Lucene search
K

5 matches found

Packet Storm
Packet Storm
•added 2017/04/09 12:0 a.m.•54 views

Apple WebKit disconnectSubframes UXSS

Apple WebKit: UXSS via disconnectSubframes CVE-2017-2445 When an element is removed from a document, the function |disconnectSubframes| is called to detach its subframesiframe tag, object tag, etc.. Here is a snippet of |disconnectSubframes|. void disconnectSubframesContainerNode& root,...

4.3CVSS0.04237EPSS
Exploits3
seebug.org
seebug.org
•added 2017/04/04 12:0 a.m.•33 views

Apple WebKit: UXSS via disconnectSubframes (CVE-2017-2445)

When an element is removed from a document, the function |disconnectSubframes| is called to detach its subframesiframe tag, object tag, etc.. Here is a snippet of |disconnectSubframes|. void disconnectSubframesContainerNode& root, SubframeDisconnectPolicy policy ... Vector frameOwners; if policy ...

4.3CVSS7.4AI score0.04237EPSS
Exploits3
Circl
Circl
•added 2017/04/04 12:0 a.m.•12 views

CVE-2017-2445

creationtimestamp| type| source ---|---|--- 2017-04-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41802...

6.1CVSS6.8AI score0.04237EPSS
Exploits3References1
OSV
OSV
•added 2017/04/02 1:59 a.m.•4 views

CVE-2017-2445

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via crafted frame objects...

6.1CVSS5AI score
Exploits0References7
CVE
CVE
•added 2017/04/02 1:36 a.m.•116 views

CVE-2017-2445

CVE-2017-2445 is a UXSS/ cross-site scripting issue in WebKit used by Safari on iOS (and Safari/tvOS WebKit variants). The root cause is a validation/memory handling weakness in frame objects that can be triggered by crafted web content, enabling remote UXSS attacks. Affected platforms include iO...

6.1CVSS5.8AI score0.04237EPSS
Exploits3References7Affected Software3
Rows per page
Query Builder