CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS
Percentile
68.2%
An issue was discovered in certain Apple products. iOS before 10.3.3 is
affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected.
The issue involves the “WebKit” component. It allows remote attackers to
conduct a timing side-channel attack to bypass the Same Origin Policy and
obtain sensitive information via a crafted web site that uses SVG filters.
www.securitytracker.com/id/1038950
launchpad.net/bugs/cve/CVE-2017-7006
nvd.nist.gov/vuln/detail/CVE-2017-7006
security-tracker.debian.org/tracker/CVE-2017-7006
support.apple.com/HT207921
support.apple.com/HT207923
support.apple.com/HT207924
webkitgtk.org/security/WSA-2017-0006.html
www.cve.org/CVERecord?id=CVE-2017-7006
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS
Percentile
68.2%