7649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649
[ 31 ] CVE-2016-7652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652
[ 32 ] CVE-2016-7654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654
[ 33 ] CVE-2016-7656
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656
[ 34 ] CVE-2016-9642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642
[ 35 ] CVE-2016-9643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643
[ 36 ] CVE-2017-2350
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350
[ 37 ] CVE-2017-2354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354
[ 38 ] CVE-2017-2355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355
[ 39 ] CVE-2017-2356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356
[ 40 ] CVE-2017-2362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362
[ 41 ] CVE-2017-2363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363
[ 42 ] CVE-2017-2364
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364
[ 43 ] CVE-2017-2365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365
[ 44 ] CVE-2017-2366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366
[ 45 ] CVE-2017-2367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367
[ 46 ] CVE-2017-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369
[ 47 ] CVE-2017-2371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371
[ 48 ] CVE-2017-2373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373
[ 49 ] CVE-2017-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376
[ 50 ] CVE-2017-2377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377
[ 51 ] CVE-2017-2386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386
[ 52 ] CVE-2017-2392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392
[ 53 ] CVE-2017-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394
[ 54 ] CVE-2017-2395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395
[ 55 ] CVE-2017-2396
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396
[ 56 ] CVE-2017-2405
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405
[ 57 ] CVE-2017-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415
[ 58 ] CVE-2017-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419
[ 59 ] CVE-2017-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433
[ 60 ] CVE-2017-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442
[ 61 ] CVE-2017-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445
[ 62 ] CVE-2017-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446
[ 63 ] CVE-2017-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447
[ 64 ] CVE-2017-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454
[ 65 ] CVE-2017-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455
[ 66 ] CVE-2017-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457
[ 67 ] CVE-2017-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459
[ 68 ] CVE-2017-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460
[ 69 ] CVE-2017-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464
[ 70 ] CVE-2017-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465
[ 71 ] CVE-2017-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466
[ 72 ] CVE-2017-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468
[ 73 ] CVE-2017-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469
[ 74 ] CVE-2017-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470
[ 75 ] CVE-2017-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471
[ 76 ] CVE-2017-2475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475
[ 77 ] CVE-2017-2476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476
[ 78 ] CVE-2017-2481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481
[ 79 ] CVE-2017-2496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496
[ 80 ] CVE-2017-2504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504
[ 81 ] CVE-2017-2505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505
[ 82 ] CVE-2017-2506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506
[ 83 ] CVE-2017-2508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508
[ 84 ] CVE-2017-2510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510
[ 85 ] CVE-2017-2514
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514
[ 86 ] CVE-2017-2515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515
[ 87 ] CVE-2017-2521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521
[ 88 ] CVE-2017-2525
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525
[ 89 ] CVE-2017-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526
[ 90 ] CVE-2017-2528
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528
[ 91 ] CVE-2017-2530
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530
[ 92 ] CVE-2017-2531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531
[ 93 ] CVE-2017-2536
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536
[ 94 ] CVE-2017-2539
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539
[ 95 ] CVE-2017-2544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544
[ 96 ] CVE-2017-2547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547
[ 97 ] CVE-2017-2549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549
[ 98 ] CVE-2017-6980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980
[ 99 ] CVE-2017-6984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-15
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-2 Safari 10.1
Safari 10.1 is now available and addresses the following:
CoreGraphics
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2017-2376: Chris Hlady of Google Inc, Muneaki Nishimura
(nishimunea) of Recruit Technologies Co., Ltd., Yuyang Zhou of
Tencent Security Platform Department (security.tencent.com), Michal
Zalewski of Google Inc, an anonymous researcher, an anonymous
researcher
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may present
authentication sheets over arbitrary web sites
Description: A spoofing issue existed in the handling of HTTP
authentication. This issue was addressed through making HTTP
authentication sheets non-modal.
CVE-2017-2389: ShenYeYinJiu of Tencent Security Response Center, TSRC
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: A spoofing issue existed in the handling of FaceTime
prompts. This issue was addressed through improved input validation.
CVE-2017-2453: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari Login AutoFill
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A local user may be able to access locked keychain items
Description: A keychain handling issue was addressed through improved
keychain item management.
CVE-2017-2385: Simon Woodside of MedStack
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Dragging and dropping a maliciously crafted link may lead to
bookmark spoofing or arbitrary code execution
Description: A validation issue existed in bookmark creation. This
issue was addressed through improved input validation.
CVE-2017-2378: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2386: André Bargull
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-9642: Gustavo Grieco
CVE-2017-2394: Apple
CVE-2017-2396: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2395: Apple
CVE-2017-2454: Ivan Fratric of Google Project Zero
CVE-2017-2455: Ivan Fratric of Google Project Zero
CVE-2017-2459: Ivan Fratric of Google Project Zero
CVE-2017-2460: Ivan Fratric of Google Project Zero
CVE-2017-2464: Natalie Silvanovich of Google Project Zero, Jeonghoon
Shin
CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab
CVE-2017-2466: Ivan Fratric of Google Project Zero
CVE-2017-2468: lokihardt of Google Project Zero
CVE-2017-2469: lokihardt of Google Project Zero
CVE-2017-2470: lokihardt of Google Project Zero
CVE-2017-2476: Ivan Fratric of Google Project Zero
CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
unexpectedly unenforced Content Security Policy
Description: An access issue existed in Content Security Policy. This
issue was addressed through improved access restrictions.
CVE-2017-2419: Nicolai Grødum of Cisco Systems
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An information disclosure issue existed in the
processing of OpenGL shaders. This issue was addressed through
improved memory management.
CVE-2017-2424: Paul Thomson (using the GLFuzz tool) of the Multicore
Programming Group, Imperial College London
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2433: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2364: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A validation issue existed in the handling of page
loading. This issue was addressed through improved logic.
CVE-2017-2367: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of frame objects.
This issue was addressed with improved state management.
CVE-2017-2445: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed in the handling of strict mode
functions. This issue was addressed with improved state management.
CVE-2017-2446: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a maliciously crafted website may compromise user
information
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2447: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame handling. This issue was
addressed through improved state management.
CVE-2017-2475: lokihardt of Google Project Zero
WebKit JavaScript Bindings
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2442: lokihardt of Google Project Zero
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Closing a window while paused in the debugger may lead to
unexpected application termination
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2377: Vicki Pfau
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2405: Apple
Installation note:
Safari 10.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo6AAoJEIOj74w0bLRGhF4QALEOLTqQHF6gZnvahvF3wasA
86D3oE4LHUVVSiRq5qLr0mT2Tm4/qQEwDrbUgA7lqR5jJ1ZxB+6cNJf8AeGYwSYs
NYx3kzhSV6y2Bw98JE3NIPbEsnYNKyYK6ExJLpwHbt1a9HdU+VY8Z4tJiEs3pCRW
ndC6znbfia9p9PkLcv+mwkCrGQetgjuTzEofPoUPy1EKvexWiKImrlhtDlNSPP2I
b1v7puQfGTH2iGecMvCIENTyNW7OOmRwN7bzs7S5m+ztGBq1Ti6auAT/59mSD5HI
CQgqfTYPvvIN6oowMiGsy5l5uIAXF7/5eP9jyf2ygewGvVY26gum/PGskhWERRHl
RwYOwCs5EEfPRj0z2m+8BcRe5YVfrB8A1mSHkPQU+UaScwYxh0kjN9fsQPT1PCSd
Ks8H+1FVgcbTH2zp4bYPgdupyerX8Dh2cC3Doaemp4qW0d+/v5mhSPHq4zIBQoJ6
C5TsVM7JyVOMHXHGpWooyPDVVtzb5/ve0UgCqJ1rTFEzOFuJN313hP5f00woguTY
4B0NV+XlVrfmk3CWy7vx0grs5vKC6Vgz8rDilLeBfmVqUlZ4Hn75W24pEHIa24sB
lPDffw4xrnGYFASDRC/Ch464/myq9TIETzTkW5zzLw4jLnIAXjpPWusiT6gKdQP8
GmR5lxoaaeZxH8hQc5ui
=p/K5
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
| VAR-201704-0817 | CVE-2017-2443 | Apple macOS of Intel Graphics Driver Component vulnerable to arbitrary code execution in privileged context |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. This may aid in further attacks
| VAR-201704-0833 | CVE-2017-2459 | plural Apple Used in products WebKit Vulnerable to arbitrary code execution |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities.
Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2.
