16 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-7064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected...
Apple Webkit Authentication Bypass (CVE-2017-7064)
An authentication bypass vulnerability exists in Apple Webkit. Successful exploitation of this vulnerability could allow a remote attacker to gain access to a target system...
Security update for webkit2gtk3 (important)
This update for webkit2gtk3 to version 2.18.0 fixes the following issues: These security issues were fixed: - CVE-2017-7039: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site...
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2017:2933-1)
This update for webkit2gtk3 to version 2.18.0 fixes the following issues: These security issues were fixed : - CVE-2017-7039: An issue was fixed that allowed remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted website...
Fedora 24 : webkitgtk4 (2017-9d572cc64a)
This update addresses the following vulnerabilities : - CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Additional fixes : - Fix rendering of spin buttons with GTK+ = 3.20 when the...
Fedora 25 : webkitgtk4 (2017-73d6a0dfbb)
This update addresses the following vulnerabilities : - CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Additional fixes : - Fix rendering of spin buttons with GTK+ = 3.20 when the...
WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy(CVE-2017-7064)
WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy Here's a snippet of JSArray::appendMemcpy. bool JSArray::appendMemcpyExecState exec, VM& vm, unsigned startIndex, JSC::JSArray otherArray auto scope = DECLARETHROWSCOPEvm; if !canFastCopyvm, otherArray return false; IndexingType type =...
iTunes < 12.6.2 Multiple Vulnerabilities
Binary data 700168.prm...
CVE-2017-7064
creationtimestamp| type| source ---|---|--- 2017-07-25 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42375...
WebKit JSC JSArray::appendMemcpy Uninitialized Memory Copy
WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy CVE-2017-7064 WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy Here's a snippet of JSArray::appendMemcpy. bool JSArray::appendMemcpyExecState exec, VM& vm, unsigned startIndex, JSC::JSArray otherArray auto scope =...
Apple iTunes < 12.6.2 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.6.2. It is, therefore, affected by multiple vulnerabilities : - Multiple out-of-bounds read errors exist in the libxml2 component due to improper handling of specially crafted XML documents. An unauthenticated, remote...
WebKit JSC JSArray::appendMemcpy Uninitialized Memory Copy Vulnerability
WebKit suffers from a JSC JSArray::appendMemcpy uninitialized memory copy vulnerability. WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy CVE-2017-7064 WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy Here's a snippet of JSArray::appendMemcpy. bool...
macOS : Apple Safari < 10.1.2 Multiple Vulnerabilities
The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 10.1.2. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the WebKit component due to improper handling of SVG filters. An unauthenticated, remote...
CVE-2017-7064
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-rea...
CVE-2017-7064
CVE-2017-7064 affects WebKit-based components across Apple and WebKitGTK+ ecosystems. The issue is a memory access/read restriction bypass in the WebKit component, exploitable via crafted web content. Affected products include iOS 10.3.x, Safari 10.x, and WebKitGTK+ shipped with GTK+ deployments ...
About the security content of iCloud for Windows 6.2.2
About the security content of iCloud for Windows 6.2.2 This document describes the security content of iCloud for Windows 6.2.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...