cvelistv5 - CVE-2017-2360

CVE-2017-2360 (GCVE-0-2017-2360)

Vulnerability from cvelistv5 – Published: 2017-02-20 08:35 – Updated: 2024-08-05 13:48

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	http://www.securityfocus.com/bid/95729	vdb-entryx_refsource_BID
	https://support.apple.com/HT207487	x_refsource_CONFIRM
	https://support.apple.com/HT207483	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/95731	vdb-entryx_refsource_BID
	https://support.apple.com/HT207485	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/41165/	exploitx_refsource_EXPLOIT-DB
	https://support.apple.com/HT207482	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037668	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:48:05.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95729",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95729"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT207487"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT207483"
          },
          {
            "name": "95731",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95731"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT207485"
          },
          {
            "name": "41165",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41165/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT207482"
          },
          {
            "name": "1037668",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037668"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-02-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-01T09:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "95729",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95729"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT207487"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT207483"
        },
        {
          "name": "95731",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95731"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT207485"
        },
        {
          "name": "41165",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41165/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT207482"
        },
        {
          "name": "1037668",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037668"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2017-2360",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95729",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95729"
            },
            {
              "name": "https://support.apple.com/HT207487",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT207487"
            },
            {
              "name": "https://support.apple.com/HT207483",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT207483"
            },
            {
              "name": "95731",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95731"
            },
            {
              "name": "https://support.apple.com/HT207485",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT207485"
            },
            {
              "name": "41165",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41165/"
            },
            {
              "name": "https://support.apple.com/HT207482",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT207482"
            },
            {
              "name": "1037668",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037668"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2017-2360",
    "datePublished": "2017-02-20T08:35:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-08-05T13:48:05.288Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.2.1\", \"matchCriteriaId\": \"9F9688ED-4532-49E5-80C8-C59D0017D3CB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.12.3\", \"matchCriteriaId\": \"2C0A5654-F7F3-44BB-8435-58CBA014E30F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.1.1\", \"matchCriteriaId\": \"1E8B1972-710B-4BEC-A25D-D429929A5D80\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.1.3\", \"matchCriteriaId\": \"C9540262-A485-409C-862B-81F607E120B7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:webkitgtk:webkitgtk\\\\+:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.16.3\", \"matchCriteriaId\": \"1DA72FCA-BC36-46FE-89F4-087C01633348\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \\\"Kernel\\\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 est\\u00e1 afectado. macOS en versiones anteriores a 10.12.3 est\\u00e1 afectado. tvOS en versiones anteriores a 10.1.1 est\\u00e1 afectado. watchOS en versiones anteriores a 3.1.3 est\\u00e1 afectado. El problema involucra al componente \\\"Kernel\\\". Esto permite a atacantes ejecutar c\\u00f3digo arbitrario en un contexto privilegiado o provocar una denegaci\\u00f3n de servicio (uso despu\\u00e9s de liberaci\\u00f3n de memoria) a trav\\u00e9s de una aplicaci\\u00f3n manipulada.\"}]",
      "id": "CVE-2017-2360",
      "lastModified": "2024-11-21T03:23:21.940",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2017-02-20T08:59:04.980",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/95729\", \"source\": \"product-security@apple.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/95731\", \"source\": \"product-security@apple.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037668\", \"source\": \"product-security@apple.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.apple.com/HT207482\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT207483\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT207485\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT207487\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41165/\", \"source\": \"product-security@apple.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/95729\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/95731\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037668\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.apple.com/HT207482\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT207483\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT207485\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT207487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41165/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "product-security@apple.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-2360\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2017-02-20T08:59:04.980\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \\\"Kernel\\\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 est\u00e1 afectado. macOS en versiones anteriores a 10.12.3 est\u00e1 afectado. tvOS en versiones anteriores a 10.1.1 est\u00e1 afectado. watchOS en versiones anteriores a 3.1.3 est\u00e1 afectado. El problema involucra al componente \\\"Kernel\\\". Esto permite a atacantes ejecutar c\u00f3digo arbitrario en un contexto privilegiado o provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n de memoria) a trav\u00e9s de una aplicaci\u00f3n manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2.1\",\"matchCriteriaId\":\"9F9688ED-4532-49E5-80C8-C59D0017D3CB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.12.3\",\"matchCriteriaId\":\"2C0A5654-F7F3-44BB-8435-58CBA014E30F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.1.1\",\"matchCriteriaId\":\"1E8B1972-710B-4BEC-A25D-D429929A5D80\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.1.3\",\"matchCriteriaId\":\"C9540262-A485-409C-862B-81F607E120B7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webkitgtk:webkitgtk\\\\+:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.16.3\",\"matchCriteriaId\":\"1DA72FCA-BC36-46FE-89F4-087C01633348\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/95729\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/95731\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037668\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.apple.com/HT207482\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT207483\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT207485\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT207487\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/41165/\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/95729\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/95731\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037668\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.apple.com/HT207482\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT207483\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT207485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT207487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/41165/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