===========================================================================
Ubuntu Security Notice USN-3257-1
April 10, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.10:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.10.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3257-1
CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367,
CVE-2017-2376, CVE-2017-2377, CVE-2017-2386, CVE-2017-2392,
CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405,
CVE-2017-2415, CVE-2017-2419, CVE-2017-2433, CVE-2017-2442,
CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454,
CVE-2017-2455, CVE-2017-2457, CVE-2017-2459, CVE-2017-2460,
CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468,
CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475,
CVE-2017-2476, CVE-2017-2481
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.04.1
.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: June 07, 2017
Bugs: #543650, #573656, #577068, #608958, #614876, #619788
ID: 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which allows remote attackers to execute arbitrary code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4"
References
==========
[ 1 ] CVE-2015-2330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330
[ 2 ] CVE-2015-7096
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096
[ 3 ] CVE-2015-7098
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098
[ 4 ] CVE-2016-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723
[ 5 ] CVE-2016-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724
[ 6 ] CVE-2016-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725
[ 7 ] CVE-2016-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726
[ 8 ] CVE-2016-1727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727
[ 9 ] CVE-2016-1728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728
[ 10 ] CVE-2016-4692
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692
[ 11 ] CVE-2016-4743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743
[ 12 ] CVE-2016-7586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586
[ 13 ] CVE-2016-7587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587
[ 14 ] CVE-2016-7589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589
[ 15 ] CVE-2016-7592
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592
[ 16 ] CVE-2016-7598
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598
[ 17 ] CVE-2016-7599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599
[ 18 ] CVE-2016-7610
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610
[ 19 ] CVE-2016-7611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611
[ 20 ] CVE-2016-7623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623
[ 21 ] CVE-2016-7632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632
[ 22 ] CVE-2016-7635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635
[ 23 ] CVE-2016-7639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639
[ 24 ] CVE-2016-7640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640
[ 25 ] CVE-2016-7641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641
[ 26 ] CVE-2016-7642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642
[ 27 ] CVE-2016-7645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645
[ 28 ] CVE-2016-7646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646
[ 29 ] CVE-2016-7648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648
[ 30 ] CVE-2016-7649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649
[ 31 ] CVE-2016-7652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652
[ 32 ] CVE-2016-7654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654
[ 33 ] CVE-2016-7656
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656
[ 34 ] CVE-2016-9642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642
[ 35 ] CVE-2016-9643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643
[ 36 ] CVE-2017-2350
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350
[ 37 ] CVE-2017-2354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354
[ 38 ] CVE-2017-2355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355
[ 39 ] CVE-2017-2356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356
[ 40 ] CVE-2017-2362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362
[ 41 ] CVE-2017-2363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363
[ 42 ] CVE-2017-2364
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364
[ 43 ] CVE-2017-2365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365
[ 44 ] CVE-2017-2366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366
[ 45 ] CVE-2017-2367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367
[ 46 ] CVE-2017-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369
[ 47 ] CVE-2017-2371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371
[ 48 ] CVE-2017-2373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373
[ 49 ] CVE-2017-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376
[ 50 ] CVE-2017-2377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377
[ 51 ] CVE-2017-2386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386
[ 52 ] CVE-2017-2392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392
[ 53 ] CVE-2017-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394
[ 54 ] CVE-2017-2395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395
[ 55 ] CVE-2017-2396
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396
[ 56 ] CVE-2017-2405
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405
[ 57 ] CVE-2017-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415
[ 58 ] CVE-2017-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419
[ 59 ] CVE-2017-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433
[ 60 ] CVE-2017-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442
[ 61 ] CVE-2017-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445
[ 62 ] CVE-2017-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446
[ 63 ] CVE-2017-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447
[ 64 ] CVE-2017-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454
[ 65 ] CVE-2017-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455
[ 66 ] CVE-2017-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457
[ 67 ] CVE-2017-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459
[ 68 ] CVE-2017-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460
[ 69 ] CVE-2017-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464
[ 70 ] CVE-2017-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465
[ 71 ] CVE-2017-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466
[ 72 ] CVE-2017-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468
[ 73 ] CVE-2017-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469
[ 74 ] CVE-2017-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470
[ 75 ] CVE-2017-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471
[ 76 ] CVE-2017-2475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475
[ 77 ] CVE-2017-2476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476
[ 78 ] CVE-2017-2481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481
[ 79 ] CVE-2017-2496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496
[ 80 ] CVE-2017-2504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504
[ 81 ] CVE-2017-2505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505
[ 82 ] CVE-2017-2506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506
[ 83 ] CVE-2017-2508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508
[ 84 ] CVE-2017-2510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510
[ 85 ] CVE-2017-2514
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514
[ 86 ] CVE-2017-2515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515
[ 87 ] CVE-2017-2521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521
[ 88 ] CVE-2017-2525
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525
[ 89 ] CVE-2017-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526
[ 90 ] CVE-2017-2528
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528
[ 91 ] CVE-2017-2530
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530
[ 92 ] CVE-2017-2531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531
[ 93 ] CVE-2017-2536
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536
[ 94 ] CVE-2017-2539
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539
[ 95 ] CVE-2017-2544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544
[ 96 ] CVE-2017-2547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547
[ 97 ] CVE-2017-2549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549
[ 98 ] CVE-2017-6980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980
[ 99 ] CVE-2017-6984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-15
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-2 Safari 10.1
Safari 10.1 is now available and addresses the following:
CoreGraphics
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2017-2376: Chris Hlady of Google Inc, Muneaki Nishimura
(nishimunea) of Recruit Technologies Co., Ltd., Yuyang Zhou of
Tencent Security Platform Department (security.tencent.com), Michal
Zalewski of Google Inc, an anonymous researcher, an anonymous
researcher
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may present
authentication sheets over arbitrary web sites
Description: A spoofing issue existed in the handling of HTTP
authentication. This issue was addressed through making HTTP
authentication sheets non-modal.
CVE-2017-2389: ShenYeYinJiu of Tencent Security Response Center, TSRC
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: A spoofing issue existed in the handling of FaceTime
prompts. This issue was addressed through improved input validation.
CVE-2017-2453: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari Login AutoFill
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A local user may be able to access locked keychain items
Description: A keychain handling issue was addressed through improved
keychain item management.
CVE-2017-2385: Simon Woodside of MedStack
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Dragging and dropping a maliciously crafted link may lead to
bookmark spoofing or arbitrary code execution
Description: A validation issue existed in bookmark creation. This
issue was addressed through improved input validation.
CVE-2017-2378: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2386: André Bargull
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-9642: Gustavo Grieco
CVE-2017-2394: Apple
CVE-2017-2396: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2395: Apple
CVE-2017-2454: Ivan Fratric of Google Project Zero
CVE-2017-2455: Ivan Fratric of Google Project Zero
CVE-2017-2459: Ivan Fratric of Google Project Zero
CVE-2017-2460: Ivan Fratric of Google Project Zero
CVE-2017-2464: Natalie Silvanovich of Google Project Zero, Jeonghoon
Shin
CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab
CVE-2017-2466: Ivan Fratric of Google Project Zero
CVE-2017-2468: lokihardt of Google Project Zero
CVE-2017-2469: lokihardt of Google Project Zero
CVE-2017-2470: lokihardt of Google Project Zero
CVE-2017-2476: Ivan Fratric of Google Project Zero
CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
unexpectedly unenforced Content Security Policy
Description: An access issue existed in Content Security Policy. This
issue was addressed through improved access restrictions.
CVE-2017-2419: Nicolai Grødum of Cisco Systems
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An information disclosure issue existed in the
processing of OpenGL shaders. This issue was addressed through
improved memory management.
CVE-2017-2424: Paul Thomson (using the GLFuzz tool) of the Multicore
Programming Group, Imperial College London
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2433: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2364: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A validation issue existed in the handling of page
loading. This issue was addressed through improved logic.
CVE-2017-2367: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of frame objects.
This issue was addressed with improved state management.
CVE-2017-2445: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed in the handling of strict mode
functions. This issue was addressed with improved state management.
CVE-2017-2446: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a maliciously crafted website may compromise user
information
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2447: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame handling. This issue was
addressed through improved state management.
CVE-2017-2475: lokihardt of Google Project Zero
WebKit JavaScript Bindings
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2442: lokihardt of Google Project Zero
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Closing a window while paused in the debugger may lead to
unexpected application termination
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2377: Vicki Pfau
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2405: Apple
Installation note:
Safari 10.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo6AAoJEIOj74w0bLRGhF4QALEOLTqQHF6gZnvahvF3wasA
86D3oE4LHUVVSiRq5qLr0mT2Tm4/qQEwDrbUgA7lqR5jJ1ZxB+6cNJf8AeGYwSYs
NYx3kzhSV6y2Bw98JE3NIPbEsnYNKyYK6ExJLpwHbt1a9HdU+VY8Z4tJiEs3pCRW
ndC6znbfia9p9PkLcv+mwkCrGQetgjuTzEofPoUPy1EKvexWiKImrlhtDlNSPP2I
b1v7puQfGTH2iGecMvCIENTyNW7OOmRwN7bzs7S5m+ztGBq1Ti6auAT/59mSD5HI
CQgqfTYPvvIN6oowMiGsy5l5uIAXF7/5eP9jyf2ygewGvVY26gum/PGskhWERRHl
RwYOwCs5EEfPRj0z2m+8BcRe5YVfrB8A1mSHkPQU+UaScwYxh0kjN9fsQPT1PCSd
Ks8H+1FVgcbTH2zp4bYPgdupyerX8Dh2cC3Doaemp4qW0d+/v5mhSPHq4zIBQoJ6
C5TsVM7JyVOMHXHGpWooyPDVVtzb5/ve0UgCqJ1rTFEzOFuJN313hP5f00woguTY
4B0NV+XlVrfmk3CWy7vx0grs5vKC6Vgz8rDilLeBfmVqUlZ4Hn75W24pEHIa24sB
lPDffw4xrnGYFASDRC/Ch464/myq9TIETzTkW5zzLw4jLnIAXjpPWusiT6gKdQP8
GmR5lxoaaeZxH8hQc5ui
=p/K5
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
| VAR-201704-0824 | CVE-2017-2450 | plural Apple Product CoreText Vulnerabilities that can capture important information in components |
CVSS V2: 5.8 CVSS V3: 7.1 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. Mac OS is an operating system that runs on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable. CoreText is one of the text engines that can control text formatting and text layout. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-5 watchOS 3.2
watchOS 3.2 is now available and addresses the following:
Audio
Available for: All Apple Watch models
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2430: an anonymous researcher working with Trend Microas
Zero Day Initiative
CVE-2017-2462: an anonymous researcher working with Trend Microas
Zero Day Initiative
Carbon
Available for: All Apple Watch models
Impact: Processing a maliciously crafted .dfont file may lead to
arbitrary code execution
Description: A buffer overflow existed in the handling of font files.
This issue was addressed through improved bounds checking.
CVE-2017-2379: John Villamil, Doyensec, riusksk (ae3aY=) of Tencent
Security Platform Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An infinite recursion was addressed through improved
state management.
CVE-2017-2417: riusksk (ae3aY=) of Tencent Security Platform
Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2435: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2450: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted text message may lead to
application denial of service
Description: A resource exhaustion issue was addressed through
improved input validation.
CVE-2017-2461: Isaac Archambault of IDAoADI, an anonymous researcher
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2406: riusksk (ae3aY=) of Tencent Security Platform
Department
CVE-2017-2487: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Parsing a maliciously crafted font file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2407: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2439: John Villamil, Doyensec
HTTPProtocol
Available for: All Apple Watch models
Impact: A malicious HTTP/2 server may be able to cause undefined
behavior
Description: Multiple issues existed in nghttp2 before 1.17.0. These
were addressed by updating LibreSSL to version 1.17.0.
CVE-2017-2428
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2416: Qidan He (a1/2ae*a,1, @flanker_hqd) of KeenLab, Tencent
ImageIO
Available for: All Apple Watch models
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2432: an anonymous researcher working with Trend Micro's
Zero Day Initiative
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2467
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to unexpected
application termination
Description: An out-of-bound read existed in LibTIFF versions before
4.0.7. This was addressed by updating LibTIFF in ImageIO to version
4.0.7.
CVE-2016-3619
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2401: Lufeng Li of Qihoo 360 Vulcan Team
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An integer overflow was addressed through improved input
validation.
