15 matches found
SUSE: Security Advisory (SUSE-SU-2017:2933-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for webkit2gtk3 (important)
This update for webkit2gtk3 to version 2.18.0 fixes the following issues: These security issues were fixed: - CVE-2017-7039: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site...
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2017:2933-1)
This update for webkit2gtk3 to version 2.18.0 fixes the following issues: These security issues were fixed : - CVE-2017-7039: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted website...
Fedora 24 : webkitgtk4 (2017-9d572cc64a)
This update addresses the following vulnerabilities : - CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Additional fixes : - Fix rendering of spin buttons with GTK+ = 3.20 when the...
Fedora 25 : webkitgtk4 (2017-73d6a0dfbb)
This update addresses the following vulnerabilities : - CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Additional fixes : - Fix rendering of spin buttons with GTK+ = 3.20 when the...
iTunes < 12.6.2 Multiple Vulnerabilities
Binary data 700168.prm...
WebKit: JSC: UXSS via JSObject::putInlineSlow and JSValue::putToPrimitive(CVE-2017-7037)
JSObject::putInlineSlow and JSValue::putToPrimitive use getPrototypeDirect instead of getPrototype to get an object's prototype. So JSDOMWindow::getPrototype which checks the Same Origin Policy is not called. The PoC shows to call a setter of another origin's object. PoC 1 -...
CVE-2017-7037
creationtimestamp| type| source ---|---|--- 2017-07-25 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42378...
Apple iOS < 10.3.3 Multiple Vulnerabilities
Binary data appleios1033check.nbin...
WebKit JSC JSObject::putInlineSlow / JSValue::putToPrimitive XSS
WebKit: JSC: UXSS via JSObject::putInlineSlow and JSValue::putToPrimitive CVE-2017-7037 JSObject::putInlineSlow and JSValue::putToPrimitive use getPrototypeDirect instead of getPrototype to get an object's prototype. So JSDOMWindow::getPrototype which checks the Same Origin Policy is not called...
Apple iTunes < 12.6.2 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.6.2. It is, therefore, affected by multiple vulnerabilities : - Multiple out-of-bounds read errors exist in the libxml2 component due to improper handling of specially crafted XML documents. An unauthenticated, remote...
macOS : Apple Safari < 10.1.2 Multiple Vulnerabilities
The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 10.1.2. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the WebKit component due to improper handling of SVG filters. An unauthenticated, remote...
CVE-2017-7037
CVE-2017-7037 affects WebKit in multiple Apple platforms (iOS before 10.3.3, Safari before 10.1.2, tvOS before 10.2.2, iCloud/iTunes on Windows). Root issue: memory handling/processing of malicious web content in WebKit could allow arbitrary code execution or cross-origin data leakage when handli...
CVE-2017-7037
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote...
About the security content of iCloud for Windows 6.2.2
About the security content of iCloud for Windows 6.2.2 This document describes the security content of iCloud for Windows 6.2.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...