FKIE_CVE-2017-2360

Vulnerability from fkie_nvd - Published: 2017-02-20 08:59 - Updated: 2025-04-20 01:37

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
product-security@apple.com	http://www.securityfocus.com/bid/95729	Third Party Advisory, VDB Entry
product-security@apple.com	http://www.securityfocus.com/bid/95731	Third Party Advisory, VDB Entry
product-security@apple.com	http://www.securitytracker.com/id/1037668	Third Party Advisory, VDB Entry
product-security@apple.com	https://support.apple.com/HT207482	Vendor Advisory
product-security@apple.com	https://support.apple.com/HT207483	Vendor Advisory
product-security@apple.com	https://support.apple.com/HT207485	Vendor Advisory
product-security@apple.com	https://support.apple.com/HT207487	Vendor Advisory
product-security@apple.com	https://www.exploit-db.com/exploits/41165/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95729	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95731	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037668	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT207482	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT207483	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT207485	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT207487	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/41165/	Exploit, Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
apple	iphone_os	*
apple	mac_os_x	*
apple	tvos	*
apple	watchos	*
webkitgtk	webkitgtk\+	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F9688ED-4532-49E5-80C8-C59D0017D3CB",
              "versionEndExcluding": "10.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0A5654-F7F3-44BB-8435-58CBA014E30F",
              "versionEndExcluding": "10.12.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B1972-710B-4BEC-A25D-D429929A5D80",
              "versionEndExcluding": "10.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9540262-A485-409C-862B-81F607E120B7",
              "versionEndExcluding": "3.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DA72FCA-BC36-46FE-89F4-087C01633348",
              "versionEndExcluding": "2.16.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 est\u00e1 afectado. macOS en versiones anteriores a 10.12.3 est\u00e1 afectado. tvOS en versiones anteriores a 10.1.1 est\u00e1 afectado. watchOS en versiones anteriores a 3.1.3 est\u00e1 afectado. El problema involucra al componente \"Kernel\". Esto permite a atacantes ejecutar c\u00f3digo arbitrario en un contexto privilegiado o provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n de memoria) a trav\u00e9s de una aplicaci\u00f3n manipulada."
    }
  ],
  "id": "CVE-2017-2360",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-02-20T08:59:04.980",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95729"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95731"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037668"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT207482"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT207483"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT207485"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT207487"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/41165/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95731"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT207482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT207483"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT207485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT207487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/41165/"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2017-2360

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-2360

Aliases

CVE-2017-2360

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-2360",
    "description": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.",
    "id": "GSD-2017-2360",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2017-2360"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-2360"
      ],
      "details": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.",
      "id": "GSD-2017-2360",
      "modified": "2023-12-13T01:21:05.590860Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2017-2360",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "95729",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/95729"
          },
          {
            "name": "https://support.apple.com/HT207487",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT207487"
          },
          {
            "name": "https://support.apple.com/HT207483",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT207483"
          },
          {
            "name": "95731",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/95731"
          },
          {
            "name": "https://support.apple.com/HT207485",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT207485"
          },
          {
            "name": "41165",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/41165/"
          },
          {
            "name": "https://support.apple.com/HT207482",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT207482"
          },
          {
            "name": "1037668",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037668"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.2.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.12.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.1.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.1.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.16.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2017-2360"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.apple.com/HT207487",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT207487"
            },
            {
              "name": "https://support.apple.com/HT207485",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT207485"
            },
            {
              "name": "https://support.apple.com/HT207483",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT207483"
            },
            {
              "name": "https://support.apple.com/HT207482",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT207482"
            },
            {
              "name": "95731",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/95731"
            },
            {
              "name": "95729",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/95729"
            },
            {
              "name": "1037668",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1037668"
            },
            {
              "name": "41165",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/41165/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-03-11T12:59Z",
      "publishedDate": "2017-02-20T08:59Z"
    }
  }
}