CVE-2017-2440: an anonymous researcher
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with root privileges
Description: A race condition was addressed through improved memory
handling.
CVE-2017-2456: lokihardt of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2472: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2473: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An off-by-one issue was addressed through improved
bounds checking.
CVE-2017-2474: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed through improved locking.
CVE-2017-2478: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2482: Ian Beer of Google Project Zero
CVE-2017-2483: Ian Beer of Google Project Zero
Keyboards
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2458: Shashank (@cyberboyIndia)
libarchive
Available for: All Apple Watch models
Impact: A local attacker may be able to change file system
permissions on arbitrary directories
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2017-2390: Omer Medan of enSilo Ltd
libc++abi
Available for: All Apple Watch models
Impact: Demangling a malicious C++ application may lead to arbitrary
code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2441
Security
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
root privileges
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2451: Alex Radocea of Longterm Security, Inc.
Security
Available for: All Apple Watch models
Impact: Processing a maliciously crafted x509 certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the parsing of
certificates. This issue was addressed through improved input
validation.
CVE-2017-2485: Aleksandar Nikolic of Cisco Talos
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGnz8P/2pCIIMej7VvKEMeeOblPHII
ZwaSR8nzRIlL5IsPgPcq/e2vkZoyPs3ee5dQGX4yJTgzEY0FuD1S/NxeFntxFlzm
8Ei+PQJco8xdZtlL1HXjg+UlY0HAm1TJGYyriDPjbJiqCBRktv3ta/uzJY+yvXK8
3KtO0PXmEGFod9eyQZIRqFZ6GLxNdeFIxabp1SkOoiGk29jC3E9YjgR5qldMAjfN
AuYWiBBhMOmal8dbnamtcJh93ElzuXX77cCUlw7wQMz6NaqNS3FWaGEUHsxn6y/4
P8XIfwYAaoWhaCJpEari+GkxmmuXmtbuKyMTDQqCWQyG3ThkYDk6kKQNcQMDbxnh
pcyEB7WI9sRQ7CoFH7rmyl8BqQr4Ys0uGPtRDvCVO91kNUMYXeBiNC+StyqWt6Wd
3p/QUxYnM+kG8Zd0lMEaF3LNolr1w54APxMYD3sW3/tOmf8C7d6+qGTGlrumizkD
Z0zr/xRNNpd0m4PVmlNt7YJMjN6s1xJwpEUC1n4FyRifdQktqsKMrumq7VGplHYO
VNKToB3BuHHjTi2HOocvUXfj55htqrCxETEyHD7NhKVpLEf15vDgyXKFGgF95/HR
gomW+ApttZNiz/vOOoI9DL2ZSOnwzo5uO8W4GYSpDpQ36YaYQj/jei2MgtVqqKo+
bNi/H1Oquz40IhKoGR/B
=4Uvv
-----END PGP SIGNATURE-----
| VAR-201704-0815 | CVE-2017-2441 | plural Apple Product libc++abi Vulnerability in arbitrary code execution in components |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "libc++abi" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code via a crafted C++ app that is mishandled during demangling. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. Mac OS is an operating system that runs on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features.
The "libc ++ abi" component of many Apple products has a memory misreference vulnerability. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable. libc++abi is one of the implementations of standard C++ library support. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-5 watchOS 3.2
watchOS 3.2 is now available and addresses the following:
Audio
Available for: All Apple Watch models
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2430: an anonymous researcher working with Trend Microas
Zero Day Initiative
CVE-2017-2462: an anonymous researcher working with Trend Microas
Zero Day Initiative
Carbon
Available for: All Apple Watch models
Impact: Processing a maliciously crafted .dfont file may lead to
arbitrary code execution
Description: A buffer overflow existed in the handling of font files.
This issue was addressed through improved bounds checking.
CVE-2017-2379: John Villamil, Doyensec, riusksk (ae3aY=) of Tencent
Security Platform Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An infinite recursion was addressed through improved
state management.
CVE-2017-2417: riusksk (ae3aY=) of Tencent Security Platform
Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2435: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2450: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted text message may lead to
application denial of service
Description: A resource exhaustion issue was addressed through
improved input validation.
CVE-2017-2461: Isaac Archambault of IDAoADI, an anonymous researcher
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2406: riusksk (ae3aY=) of Tencent Security Platform
Department
CVE-2017-2487: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Parsing a maliciously crafted font file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2407: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2439: John Villamil, Doyensec
HTTPProtocol
Available for: All Apple Watch models
Impact: A malicious HTTP/2 server may be able to cause undefined
behavior
Description: Multiple issues existed in nghttp2 before 1.17.0. These
were addressed by updating LibreSSL to version 1.17.0.
CVE-2017-2428
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2416: Qidan He (a1/2ae*a,1, @flanker_hqd) of KeenLab, Tencent
ImageIO
Available for: All Apple Watch models
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2432: an anonymous researcher working with Trend Micro's
Zero Day Initiative
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2467
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to unexpected
application termination
Description: An out-of-bound read existed in LibTIFF versions before
4.0.7. This was addressed by updating LibTIFF in ImageIO to version
4.0.7.
CVE-2016-3619
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2401: Lufeng Li of Qihoo 360 Vulcan Team
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An integer overflow was addressed through improved input
validation.
CVE-2017-2440: an anonymous researcher
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with root privileges
Description: A race condition was addressed through improved memory
handling.
CVE-2017-2456: lokihardt of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2472: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2473: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An off-by-one issue was addressed through improved
bounds checking.
CVE-2017-2474: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed through improved locking.
CVE-2017-2478: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2482: Ian Beer of Google Project Zero
CVE-2017-2483: Ian Beer of Google Project Zero
Keyboards
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2458: Shashank (@cyberboyIndia)
libarchive
Available for: All Apple Watch models
Impact: A local attacker may be able to change file system
permissions on arbitrary directories
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2017-2441
Security
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
root privileges
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2451: Alex Radocea of Longterm Security, Inc.
Security
Available for: All Apple Watch models
Impact: Processing a maliciously crafted x509 certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the parsing of
certificates. This issue was addressed through improved input
validation.
CVE-2017-2485: Aleksandar Nikolic of Cisco Talos
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGnz8P/2pCIIMej7VvKEMeeOblPHII
ZwaSR8nzRIlL5IsPgPcq/e2vkZoyPs3ee5dQGX4yJTgzEY0FuD1S/NxeFntxFlzm
8Ei+PQJco8xdZtlL1HXjg+UlY0HAm1TJGYyriDPjbJiqCBRktv3ta/uzJY+yvXK8
3KtO0PXmEGFod9eyQZIRqFZ6GLxNdeFIxabp1SkOoiGk29jC3E9YjgR5qldMAjfN
AuYWiBBhMOmal8dbnamtcJh93ElzuXX77cCUlw7wQMz6NaqNS3FWaGEUHsxn6y/4
P8XIfwYAaoWhaCJpEari+GkxmmuXmtbuKyMTDQqCWQyG3ThkYDk6kKQNcQMDbxnh
pcyEB7WI9sRQ7CoFH7rmyl8BqQr4Ys0uGPtRDvCVO91kNUMYXeBiNC+StyqWt6Wd
3p/QUxYnM+kG8Zd0lMEaF3LNolr1w54APxMYD3sW3/tOmf8C7d6+qGTGlrumizkD
Z0zr/xRNNpd0m4PVmlNt7YJMjN6s1xJwpEUC1n4FyRifdQktqsKMrumq7VGplHYO
VNKToB3BuHHjTi2HOocvUXfj55htqrCxETEyHD7NhKVpLEf15vDgyXKFGgF95/HR
gomW+ApttZNiz/vOOoI9DL2ZSOnwzo5uO8W4GYSpDpQ36YaYQj/jei2MgtVqqKo+
bNi/H1Oquz40IhKoGR/B
=4Uvv
-----END PGP SIGNATURE-----
| VAR-201704-0821 | CVE-2017-2447 | plural Apple Used in products WebKit Vulnerability in which important information is obtained |
CVSS V2: 5.8 CVSS V3: 8.1 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted web site. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities.
Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2.
===========================================================================
Ubuntu Security Notice USN-3257-1
April 10, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.10:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.10.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3257-1
CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367,
CVE-2017-2376, CVE-2017-2377, CVE-2017-2386, CVE-2017-2392,
CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405,
CVE-2017-2415, CVE-2017-2419, CVE-2017-2433, CVE-2017-2442,
CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454,
CVE-2017-2455, CVE-2017-2457, CVE-2017-2459, CVE-2017-2460,
CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468,
CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475,
CVE-2017-2476, CVE-2017-2481
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.04.1
.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: June 07, 2017
Bugs: #543650, #573656, #577068, #608958, #614876, #619788
ID: 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which allows remote attackers to execute arbitrary code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4"
References
==========
[ 1 ] CVE-2015-2330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330
[ 2 ] CVE-2015-7096
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096
[ 3 ] CVE-2015-7098
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098
[ 4 ] CVE-2016-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723
[ 5 ] CVE-2016-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724
[ 6 ] CVE-2016-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725
[ 7 ] CVE-2016-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726
[ 8 ] CVE-2016-1727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727
[ 9 ] CVE-2016-1728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728
[ 10 ] CVE-2016-4692
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692
[ 11 ] CVE-2016-4743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743
[ 12 ] CVE-2016-7586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586
[ 13 ] CVE-2016-7587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587
[ 14 ] CVE-2016-7589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589
[ 15 ] CVE-2016-7592
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592
[ 16 ] CVE-2016-7598
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598
[ 17 ] CVE-2016-7599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599
[ 18 ] CVE-2016-7610
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610
[ 19 ] CVE-2016-7611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611
[ 20 ] CVE-2016-7623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623
[ 21 ] CVE-2016-7632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632
[ 22 ] CVE-2016-7635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635
[ 23 ] CVE-2016-7639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639
[ 24 ] CVE-2016-7640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640
[ 25 ] CVE-2016-7641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641
[ 26 ] CVE-2016-7642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642
[ 27 ] CVE-2016-7645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645
[ 28 ] CVE-2016-7646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646
[ 29 ] CVE-2016-7648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648
[ 30 ] CVE-2016-7649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649
[ 31 ] CVE-2016-7652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652
[ 32 ] CVE-2016-7654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654
[ 33 ] CVE-2016-7656
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656
[ 34 ] CVE-2016-9642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642
[ 35 ] CVE-2016-9643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643
[ 36 ] CVE-2017-2350
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350
[ 37 ] CVE-2017-2354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354
[ 38 ] CVE-2017-2355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355
[ 39 ] CVE-2017-2356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356
[ 40 ] CVE-2017-2362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362
[ 41 ] CVE-2017-2363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363
[ 42 ] CVE-2017-2364
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364
[ 43 ] CVE-2017-2365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365
[ 44 ] CVE-2017-2366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366
[ 45 ] CVE-2017-2367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367
[ 46 ] CVE-2017-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369
[ 47 ] CVE-2017-2371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371
[ 48 ] CVE-2017-2373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373
[ 49 ] CVE-2017-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376
[ 50 ] CVE-2017-2377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377
[ 51 ] CVE-2017-2386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386
[ 52 ] CVE-2017-2392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392
[ 53 ] CVE-2017-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394
[ 54 ] CVE-2017-2395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395
[ 55 ] CVE-2017-2396
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396
[ 56 ] CVE-2017-2405
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405
[ 57 ] CVE-2017-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415
[ 58 ] CVE-2017-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419
[ 59 ] CVE-2017-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433
[ 60 ] CVE-2017-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442
[ 61 ] CVE-2017-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445
[ 62 ] CVE-2017-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446
[ 63 ] CVE-2017-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447
[ 64 ] CVE-2017-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454
[ 65 ] CVE-2017-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455
[ 66 ] CVE-2017-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457
[ 67 ] CVE-2017-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459
[ 68 ] CVE-2017-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460
[ 69 ] CVE-2017-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464
[ 70 ] CVE-2017-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465
[ 71 ] CVE-2017-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466
[ 72 ] CVE-2017-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468
[ 73 ] CVE-2017-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469
[ 74 ] CVE-2017-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470
[ 75 ] CVE-2017-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471
[ 76 ] CVE-2017-2475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475
[ 77 ] CVE-2017-2476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476
[ 78 ] CVE-2017-2481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481
[ 79 ] CVE-2017-2496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496
[ 80 ] CVE-2017-2504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504
[ 81 ] CVE-2017-2505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505
[ 82 ] CVE-2017-2506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506
[ 83 ] CVE-2017-2508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508
[ 84 ] CVE-2017-2510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510
[ 85 ] CVE-2017-2514
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514
[ 86 ] CVE-2017-2515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515
[ 87 ] CVE-2017-2521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521
[ 88 ] CVE-2017-2525
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525
[ 89 ] CVE-2017-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526
[ 90 ] CVE-2017-2528
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528
[ 91 ] CVE-2017-2530
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530
[ 92 ] CVE-2017-2531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531
[ 93 ] CVE-2017-2536
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536
[ 94 ] CVE-2017-2539
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539
[ 95 ] CVE-2017-2544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544
[ 96 ] CVE-2017-2547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547
[ 97 ] CVE-2017-2549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549
[ 98 ] CVE-2017-6980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980
[ 99 ] CVE-2017-6984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-15
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-2 Safari 10.1
Safari 10.1 is now available and addresses the following:
CoreGraphics
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2017-2376: Chris Hlady of Google Inc, Muneaki Nishimura
(nishimunea) of Recruit Technologies Co., Ltd., Yuyang Zhou of
Tencent Security Platform Department (security.tencent.com), Michal
Zalewski of Google Inc, an anonymous researcher, an anonymous
researcher
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may present
authentication sheets over arbitrary web sites
Description: A spoofing issue existed in the handling of HTTP
authentication. This issue was addressed through making HTTP
authentication sheets non-modal.
CVE-2017-2389: ShenYeYinJiu of Tencent Security Response Center, TSRC
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: A spoofing issue existed in the handling of FaceTime
prompts. This issue was addressed through improved input validation.
CVE-2017-2453: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari Login AutoFill
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A local user may be able to access locked keychain items
Description: A keychain handling issue was addressed through improved
keychain item management.
CVE-2017-2385: Simon Woodside of MedStack
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Dragging and dropping a maliciously crafted link may lead to
bookmark spoofing or arbitrary code execution
Description: A validation issue existed in bookmark creation. This
issue was addressed through improved input validation.
CVE-2017-2378: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2386: André Bargull
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-9642: Gustavo Grieco
CVE-2017-2394: Apple
CVE-2017-2396: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2395: Apple
CVE-2017-2454: Ivan Fratric of Google Project Zero
CVE-2017-2455: Ivan Fratric of Google Project Zero
CVE-2017-2459: Ivan Fratric of Google Project Zero
CVE-2017-2460: Ivan Fratric of Google Project Zero
CVE-2017-2464: Natalie Silvanovich of Google Project Zero, Jeonghoon
Shin
CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab
CVE-2017-2466: Ivan Fratric of Google Project Zero
CVE-2017-2468: lokihardt of Google Project Zero
CVE-2017-2469: lokihardt of Google Project Zero
CVE-2017-2470: lokihardt of Google Project Zero
CVE-2017-2476: Ivan Fratric of Google Project Zero
CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
unexpectedly unenforced Content Security Policy
Description: An access issue existed in Content Security Policy. This
issue was addressed through improved access restrictions.
CVE-2017-2419: Nicolai Grødum of Cisco Systems
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An information disclosure issue existed in the
processing of OpenGL shaders. This issue was addressed through
improved memory management.
CVE-2017-2424: Paul Thomson (using the GLFuzz tool) of the Multicore
Programming Group, Imperial College London
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2433: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2364: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A validation issue existed in the handling of page
loading. This issue was addressed through improved logic.
CVE-2017-2367: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of frame objects.
This issue was addressed with improved state management.
CVE-2017-2445: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed in the handling of strict mode
functions. This issue was addressed with improved state management.
CVE-2017-2446: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a maliciously crafted website may compromise user
information
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2447: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame handling. This issue was
addressed through improved state management.
CVE-2017-2475: lokihardt of Google Project Zero
WebKit JavaScript Bindings
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2442: lokihardt of Google Project Zero
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Closing a window while paused in the debugger may lead to
unexpected application termination
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2377: Vicki Pfau
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2405: Apple
Installation note:
Safari 10.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo6AAoJEIOj74w0bLRGhF4QALEOLTqQHF6gZnvahvF3wasA
86D3oE4LHUVVSiRq5qLr0mT2Tm4/qQEwDrbUgA7lqR5jJ1ZxB+6cNJf8AeGYwSYs
NYx3kzhSV6y2Bw98JE3NIPbEsnYNKyYK6ExJLpwHbt1a9HdU+VY8Z4tJiEs3pCRW
ndC6znbfia9p9PkLcv+mwkCrGQetgjuTzEofPoUPy1EKvexWiKImrlhtDlNSPP2I
b1v7puQfGTH2iGecMvCIENTyNW7OOmRwN7bzs7S5m+ztGBq1Ti6auAT/59mSD5HI
CQgqfTYPvvIN6oowMiGsy5l5uIAXF7/5eP9jyf2ygewGvVY26gum/PGskhWERRHl
RwYOwCs5EEfPRj0z2m+8BcRe5YVfrB8A1mSHkPQU+UaScwYxh0kjN9fsQPT1PCSd
Ks8H+1FVgcbTH2zp4bYPgdupyerX8Dh2cC3Doaemp4qW0d+/v5mhSPHq4zIBQoJ6
C5TsVM7JyVOMHXHGpWooyPDVVtzb5/ve0UgCqJ1rTFEzOFuJN313hP5f00woguTY
4B0NV+XlVrfmk3CWy7vx0grs5vKC6Vgz8rDilLeBfmVqUlZ4Hn75W24pEHIa24sB
lPDffw4xrnGYFASDRC/Ch464/myq9TIETzTkW5zzLw4jLnIAXjpPWusiT6gKdQP8
GmR5lxoaaeZxH8hQc5ui
=p/K5
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
| VAR-201704-0828 | CVE-2017-2454 | plural Apple Used in products WebKit Vulnerable to arbitrary code execution |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS , Safari ,and tvOS Used in etc. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Node objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. WebKit is prone to multiple security vulnerabilities.
Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2.