CNVD-2017-01092

Vulnerability from cnvd - Published: 2017-02-08

Title

Apple iOS/tvOS/watchOS任意代码执行漏洞

Description

Apple iOS, tvOS和watchOS都是美国苹果（Apple）公司的产品。Apple iOS是为移动设备所开发的一套操作系统；tvOS是一套智能电视操作系统；Apple watchOS是一套智能手表操作系统。 Apple iOS,tvOS和watchOS存在任意代码执行漏洞。攻击者可利用此漏洞使用内核权限执行任意代码，失败的攻击会导致拒绝服务。

Severity

高

Patch Name

Apple iOS/tvOS/watchOS任意代码执行漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.apple.com/

Reference

http://www.securityfocus.com/bid/95729

Impacted products

Name
['Apple iOS', 'Apple tvOS', 'Apple watchOS']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "95729"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2360",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2360"
    }
  },
  "description": "Apple iOS, tvOS\u548cwatchOS\u90fd\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Apple iOS\u662f\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u4e00\u5957\u64cd\u4f5c\u7cfb\u7edf\uff1btvOS\u662f\u4e00\u5957\u667a\u80fd\u7535\u89c6\u64cd\u4f5c\u7cfb\u7edf\uff1bApple watchOS\u662f\u4e00\u5957\u667a\u80fd\u624b\u8868\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple iOS,tvOS\u548cwatchOS\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u4f7f\u7528\u5185\u6838\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5931\u8d25\u7684\u653b\u51fb\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Ian Beer of Google Project Zero",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.apple.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-01092",
  "openTime": "2017-02-08",
  "patchDescription": "Apple iOS, tvOS\u548cwatchOS\u90fd\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Apple iOS\u662f\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u4e00\u5957\u64cd\u4f5c\u7cfb\u7edf\uff1btvOS\u662f\u4e00\u5957\u667a\u80fd\u7535\u89c6\u64cd\u4f5c\u7cfb\u7edf\uff1bApple watchOS\u662f\u4e00\u5957\u667a\u80fd\u624b\u8868\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple iOS,tvOS\u548cwatchOS\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u4f7f\u7528\u5185\u6838\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5931\u8d25\u7684\u653b\u51fb\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apple iOS/tvOS/watchOS\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apple  iOS",
      "Apple tvOS",
      "Apple watchOS"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/95729",
  "serverity": "\u9ad8",
  "submitTime": "2017-01-25",
  "title": "Apple iOS/tvOS/watchOS\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

GHSA-32QP-FH8C-XVWW

Vulnerability from github – Published: 2022-05-14 01:23 – Updated: 2025-04-20 03:33

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-2360"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-02-20T08:59:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.",
  "id": "GHSA-32qp-fh8c-xvww",
  "modified": "2025-04-20T03:33:14Z",
  "published": "2022-05-14T01:23:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2360"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT207482"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT207483"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT207485"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT207487"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/41165"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95729"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95731"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037668"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2017-AVI-028

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	tvOS versions antérieures à 10.1.1
Apple	N/A	iTunes pour Windows versions antérieures à 12.5.5
Apple	N/A	iCloud pour Windows versions antérieures à 6.1.1
Apple	macOS	macOS Sierra versions antérieures à 10.12.3
Apple	Safari	Safari versions antérieures à 10.0.3
Apple	N/A	iOS versions antérieures à 10.2.1
Apple	N/A	watchOS versions antérieures à 3.1.3