===========================================================================
Ubuntu Security Notice USN-3257-1
April 10, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.10:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.10.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3257-1
CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367,
CVE-2017-2376, CVE-2017-2377, CVE-2017-2386, CVE-2017-2392,
CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405,
CVE-2017-2415, CVE-2017-2419, CVE-2017-2433, CVE-2017-2442,
CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454,
CVE-2017-2455, CVE-2017-2457, CVE-2017-2459, CVE-2017-2460,
CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468,
CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475,
CVE-2017-2476, CVE-2017-2481
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.04.1
.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: June 07, 2017
Bugs: #543650, #573656, #577068, #608958, #614876, #619788
ID: 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which allows remote attackers to execute arbitrary code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4"
References
==========
[ 1 ] CVE-2015-2330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330
[ 2 ] CVE-2015-7096
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096
[ 3 ] CVE-2015-7098
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098
[ 4 ] CVE-2016-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723
[ 5 ] CVE-2016-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724
[ 6 ] CVE-2016-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725
[ 7 ] CVE-2016-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726
[ 8 ] CVE-2016-1727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727
[ 9 ] CVE-2016-1728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728
[ 10 ] CVE-2016-4692
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692
[ 11 ] CVE-2016-4743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743
[ 12 ] CVE-2016-7586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586
[ 13 ] CVE-2016-7587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587
[ 14 ] CVE-2016-7589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589
[ 15 ] CVE-2016-7592
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592
[ 16 ] CVE-2016-7598
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598
[ 17 ] CVE-2016-7599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599
[ 18 ] CVE-2016-7610
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610
[ 19 ] CVE-2016-7611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611
[ 20 ] CVE-2016-7623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623
[ 21 ] CVE-2016-7632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632
[ 22 ] CVE-2016-7635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635
[ 23 ] CVE-2016-7639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639
[ 24 ] CVE-2016-7640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640
[ 25 ] CVE-2016-7641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641
[ 26 ] CVE-2016-7642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642
[ 27 ] CVE-2016-7645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645
[ 28 ] CVE-2016-7646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646
[ 29 ] CVE-2016-7648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648
[ 30 ] CVE-2016-7649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649
[ 31 ] CVE-2016-7652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652
[ 32 ] CVE-2016-7654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654
[ 33 ] CVE-2016-7656
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656
[ 34 ] CVE-2016-9642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642
[ 35 ] CVE-2016-9643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643
[ 36 ] CVE-2017-2350
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350
[ 37 ] CVE-2017-2354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354
[ 38 ] CVE-2017-2355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355
[ 39 ] CVE-2017-2356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356
[ 40 ] CVE-2017-2362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362
[ 41 ] CVE-2017-2363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363
[ 42 ] CVE-2017-2364
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364
[ 43 ] CVE-2017-2365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365
[ 44 ] CVE-2017-2366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366
[ 45 ] CVE-2017-2367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367
[ 46 ] CVE-2017-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369
[ 47 ] CVE-2017-2371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371
[ 48 ] CVE-2017-2373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373
[ 49 ] CVE-2017-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376
[ 50 ] CVE-2017-2377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377
[ 51 ] CVE-2017-2386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386
[ 52 ] CVE-2017-2392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392
[ 53 ] CVE-2017-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394
[ 54 ] CVE-2017-2395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395
[ 55 ] CVE-2017-2396
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396
[ 56 ] CVE-2017-2405
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405
[ 57 ] CVE-2017-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415
[ 58 ] CVE-2017-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419
[ 59 ] CVE-2017-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433
[ 60 ] CVE-2017-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442
[ 61 ] CVE-2017-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445
[ 62 ] CVE-2017-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446
[ 63 ] CVE-2017-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447
[ 64 ] CVE-2017-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454
[ 65 ] CVE-2017-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455
[ 66 ] CVE-2017-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457
[ 67 ] CVE-2017-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459
[ 68 ] CVE-2017-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460
[ 69 ] CVE-2017-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464
[ 70 ] CVE-2017-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465
[ 71 ] CVE-2017-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466
[ 72 ] CVE-2017-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468
[ 73 ] CVE-2017-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469
[ 74 ] CVE-2017-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470
[ 75 ] CVE-2017-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471
[ 76 ] CVE-2017-2475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475
[ 77 ] CVE-2017-2476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476
[ 78 ] CVE-2017-2481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481
[ 79 ] CVE-2017-2496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496
[ 80 ] CVE-2017-2504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504
[ 81 ] CVE-2017-2505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505
[ 82 ] CVE-2017-2506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506
[ 83 ] CVE-2017-2508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508
[ 84 ] CVE-2017-2510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510
[ 85 ] CVE-2017-2514
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514
[ 86 ] CVE-2017-2515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515
[ 87 ] CVE-2017-2521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521
[ 88 ] CVE-2017-2525
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525
[ 89 ] CVE-2017-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526
[ 90 ] CVE-2017-2528
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528
[ 91 ] CVE-2017-2530
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530
[ 92 ] CVE-2017-2531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531
[ 93 ] CVE-2017-2536
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536
[ 94 ] CVE-2017-2539
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539
[ 95 ] CVE-2017-2544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544
[ 96 ] CVE-2017-2547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547
[ 97 ] CVE-2017-2549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549
[ 98 ] CVE-2017-6980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980
[ 99 ] CVE-2017-6984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-15
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-2 Safari 10.1
Safari 10.1 is now available and addresses the following:
CoreGraphics
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2017-2376: Chris Hlady of Google Inc, Muneaki Nishimura
(nishimunea) of Recruit Technologies Co., Ltd., Yuyang Zhou of
Tencent Security Platform Department (security.tencent.com), Michal
Zalewski of Google Inc, an anonymous researcher, an anonymous
researcher
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may present
authentication sheets over arbitrary web sites
Description: A spoofing issue existed in the handling of HTTP
authentication. This issue was addressed through making HTTP
authentication sheets non-modal.
CVE-2017-2389: ShenYeYinJiu of Tencent Security Response Center, TSRC
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: A spoofing issue existed in the handling of FaceTime
prompts. This issue was addressed through improved input validation.
CVE-2017-2453: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari Login AutoFill
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A local user may be able to access locked keychain items
Description: A keychain handling issue was addressed through improved
keychain item management.
CVE-2017-2385: Simon Woodside of MedStack
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Dragging and dropping a maliciously crafted link may lead to
bookmark spoofing or arbitrary code execution
Description: A validation issue existed in bookmark creation. This
issue was addressed through improved input validation.
CVE-2017-2378: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2386: André Bargull
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-9642: Gustavo Grieco
CVE-2017-2394: Apple
CVE-2017-2396: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2395: Apple
CVE-2017-2454: Ivan Fratric of Google Project Zero
CVE-2017-2455: Ivan Fratric of Google Project Zero
CVE-2017-2459: Ivan Fratric of Google Project Zero
CVE-2017-2460: Ivan Fratric of Google Project Zero
CVE-2017-2464: Natalie Silvanovich of Google Project Zero, Jeonghoon
Shin
CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab
CVE-2017-2466: Ivan Fratric of Google Project Zero
CVE-2017-2468: lokihardt of Google Project Zero
CVE-2017-2469: lokihardt of Google Project Zero
CVE-2017-2470: lokihardt of Google Project Zero
CVE-2017-2476: Ivan Fratric of Google Project Zero
CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
unexpectedly unenforced Content Security Policy
Description: An access issue existed in Content Security Policy. This
issue was addressed through improved access restrictions.
CVE-2017-2419: Nicolai Grødum of Cisco Systems
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An information disclosure issue existed in the
processing of OpenGL shaders. This issue was addressed through
improved memory management.
CVE-2017-2424: Paul Thomson (using the GLFuzz tool) of the Multicore
Programming Group, Imperial College London
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2433: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2364: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A validation issue existed in the handling of page
loading. This issue was addressed through improved logic.
CVE-2017-2367: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of frame objects.
This issue was addressed with improved state management.
CVE-2017-2445: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed in the handling of strict mode
functions. This issue was addressed with improved state management.
CVE-2017-2446: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a maliciously crafted website may compromise user
information
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2447: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame handling. This issue was
addressed through improved state management.
CVE-2017-2475: lokihardt of Google Project Zero
WebKit JavaScript Bindings
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2442: lokihardt of Google Project Zero
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Closing a window while paused in the debugger may lead to
unexpected application termination
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2377: Vicki Pfau
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2405: Apple
Installation note:
Safari 10.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo6AAoJEIOj74w0bLRGhF4QALEOLTqQHF6gZnvahvF3wasA
86D3oE4LHUVVSiRq5qLr0mT2Tm4/qQEwDrbUgA7lqR5jJ1ZxB+6cNJf8AeGYwSYs
NYx3kzhSV6y2Bw98JE3NIPbEsnYNKyYK6ExJLpwHbt1a9HdU+VY8Z4tJiEs3pCRW
ndC6znbfia9p9PkLcv+mwkCrGQetgjuTzEofPoUPy1EKvexWiKImrlhtDlNSPP2I
b1v7puQfGTH2iGecMvCIENTyNW7OOmRwN7bzs7S5m+ztGBq1Ti6auAT/59mSD5HI
CQgqfTYPvvIN6oowMiGsy5l5uIAXF7/5eP9jyf2ygewGvVY26gum/PGskhWERRHl
RwYOwCs5EEfPRj0z2m+8BcRe5YVfrB8A1mSHkPQU+UaScwYxh0kjN9fsQPT1PCSd
Ks8H+1FVgcbTH2zp4bYPgdupyerX8Dh2cC3Doaemp4qW0d+/v5mhSPHq4zIBQoJ6
C5TsVM7JyVOMHXHGpWooyPDVVtzb5/ve0UgCqJ1rTFEzOFuJN313hP5f00woguTY
4B0NV+XlVrfmk3CWy7vx0grs5vKC6Vgz8rDilLeBfmVqUlZ4Hn75W24pEHIa24sB
lPDffw4xrnGYFASDRC/Ch464/myq9TIETzTkW5zzLw4jLnIAXjpPWusiT6gKdQP8
GmR5lxoaaeZxH8hQc5ui
=p/K5
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
| VAR-201704-0819 | CVE-2017-2445 | plural Apple Used in products WebKit Vulnerable to universal cross-site scripting |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities.
Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2.