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT207485 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207482 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207483 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207481 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207487 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207484 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207486 du 23 janvier 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 10.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iTunes pour Windows versions ant\u00e9rieures \u00e0 12.5.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 6.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sierra versions ant\u00e9rieures \u00e0 10.12.3",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 10.0.3",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 10.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 3.1.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-7615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7615"
    },
    {
      "name": "CVE-2016-7643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7643"
    },
    {
      "name": "CVE-2016-7589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7589"
    },
    {
      "name": "CVE-2017-2358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2358"
    },
    {
      "name": "CVE-2017-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2369"
    },
    {
      "name": "CVE-2016-9933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9933"
    },
    {
      "name": "CVE-2016-7591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7591"
    },
    {
      "name": "CVE-2016-7637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7637"
    },
    {
      "name": "CVE-2016-4688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4688"
    },
    {
      "name": "CVE-2017-2371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2371"
    },
    {
      "name": "CVE-2016-7616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7616"
    },
    {
      "name": "CVE-2016-7659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7659"
    },
    {
      "name": "CVE-2017-2353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2353"
    },
    {
      "name": "CVE-2016-7663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7663"
    },
    {
      "name": "CVE-2016-7626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7626"
    },
    {
      "name": "CVE-2017-2365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2365"
    },
    {
      "name": "CVE-2016-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7595"
    },
    {
      "name": "CVE-2016-7657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7657"
    },
    {
      "name": "CVE-2017-2357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2357"
    },
    {
      "name": "CVE-2017-2370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2370"
    },
    {
      "name": "CVE-2016-7588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7588"
    },
    {
      "name": "CVE-2016-7636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7636"
    },
    {
      "name": "CVE-2017-2356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2356"
    },
    {
      "name": "CVE-2017-2352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2352"
    },
    {
      "name": "CVE-2017-2360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2360"
    },
    {
      "name": "CVE-2017-2363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2363"
    },
    {
      "name": "CVE-2016-1248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1248"
    },
    {
      "name": "CVE-2016-7651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7651"
    },
    {
      "name": "CVE-2016-7621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7621"
    },
    {
      "name": "CVE-2016-7606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7606"
    },
    {
      "name": "CVE-2016-8687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8687"
    },
    {
      "name": "CVE-2017-2361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2361"
    },
    {
      "name": "CVE-2017-2366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2366"
    },
    {
      "name": "CVE-2017-2373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2373"
    },
    {
      "name": "CVE-2016-4691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4691"
    },
    {
      "name": "CVE-2017-2351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2351"
    },
    {
      "name": "CVE-2017-2362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2362"
    },
    {
      "name": "CVE-2016-4693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4693"
    },
    {
      "name": "CVE-2016-7658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7658"
    },
    {
      "name": "CVE-2016-7662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7662"
    },
    {
      "name": "CVE-2016-7660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7660"
    },
    {
      "name": "CVE-2016-7612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7612"
    },
    {
      "name": "CVE-2017-2350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2350"
    },
    {
      "name": "CVE-2016-7644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7644"
    },
    {
      "name": "CVE-2017-2364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2364"
    },
    {
      "name": "CVE-2016-7627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7627"
    },
    {
      "name": "CVE-2016-8670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8670"
    },
    {
      "name": "CVE-2016-7607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7607"
    },
    {
      "name": "CVE-2017-2354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2354"
    },
    {
      "name": "CVE-2016-7594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7594"
    },
    {
      "name": "CVE-2016-7619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7619"
    },
    {
      "name": "CVE-2016-9934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9934"
    },
    {
      "name": "CVE-2017-2368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2368"
    },
    {
      "name": "CVE-2017-2355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2355"
    },
    {
      "name": "CVE-2017-2359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2359"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-028",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-01-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207485 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207485"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207482 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207482"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207483 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207483"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207481 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207481"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207487 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207487"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207484 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207484"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207486 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207486"
    }
  ]
}

CERTFR-2017-AVI-028

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	tvOS versions antérieures à 10.1.1
Apple	N/A	iTunes pour Windows versions antérieures à 12.5.5
Apple	N/A	iCloud pour Windows versions antérieures à 6.1.1
Apple	macOS	macOS Sierra versions antérieures à 10.12.3
Apple	Safari	Safari versions antérieures à 10.0.3
Apple	N/A	iOS versions antérieures à 10.2.1
Apple	N/A	watchOS versions antérieures à 3.1.3