===========================================================================
Ubuntu Security Notice USN-3257-1
April 10, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.10:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.10.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3257-1
CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367,
CVE-2017-2376, CVE-2017-2377, CVE-2017-2386, CVE-2017-2392,
CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405,
CVE-2017-2415, CVE-2017-2419, CVE-2017-2433, CVE-2017-2442,
CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454,
CVE-2017-2455, CVE-2017-2457, CVE-2017-2459, CVE-2017-2460,
CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468,
CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475,
CVE-2017-2476, CVE-2017-2481
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.04.1
.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: June 07, 2017
Bugs: #543650, #573656, #577068, #608958, #614876, #619788
ID: 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which allows remote attackers to execute arbitrary code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Impact
======
A remote attack can use multiple vectors to execute arbitrary code or
cause a denial of service condition.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4"
References
==========
[ 1 ] CVE-2015-2330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330
[ 2 ] CVE-2015-7096
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096
[ 3 ] CVE-2015-7098
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098
[ 4 ] CVE-2016-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723
[ 5 ] CVE-2016-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724
[ 6 ] CVE-2016-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725
[ 7 ] CVE-2016-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726
[ 8 ] CVE-2016-1727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727
[ 9 ] CVE-2016-1728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728
[ 10 ] CVE-2016-4692
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692
[ 11 ] CVE-2016-4743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743
[ 12 ] CVE-2016-7586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586
[ 13 ] CVE-2016-7587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587
[ 14 ] CVE-2016-7589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589
[ 15 ] CVE-2016-7592
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592
[ 16 ] CVE-2016-7598
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598
[ 17 ] CVE-2016-7599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599
[ 18 ] CVE-2016-7610
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610
[ 19 ] CVE-2016-7611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611
[ 20 ] CVE-2016-7623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623
[ 21 ] CVE-2016-7632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632
[ 22 ] CVE-2016-7635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635
[ 23 ] CVE-2016-7639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639
[ 24 ] CVE-2016-7640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640
[ 25 ] CVE-2016-7641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641
[ 26 ] CVE-2016-7642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642
[ 27 ] CVE-2016-7645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645
[ 28 ] CVE-2016-7646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646
[ 29 ] CVE-2016-7648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648
[ 30 ] CVE-2016-7649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649
[ 31 ] CVE-2016-7652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652
[ 32 ] CVE-2016-7654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654
[ 33 ] CVE-2016-7656
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656
[ 34 ] CVE-2016-9642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642
[ 35 ] CVE-2016-9643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643
[ 36 ] CVE-2017-2350
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350
[ 37 ] CVE-2017-2354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354
[ 38 ] CVE-2017-2355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355
[ 39 ] CVE-2017-2356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356
[ 40 ] CVE-2017-2362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362
[ 41 ] CVE-2017-2363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363
[ 42 ] CVE-2017-2364
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364
[ 43 ] CVE-2017-2365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365
[ 44 ] CVE-2017-2366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366
[ 45 ] CVE-2017-2367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367
[ 46 ] CVE-2017-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369
[ 47 ] CVE-2017-2371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371
[ 48 ] CVE-2017-2373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373
[ 49 ] CVE-2017-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376
[ 50 ] CVE-2017-2377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377
[ 51 ] CVE-2017-2386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386
[ 52 ] CVE-2017-2392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392
[ 53 ] CVE-2017-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394
[ 54 ] CVE-2017-2395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395
[ 55 ] CVE-2017-2396
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396
[ 56 ] CVE-2017-2405
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405
[ 57 ] CVE-2017-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415
[ 58 ] CVE-2017-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419
[ 59 ] CVE-2017-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433
[ 60 ] CVE-2017-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442
[ 61 ] CVE-2017-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445
[ 62 ] CVE-2017-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446
[ 63 ] CVE-2017-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447
[ 64 ] CVE-2017-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454
[ 65 ] CVE-2017-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455
[ 66 ] CVE-2017-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457
[ 67 ] CVE-2017-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459
[ 68 ] CVE-2017-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460
[ 69 ] CVE-2017-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464
[ 70 ] CVE-2017-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465
[ 71 ] CVE-2017-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466
[ 72 ] CVE-2017-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468
[ 73 ] CVE-2017-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469
[ 74 ] CVE-2017-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470
[ 75 ] CVE-2017-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471
[ 76 ] CVE-2017-2475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475
[ 77 ] CVE-2017-2476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476
[ 78 ] CVE-2017-2481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481
[ 79 ] CVE-2017-2496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496
[ 80 ] CVE-2017-2504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504
[ 81 ] CVE-2017-2505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505
[ 82 ] CVE-2017-2506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506
[ 83 ] CVE-2017-2508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508
[ 84 ] CVE-2017-2510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510
[ 85 ] CVE-2017-2514
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514
[ 86 ] CVE-2017-2515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515
[ 87 ] CVE-2017-2521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521
[ 88 ] CVE-2017-2525
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525
[ 89 ] CVE-2017-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526
[ 90 ] CVE-2017-2528
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528
[ 91 ] CVE-2017-2530
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530
[ 92 ] CVE-2017-2531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531
[ 93 ] CVE-2017-2536
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536
[ 94 ] CVE-2017-2539
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539
[ 95 ] CVE-2017-2544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544
[ 96 ] CVE-2017-2547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547
[ 97 ] CVE-2017-2549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549
[ 98 ] CVE-2017-6980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980
[ 99 ] CVE-2017-6984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-15
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-2 Safari 10.1
Safari 10.1 is now available and addresses the following:
CoreGraphics
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2017-2376: Chris Hlady of Google Inc, Muneaki Nishimura
(nishimunea) of Recruit Technologies Co., Ltd., Yuyang Zhou of
Tencent Security Platform Department (security.tencent.com), Michal
Zalewski of Google Inc, an anonymous researcher, an anonymous
researcher
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may present
authentication sheets over arbitrary web sites
Description: A spoofing issue existed in the handling of HTTP
authentication. This issue was addressed through making HTTP
authentication sheets non-modal.
CVE-2017-2389: ShenYeYinJiu of Tencent Security Response Center, TSRC
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: A spoofing issue existed in the handling of FaceTime
prompts. This issue was addressed through improved input validation.
CVE-2017-2453: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari Login AutoFill
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A local user may be able to access locked keychain items
Description: A keychain handling issue was addressed through improved
keychain item management.
CVE-2017-2385: Simon Woodside of MedStack
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Dragging and dropping a maliciously crafted link may lead to
bookmark spoofing or arbitrary code execution
Description: A validation issue existed in bookmark creation. This
issue was addressed through improved input validation.
CVE-2017-2378: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2386: André Bargull
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-9642: Gustavo Grieco
CVE-2017-2394: Apple
CVE-2017-2396: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2395: Apple
CVE-2017-2454: Ivan Fratric of Google Project Zero
CVE-2017-2455: Ivan Fratric of Google Project Zero
CVE-2017-2459: Ivan Fratric of Google Project Zero
CVE-2017-2460: Ivan Fratric of Google Project Zero
CVE-2017-2464: Natalie Silvanovich of Google Project Zero, Jeonghoon
Shin
CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab
CVE-2017-2466: Ivan Fratric of Google Project Zero
CVE-2017-2468: lokihardt of Google Project Zero
CVE-2017-2469: lokihardt of Google Project Zero
CVE-2017-2470: lokihardt of Google Project Zero
CVE-2017-2476: Ivan Fratric of Google Project Zero
CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
unexpectedly unenforced Content Security Policy
Description: An access issue existed in Content Security Policy. This
issue was addressed through improved access restrictions.
CVE-2017-2419: Nicolai Grødum of Cisco Systems
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An information disclosure issue existed in the
processing of OpenGL shaders. This issue was addressed through
improved memory management.
CVE-2017-2424: Paul Thomson (using the GLFuzz tool) of the Multicore
Programming Group, Imperial College London
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2433: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2364: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A validation issue existed in the handling of page
loading. This issue was addressed through improved logic.
CVE-2017-2367: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of frame objects.
This issue was addressed with improved state management.
CVE-2017-2445: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed in the handling of strict mode
functions. This issue was addressed with improved state management.
CVE-2017-2446: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a maliciously crafted website may compromise user
information
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2447: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame handling. This issue was
addressed through improved state management.
CVE-2017-2475: lokihardt of Google Project Zero
WebKit JavaScript Bindings
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2442: lokihardt of Google Project Zero
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Closing a window while paused in the debugger may lead to
unexpected application termination
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2377: Vicki Pfau
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2405: Apple
Installation note:
Safari 10.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo6AAoJEIOj74w0bLRGhF4QALEOLTqQHF6gZnvahvF3wasA
86D3oE4LHUVVSiRq5qLr0mT2Tm4/qQEwDrbUgA7lqR5jJ1ZxB+6cNJf8AeGYwSYs
NYx3kzhSV6y2Bw98JE3NIPbEsnYNKyYK6ExJLpwHbt1a9HdU+VY8Z4tJiEs3pCRW
ndC6znbfia9p9PkLcv+mwkCrGQetgjuTzEofPoUPy1EKvexWiKImrlhtDlNSPP2I
b1v7puQfGTH2iGecMvCIENTyNW7OOmRwN7bzs7S5m+ztGBq1Ti6auAT/59mSD5HI
CQgqfTYPvvIN6oowMiGsy5l5uIAXF7/5eP9jyf2ygewGvVY26gum/PGskhWERRHl
RwYOwCs5EEfPRj0z2m+8BcRe5YVfrB8A1mSHkPQU+UaScwYxh0kjN9fsQPT1PCSd
Ks8H+1FVgcbTH2zp4bYPgdupyerX8Dh2cC3Doaemp4qW0d+/v5mhSPHq4zIBQoJ6
C5TsVM7JyVOMHXHGpWooyPDVVtzb5/ve0UgCqJ1rTFEzOFuJN313hP5f00woguTY
4B0NV+XlVrfmk3CWy7vx0grs5vKC6Vgz8rDilLeBfmVqUlZ4Hn75W24pEHIa24sB
lPDffw4xrnGYFASDRC/Ch464/myq9TIETzTkW5zzLw4jLnIAXjpPWusiT6gKdQP8
GmR5lxoaaeZxH8hQc5ui
=p/K5
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
| VAR-201704-0807 | CVE-2017-2484 | Apple iOS of Phone Vulnerabilities sent to arbitrary numbers in components |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Phone" component. It allows attackers to trigger telephone calls to arbitrary numbers via a third-party app. Apple iOS of Phone The component contains a vulnerability that is sent to any number.An attacker could call any number through a third-party application. Apple iOS is prone to multiple security vulnerabilities.
Attackers can exploit these issues to obtain sensitive information, bypass security restrictions and perform unauthorized actions, will result in the execution of arbitrary script code in the browser of an unsuspecting user in the context of the affected site or gain sensitive information. Apple iOS is an operating system developed by Apple (Apple) for mobile devices
| VAR-201704-0809 | CVE-2017-2486 | Apple iOS Used in etc. Webkit Vulnerable to address bar spoofing |
CVSS V2: 4.3 CVSS V3: 6.5 Severity: MEDIUM |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site. Apple macOS/iOS is prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in the WebKit component of Apple iOS versions prior to 10.3 and Safari versions prior to 10.1
| VAR-201704-0808 | CVE-2017-2485 | plural Apple Vulnerability in arbitrary code execution in product security components |
CVSS V2: 9.3 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted X.509 certificate file. Apple iOS, WatchOS, macOS and tvOS are prone to a memory corruption vulnerability. Failed exploit attempts may result in a denial-of-service condition.
The following versions are affected:
Versions prior to Apple iOS 10.2
Versions prior to Apple watchOS 3.1.1
Versions prior to Apple tvOS 10.1
Versions prior to Apple macOS 10.12.4. in the United States. Apple iOS is an operating system developed for mobile devices; watchOS is a smart watch operating system; tvOS is a smart TV operating system
| VAR-201704-0810 | CVE-2017-2487 | plural Apple Product FontParser Vulnerability in arbitrary code execution in components |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. MacOS is a set of operating systems running on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable. FontParser is one of the font parsing components
| VAR-201704-0806 | CVE-2017-2483 | plural Apple Buffer overflow vulnerability in product kernel component |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. MacOS is a set of operating systems running on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable
| VAR-201704-0805 | CVE-2017-2482 | plural Apple Buffer overflow vulnerability in product kernel component |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. MacOS is a set of operating systems running on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable
| VAR-201704-0814 | CVE-2017-2440 | plural Apple Vulnerability in the kernel component of a product that allows arbitrary code execution in privileged contexts |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow) via a crafted app. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV.
Mac OS is an operating system that runs on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features.
There are integer overflows in the "Kernel" component of many Apple products. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-5 watchOS 3.2
watchOS 3.2 is now available and addresses the following:
Audio
Available for: All Apple Watch models
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2430: an anonymous researcher working with Trend Microas
Zero Day Initiative
CVE-2017-2462: an anonymous researcher working with Trend Microas
Zero Day Initiative
Carbon
Available for: All Apple Watch models
Impact: Processing a maliciously crafted .dfont file may lead to
arbitrary code execution
Description: A buffer overflow existed in the handling of font files.
This issue was addressed through improved bounds checking.
CVE-2017-2379: John Villamil, Doyensec, riusksk (ae3aY=) of Tencent
Security Platform Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An infinite recursion was addressed through improved
state management.
CVE-2017-2417: riusksk (ae3aY=) of Tencent Security Platform
Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2435: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2450: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted text message may lead to
application denial of service
Description: A resource exhaustion issue was addressed through
improved input validation.
CVE-2017-2461: Isaac Archambault of IDAoADI, an anonymous researcher
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2406: riusksk (ae3aY=) of Tencent Security Platform
Department
CVE-2017-2487: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Parsing a maliciously crafted font file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2407: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2439: John Villamil, Doyensec
HTTPProtocol
Available for: All Apple Watch models
Impact: A malicious HTTP/2 server may be able to cause undefined
behavior
Description: Multiple issues existed in nghttp2 before 1.17.0. These
were addressed by updating LibreSSL to version 1.17.0.
CVE-2017-2428
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2416: Qidan He (a1/2ae*a,1, @flanker_hqd) of KeenLab, Tencent
ImageIO
Available for: All Apple Watch models
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2432: an anonymous researcher working with Trend Micro's
Zero Day Initiative
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2467
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to unexpected
application termination
Description: An out-of-bound read existed in LibTIFF versions before
4.0.7. This was addressed by updating LibTIFF in ImageIO to version
4.0.7.
CVE-2016-3619
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2440: an anonymous researcher
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with root privileges
Description: A race condition was addressed through improved memory
handling.
CVE-2017-2456: lokihardt of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2472: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2473: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An off-by-one issue was addressed through improved
bounds checking.
CVE-2017-2474: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed through improved locking.
CVE-2017-2478: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2482: Ian Beer of Google Project Zero
CVE-2017-2483: Ian Beer of Google Project Zero
Keyboards
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2458: Shashank (@cyberboyIndia)
libarchive
Available for: All Apple Watch models
Impact: A local attacker may be able to change file system
permissions on arbitrary directories
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2017-2390: Omer Medan of enSilo Ltd
libc++abi
Available for: All Apple Watch models
Impact: Demangling a malicious C++ application may lead to arbitrary
code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2441
Security
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
root privileges
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2451: Alex Radocea of Longterm Security, Inc.
Security
Available for: All Apple Watch models
Impact: Processing a maliciously crafted x509 certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the parsing of
certificates. This issue was addressed through improved input
validation.
CVE-2017-2485: Aleksandar Nikolic of Cisco Talos
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGnz8P/2pCIIMej7VvKEMeeOblPHII
ZwaSR8nzRIlL5IsPgPcq/e2vkZoyPs3ee5dQGX4yJTgzEY0FuD1S/NxeFntxFlzm
8Ei+PQJco8xdZtlL1HXjg+UlY0HAm1TJGYyriDPjbJiqCBRktv3ta/uzJY+yvXK8
3KtO0PXmEGFod9eyQZIRqFZ6GLxNdeFIxabp1SkOoiGk29jC3E9YjgR5qldMAjfN
AuYWiBBhMOmal8dbnamtcJh93ElzuXX77cCUlw7wQMz6NaqNS3FWaGEUHsxn6y/4
P8XIfwYAaoWhaCJpEari+GkxmmuXmtbuKyMTDQqCWQyG3ThkYDk6kKQNcQMDbxnh
pcyEB7WI9sRQ7CoFH7rmyl8BqQr4Ys0uGPtRDvCVO91kNUMYXeBiNC+StyqWt6Wd
3p/QUxYnM+kG8Zd0lMEaF3LNolr1w54APxMYD3sW3/tOmf8C7d6+qGTGlrumizkD
Z0zr/xRNNpd0m4PVmlNt7YJMjN6s1xJwpEUC1n4FyRifdQktqsKMrumq7VGplHYO
VNKToB3BuHHjTi2HOocvUXfj55htqrCxETEyHD7NhKVpLEf15vDgyXKFGgF95/HR
gomW+ApttZNiz/vOOoI9DL2ZSOnwzo5uO8W4GYSpDpQ36YaYQj/jei2MgtVqqKo+
bNi/H1Oquz40IhKoGR/B
=4Uvv
-----END PGP SIGNATURE-----
| VAR-201704-0801 | CVE-2017-2478 | plural Apple Vulnerability in the kernel component of a product that allows arbitrary code execution in privileged contexts |
CVSS V2: 7.6 CVSS V3: 7.0 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. MacOS is a set of operating systems running on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable
| VAR-201704-0813 | CVE-2017-2439 | plural Apple Product FontParser Vulnerabilities that can capture important information in components |
CVSS V2: 5.8 CVSS V3: 7.1 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. Mac OS is an operating system that runs on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features. Apple iOS, tvOS, macOS and watchOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, perform unauthorized actions and gain elevated privileges; this may aid in launching further attacks.
Versions prior to iOS 10.3, watchOS 3.2, macOS 10.12.4, and tvOS 10.2 are vulnerable. FontParser is one of the font parsing components. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-5 watchOS 3.2
watchOS 3.2 is now available and addresses the following:
Audio
Available for: All Apple Watch models
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2430: an anonymous researcher working with Trend Microas
Zero Day Initiative
CVE-2017-2462: an anonymous researcher working with Trend Microas
Zero Day Initiative
Carbon
Available for: All Apple Watch models
Impact: Processing a maliciously crafted .dfont file may lead to
arbitrary code execution
Description: A buffer overflow existed in the handling of font files.
This issue was addressed through improved bounds checking.
CVE-2017-2379: John Villamil, Doyensec, riusksk (ae3aY=) of Tencent
Security Platform Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An infinite recursion was addressed through improved
state management.
CVE-2017-2417: riusksk (ae3aY=) of Tencent Security Platform
Department
CoreGraphics
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2435: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2450: John Villamil, Doyensec
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted text message may lead to
application denial of service
Description: A resource exhaustion issue was addressed through
improved input validation.
CVE-2017-2461: Isaac Archambault of IDAoADI, an anonymous researcher
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2406: riusksk (ae3aY=) of Tencent Security Platform
Department
CVE-2017-2487: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Parsing a maliciously crafted font file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2407: riusksk (ae3aY=) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2439: John Villamil, Doyensec
HTTPProtocol
Available for: All Apple Watch models
Impact: A malicious HTTP/2 server may be able to cause undefined
behavior
Description: Multiple issues existed in nghttp2 before 1.17.0. These
were addressed by updating LibreSSL to version 1.17.0.
CVE-2017-2428
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2416: Qidan He (a1/2ae*a,1, @flanker_hqd) of KeenLab, Tencent
ImageIO
Available for: All Apple Watch models
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2432: an anonymous researcher working with Trend Micro's
Zero Day Initiative
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2467
ImageIO
Available for: All Apple Watch models
Impact: Processing a maliciously crafted image may lead to unexpected
application termination
Description: An out-of-bound read existed in LibTIFF versions before
4.0.7. This was addressed by updating LibTIFF in ImageIO to version
4.0.7.
CVE-2016-3619
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2401: Lufeng Li of Qihoo 360 Vulcan Team
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An integer overflow was addressed through improved input
validation.
CVE-2017-2440: an anonymous researcher
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with root privileges
Description: A race condition was addressed through improved memory
handling.
CVE-2017-2456: lokihardt of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2472: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2473: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An off-by-one issue was addressed through improved
bounds checking.
CVE-2017-2474: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed through improved locking.
CVE-2017-2478: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2482: Ian Beer of Google Project Zero
CVE-2017-2483: Ian Beer of Google Project Zero
Keyboards
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2458: Shashank (@cyberboyIndia)
libarchive
Available for: All Apple Watch models
Impact: A local attacker may be able to change file system
permissions on arbitrary directories
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2017-2390: Omer Medan of enSilo Ltd
libc++abi
Available for: All Apple Watch models
Impact: Demangling a malicious C++ application may lead to arbitrary
code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2441
Security
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
root privileges
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2451: Alex Radocea of Longterm Security, Inc.
Security
Available for: All Apple Watch models
Impact: Processing a maliciously crafted x509 certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the parsing of
certificates. This issue was addressed through improved input
validation.
CVE-2017-2485: Aleksandar Nikolic of Cisco Talos
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGnz8P/2pCIIMej7VvKEMeeOblPHII
ZwaSR8nzRIlL5IsPgPcq/e2vkZoyPs3ee5dQGX4yJTgzEY0FuD1S/NxeFntxFlzm
8Ei+PQJco8xdZtlL1HXjg+UlY0HAm1TJGYyriDPjbJiqCBRktv3ta/uzJY+yvXK8
3KtO0PXmEGFod9eyQZIRqFZ6GLxNdeFIxabp1SkOoiGk29jC3E9YjgR5qldMAjfN
AuYWiBBhMOmal8dbnamtcJh93ElzuXX77cCUlw7wQMz6NaqNS3FWaGEUHsxn6y/4
P8XIfwYAaoWhaCJpEari+GkxmmuXmtbuKyMTDQqCWQyG3ThkYDk6kKQNcQMDbxnh
pcyEB7WI9sRQ7CoFH7rmyl8BqQr4Ys0uGPtRDvCVO91kNUMYXeBiNC+StyqWt6Wd
3p/QUxYnM+kG8Zd0lMEaF3LNolr1w54APxMYD3sW3/tOmf8C7d6+qGTGlrumizkD
Z0zr/xRNNpd0m4PVmlNt7YJMjN6s1xJwpEUC1n4FyRifdQktqsKMrumq7VGplHYO
VNKToB3BuHHjTi2HOocvUXfj55htqrCxETEyHD7NhKVpLEf15vDgyXKFGgF95/HR
gomW+ApttZNiz/vOOoI9DL2ZSOnwzo5uO8W4GYSpDpQ36YaYQj/jei2MgtVqqKo+
bNi/H1Oquz40IhKoGR/B
=4Uvv
-----END PGP SIGNATURE-----
| VAR-201704-0820 | CVE-2017-2446 | plural Apple Used in products WebKit Vulnerable to arbitrary code execution |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages the mishandling of strict mode functions. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2.
===========================================================================
Ubuntu Security Notice USN-3257-1
April 10, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.10:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.10.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.16.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.16.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3257-1
CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367,
CVE-2017-2376, CVE-2017-2377, CVE-2017-2386, CVE-2017-2392,
CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405,
CVE-2017-2415, CVE-2017-2419, CVE-2017-2433, CVE-2017-2442,
CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454,
CVE-2017-2455, CVE-2017-2457, CVE-2017-2459, CVE-2017-2460,
CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468,
CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475,
CVE-2017-2476, CVE-2017-2481
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.04.1
.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: June 07, 2017
Bugs: #543650, #573656, #577068, #608958, #614876, #619788
ID: 201706-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which allows remote attackers to execute arbitrary code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4"
References
==========
[ 1 ] CVE-2015-2330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330
[ 2 ] CVE-2015-7096
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096
[ 3 ] CVE-2015-7098
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098
[ 4 ] CVE-2016-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723
[ 5 ] CVE-2016-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724
[ 6 ] CVE-2016-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725
[ 7 ] CVE-2016-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726
[ 8 ] CVE-2016-1727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727
[ 9 ] CVE-2016-1728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728
[ 10 ] CVE-2016-4692
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692
[ 11 ] CVE-2016-4743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743
[ 12 ] CVE-2016-7586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586
[ 13 ] CVE-2016-7587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587
[ 14 ] CVE-2016-7589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589
[ 15 ] CVE-2016-7592
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592
[ 16 ] CVE-2016-7598
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598
[ 17 ] CVE-2016-7599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599
[ 18 ] CVE-2016-7610
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610
[ 19 ] CVE-2016-7611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611
[ 20 ] CVE-2016-7623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623
[ 21 ] CVE-2016-7632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632
[ 22 ] CVE-2016-7635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635
[ 23 ] CVE-2016-7639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639
[ 24 ] CVE-2016-7640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640
[ 25 ] CVE-2016-7641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641
[ 26 ] CVE-2016-7642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642
[ 27 ] CVE-2016-7645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645
[ 28 ] CVE-2016-7646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646
[ 29 ] CVE-2016-7648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648
[ 30 ] CVE-2016-7649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649
[ 31 ] CVE-2016-7652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652
[ 32 ] CVE-2016-7654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654
[ 33 ] CVE-2016-7656
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656
[ 34 ] CVE-2016-9642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642
[ 35 ] CVE-2016-9643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643
[ 36 ] CVE-2017-2350
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350
[ 37 ] CVE-2017-2354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354
[ 38 ] CVE-2017-2355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355
[ 39 ] CVE-2017-2356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356
[ 40 ] CVE-2017-2362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362
[ 41 ] CVE-2017-2363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363
[ 42 ] CVE-2017-2364
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364
[ 43 ] CVE-2017-2365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365
[ 44 ] CVE-2017-2366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366
[ 45 ] CVE-2017-2367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367
[ 46 ] CVE-2017-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369
[ 47 ] CVE-2017-2371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371
[ 48 ] CVE-2017-2373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373
[ 49 ] CVE-2017-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376
[ 50 ] CVE-2017-2377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377
[ 51 ] CVE-2017-2386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386
[ 52 ] CVE-2017-2392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392
[ 53 ] CVE-2017-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394
[ 54 ] CVE-2017-2395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395
[ 55 ] CVE-2017-2396
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396
[ 56 ] CVE-2017-2405
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405
[ 57 ] CVE-2017-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415
[ 58 ] CVE-2017-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419
[ 59 ] CVE-2017-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433
[ 60 ] CVE-2017-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442
[ 61 ] CVE-2017-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445
[ 62 ] CVE-2017-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446
[ 63 ] CVE-2017-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447
[ 64 ] CVE-2017-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454
[ 65 ] CVE-2017-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455
[ 66 ] CVE-2017-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457
[ 67 ] CVE-2017-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459
[ 68 ] CVE-2017-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460
[ 69 ] CVE-2017-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464
[ 70 ] CVE-2017-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465
[ 71 ] CVE-2017-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466
[ 72 ] CVE-2017-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468
[ 73 ] CVE-2017-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469
[ 74 ] CVE-2017-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470
[ 75 ] CVE-2017-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471
[ 76 ] CVE-2017-2475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475
[ 77 ] CVE-2017-2476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476
[ 78 ] CVE-2017-2481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481
[ 79 ] CVE-2017-2496
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496
[ 80 ] CVE-2017-2504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504
[ 81 ] CVE-2017-2505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505
[ 82 ] CVE-2017-2506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506
[ 83 ] CVE-2017-2508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508
[ 84 ] CVE-2017-2510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510
[ 85 ] CVE-2017-2514
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514
[ 86 ] CVE-2017-2515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515
[ 87 ] CVE-2017-2521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521
[ 88 ] CVE-2017-2525
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525
[ 89 ] CVE-2017-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526
[ 90 ] CVE-2017-2528
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528
[ 91 ] CVE-2017-2530
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530
[ 92 ] CVE-2017-2531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531
[ 93 ] CVE-2017-2536
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536
[ 94 ] CVE-2017-2539
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539
[ 95 ] CVE-2017-2544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544
[ 96 ] CVE-2017-2547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547
[ 97 ] CVE-2017-2549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549
[ 98 ] CVE-2017-6980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980
[ 99 ] CVE-2017-6984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-15
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-2 Safari 10.1
Safari 10.1 is now available and addresses the following:
CoreGraphics
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2017-2376: Chris Hlady of Google Inc, Muneaki Nishimura
(nishimunea) of Recruit Technologies Co., Ltd., Yuyang Zhou of
Tencent Security Platform Department (security.tencent.com), Michal
Zalewski of Google Inc, an anonymous researcher, an anonymous
researcher
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may present
authentication sheets over arbitrary web sites
Description: A spoofing issue existed in the handling of HTTP
authentication. This issue was addressed through making HTTP
authentication sheets non-modal.
CVE-2017-2389: ShenYeYinJiu of Tencent Security Response Center, TSRC
Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: A spoofing issue existed in the handling of FaceTime
prompts. This issue was addressed through improved input validation.
CVE-2017-2453: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari Login AutoFill
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A local user may be able to access locked keychain items
Description: A keychain handling issue was addressed through improved
keychain item management.
CVE-2017-2385: Simon Woodside of MedStack
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Dragging and dropping a maliciously crafted link may lead to
bookmark spoofing or arbitrary code execution
Description: A validation issue existed in bookmark creation. This
issue was addressed through improved input validation.
CVE-2017-2378: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2386: André Bargull
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-9642: Gustavo Grieco
CVE-2017-2394: Apple
CVE-2017-2396: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2395: Apple
CVE-2017-2454: Ivan Fratric of Google Project Zero
CVE-2017-2455: Ivan Fratric of Google Project Zero
CVE-2017-2459: Ivan Fratric of Google Project Zero
CVE-2017-2460: Ivan Fratric of Google Project Zero
CVE-2017-2464: Natalie Silvanovich of Google Project Zero, Jeonghoon
Shin
CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab
CVE-2017-2466: Ivan Fratric of Google Project Zero
CVE-2017-2468: lokihardt of Google Project Zero
CVE-2017-2469: lokihardt of Google Project Zero
CVE-2017-2470: lokihardt of Google Project Zero
CVE-2017-2476: Ivan Fratric of Google Project Zero
CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
unexpectedly unenforced Content Security Policy
Description: An access issue existed in Content Security Policy. This
issue was addressed through improved access restrictions.
CVE-2017-2419: Nicolai Grødum of Cisco Systems
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An information disclosure issue existed in the
processing of OpenGL shaders. This issue was addressed through
improved memory management.
CVE-2017-2424: Paul Thomson (using the GLFuzz tool) of the Multicore
Programming Group, Imperial College London
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2433: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2364: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A validation issue existed in the handling of page
loading. This issue was addressed through improved logic.
CVE-2017-2367: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of frame objects.
This issue was addressed with improved state management.
CVE-2017-2445: lokihardt of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed in the handling of strict mode
functions. This issue was addressed with improved state management.
CVE-2017-2446: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Visiting a maliciously crafted website may compromise user
information
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2447: Natalie Silvanovich of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2471: Ivan Fratric of Google Project Zero
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame handling. This issue was
addressed through improved state management.
CVE-2017-2475: lokihardt of Google Project Zero
WebKit JavaScript Bindings
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2442: lokihardt of Google Project Zero
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Closing a window while paused in the debugger may lead to
unexpected application termination
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2377: Vicki Pfau
WebKit Web Inspector
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2405: Apple
Installation note:
Safari 10.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo6AAoJEIOj74w0bLRGhF4QALEOLTqQHF6gZnvahvF3wasA
86D3oE4LHUVVSiRq5qLr0mT2Tm4/qQEwDrbUgA7lqR5jJ1ZxB+6cNJf8AeGYwSYs
NYx3kzhSV6y2Bw98JE3NIPbEsnYNKyYK6ExJLpwHbt1a9HdU+VY8Z4tJiEs3pCRW
ndC6znbfia9p9PkLcv+mwkCrGQetgjuTzEofPoUPy1EKvexWiKImrlhtDlNSPP2I
b1v7puQfGTH2iGecMvCIENTyNW7OOmRwN7bzs7S5m+ztGBq1Ti6auAT/59mSD5HI
CQgqfTYPvvIN6oowMiGsy5l5uIAXF7/5eP9jyf2ygewGvVY26gum/PGskhWERRHl
RwYOwCs5EEfPRj0z2m+8BcRe5YVfrB8A1mSHkPQU+UaScwYxh0kjN9fsQPT1PCSd
Ks8H+1FVgcbTH2zp4bYPgdupyerX8Dh2cC3Doaemp4qW0d+/v5mhSPHq4zIBQoJ6
C5TsVM7JyVOMHXHGpWooyPDVVtzb5/ve0UgCqJ1rTFEzOFuJN313hP5f00woguTY
4B0NV+XlVrfmk3CWy7vx0grs5vKC6Vgz8rDilLeBfmVqUlZ4Hn75W24pEHIa24sB
lPDffw4xrnGYFASDRC/Ch464/myq9TIETzTkW5zzLw4jLnIAXjpPWusiT6gKdQP8
GmR5lxoaaeZxH8hQc5ui
=p/K5
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/