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT207485 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207482 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207483 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207481 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207487 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207484 du 23 janvier 2017	None	vendor-advisory
Bulletin de sécurité Apple HT207486 du 23 janvier 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 10.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iTunes pour Windows versions ant\u00e9rieures \u00e0 12.5.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 6.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sierra versions ant\u00e9rieures \u00e0 10.12.3",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 10.0.3",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 10.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 3.1.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-7615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7615"
    },
    {
      "name": "CVE-2016-7643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7643"
    },
    {
      "name": "CVE-2016-7589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7589"
    },
    {
      "name": "CVE-2017-2358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2358"
    },
    {
      "name": "CVE-2017-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2369"
    },
    {
      "name": "CVE-2016-9933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9933"
    },
    {
      "name": "CVE-2016-7591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7591"
    },
    {
      "name": "CVE-2016-7637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7637"
    },
    {
      "name": "CVE-2016-4688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4688"
    },
    {
      "name": "CVE-2017-2371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2371"
    },
    {
      "name": "CVE-2016-7616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7616"
    },
    {
      "name": "CVE-2016-7659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7659"
    },
    {
      "name": "CVE-2017-2353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2353"
    },
    {
      "name": "CVE-2016-7663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7663"
    },
    {
      "name": "CVE-2016-7626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7626"
    },
    {
      "name": "CVE-2017-2365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2365"
    },
    {
      "name": "CVE-2016-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7595"
    },
    {
      "name": "CVE-2016-7657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7657"
    },
    {
      "name": "CVE-2017-2357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2357"
    },
    {
      "name": "CVE-2017-2370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2370"
    },
    {
      "name": "CVE-2016-7588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7588"
    },
    {
      "name": "CVE-2016-7636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7636"
    },
    {
      "name": "CVE-2017-2356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2356"
    },
    {
      "name": "CVE-2017-2352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2352"
    },
    {
      "name": "CVE-2017-2360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2360"
    },
    {
      "name": "CVE-2017-2363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2363"
    },
    {
      "name": "CVE-2016-1248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1248"
    },
    {
      "name": "CVE-2016-7651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7651"
    },
    {
      "name": "CVE-2016-7621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7621"
    },
    {
      "name": "CVE-2016-7606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7606"
    },
    {
      "name": "CVE-2016-8687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8687"
    },
    {
      "name": "CVE-2017-2361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2361"
    },
    {
      "name": "CVE-2017-2366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2366"
    },
    {
      "name": "CVE-2017-2373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2373"
    },
    {
      "name": "CVE-2016-4691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4691"
    },
    {
      "name": "CVE-2017-2351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2351"
    },
    {
      "name": "CVE-2017-2362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2362"
    },
    {
      "name": "CVE-2016-4693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4693"
    },
    {
      "name": "CVE-2016-7658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7658"
    },
    {
      "name": "CVE-2016-7662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7662"
    },
    {
      "name": "CVE-2016-7660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7660"
    },
    {
      "name": "CVE-2016-7612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7612"
    },
    {
      "name": "CVE-2017-2350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2350"
    },
    {
      "name": "CVE-2016-7644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7644"
    },
    {
      "name": "CVE-2017-2364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2364"
    },
    {
      "name": "CVE-2016-7627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7627"
    },
    {
      "name": "CVE-2016-8670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8670"
    },
    {
      "name": "CVE-2016-7607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7607"
    },
    {
      "name": "CVE-2017-2354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2354"
    },
    {
      "name": "CVE-2016-7594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7594"
    },
    {
      "name": "CVE-2016-7619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7619"
    },
    {
      "name": "CVE-2016-9934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9934"
    },
    {
      "name": "CVE-2017-2368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2368"
    },
    {
      "name": "CVE-2017-2355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2355"
    },
    {
      "name": "CVE-2017-2359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2359"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-028",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-01-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207485 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207485"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207482 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207482"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207483 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207483"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207481 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207481"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207487 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207487"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207484 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207484"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT207486 du 23 janvier 2017",
      "url": "https://support.apple.com/en-us/HT207486"
    }
  ]
}

VAR-201702-0874

Vulnerability from variot - Updated: 2023-12-18 11:05

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. Apple iOS is a set of operating systems developed for mobile devices; tvOS is a set of smart TV operating systems; Apple watchOS is a set of smart watch operating systems.

Apple iOS, tvOS and watchOS have arbitrary code execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Versions prior to iOS 10.2.1, watchOS 3.1.3 and tvOS 10.1.1 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

APPLE-SA-2017-01-23-1 iOS 10.2.1

iOS 10.2.1 is now available and addresses the following:

Auto Unlock Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Auto Unlock may unlock when Apple Watch is off the user's wrist Description: A logic issue was addressed through improved state management. CVE-2017-2352: Ashley Fernandez of raptAware Pty Ltd

Contacts Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing a maliciously crafted contact card may lead to unexpected application termination Description: An input validation issue existed in the parsing of contact cards. This issue was addressed through improved input validation. CVE-2017-2368: Vincent Desmurs (vincedes3)

Kernel Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-2370: Ian Beer of Google Project Zero

Kernel Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2017-2360: Ian Beer of Google Project Zero

libarchive Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2016-8687: Agostino Sarubbo of Gentoo

WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A prototype access issue was addressed through improved exception handling. CVE-2017-2350: Gareth Heyes of Portswigger Web Security

WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-2354: Neymar of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative CVE-2017-2362: Ivan Fratric of Google Project Zero CVE-2017-2373: Ivan Fratric of Google Project Zero

WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2017-2356: Team Pangu and lokihardt at PwnFest 2016 CVE-2017-2366: Kai Kang of Tencent's Xuanwu Lab (tencent.com) CVE-2017-2369: Ivan Fratric of Google Project Zero

WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: Multiple validation issues existed in the handling of page loading. This issue was addressed through improved logic. CVE-2017-2363: lokihardt of Google Project Zero CVE-2017-2364: lokihardt of Google Project Zero

WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A malicious website can open popups Description: An issue existed in the handling of blocking popups. This was addressed through improved input validation. CVE-2017-2371: lokihardt of Google Project Zero

WebKit Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A validation issue existed in variable handling. This issue was addressed through improved validation. CVE-2017-2365: lokihardt of Google Project Zero

WiFi Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An activation-locked device can be manipulated to briefly present the home screen Description: An issue existed with handling user input that caused a device to present the home screen even when activation locked. This was addressed through improved input validation. CVE-2017-2351: Sriram (@Sri_Hxor) of Primefort Pvt. Ltd., Hemanth Joseph

Additional recognition

WebKit hardening We would like to acknowledge Ben Gras, Kaveh Razavi, Erik Bosman, Herbert Bos, and Cristiano Giuffrida of the vusec group at Vrije Universiteit Amsterdam for their assistance.

Installation note:

This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

Navigate to Settings
Select General
Select About. The version after applying this update will be "10.2.1".

Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJYgqLhAAoJEIOj74w0bLRGLBMP/2hLYLM6/FsH/npzPbCouZ3a 7WrIax5GAURyvKmeSHYwbZCyDa+U8RoR83xnm25QxVA0SYiqxYQTLavKkdiwL5dL QJHtbltb3BWF0ctkcN4q9dvA13kapdn7zr1Zp3MyvnqlsIuo5acsl8DwgNapxklP 6NNgLFuUUPDITMRX+CZlndS3ldas9nWBHGUw7FfVQd7+SCj8+u6CBpVm03SPjC4E 9rObbrDg6Ur7RW8sYz5TvfQ+JfL8ZJQgjCNLE99AV5n+y1SzUaW5+WgklmJzwabm P6VFCFI3qMctmiHDFh5Ab9eFCspL1ppl8gCj2+eqxCdi9cVPdiOxGUJXkfzUvLCq d68lHHSasRjoVMacMz9ttpR7IAQpM4L9KYgJ/AbwvOFKn5MkxAJYpbU2DDnlg4UY ZyZ8CqmIfZoEgDFSx4+LcfNeMoB0f0eDClXzCZkLMqyc7ZhRWcDPO7UTXl2l5IN9 1BoOZJ4AB6unI9/JmTz9x1mkfOMatsz3Mlw2aoqfYqhBYH4IMruIoIx9L7VawxY9 IZM1fJhEc1PejgZ48X95suaGm3LHzSqXo9gIcJ42SEevqFaoD96I5S+D1eeBOIe7 yvyQ8APU6W3io9vlfQG7oW+mtHg0uPJY6yLj+79NpvAeVHrFHi1Am+A/4uuEZLjZ toC5axX5Dn1ZXgiVJb2H =6bnQ -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0874",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "apple",
        "version": "10.12.2"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "apple",
        "version": "2.2.2"
      },
      {
        "model": "tvos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.1.1"
      },
      {
        "model": "iphone os",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.2.1"
      },
      {
        "model": "watchos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "3.1.3"
      },
      {
        "model": "webkitgtk\\+",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "webkitgtk",
        "version": "2.16.3"
      },
      {
        "model": "mac os x",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.12.3"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.2.1   (ipad first  4 after generation )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.2.1   (iphone 5 or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.2.1   (ipod touch first  6 after generation )"
      },
      {
        "model": "tvos",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.1.1   (apple tv first  4 generation )"
      },
      {
        "model": "watchos",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.1.3   (apple watch all models )"
      },
      {
        "model": "ios",
        "scope": null,
        "trust": 0.6,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "tvos",
        "scope": null,
        "trust": 0.6,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "watchos",
        "scope": null,
        "trust": 0.6,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "30"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.1.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.1.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.3"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.2.2"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.10"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "40"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.1.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "1.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "50"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.9"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.1.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.1.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.5"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.3.5"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.1.1"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "1.0"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.2"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "watchos",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.3.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.1.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.3"
      },
      {
        "model": "tvos",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "tvos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "9.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.2.0"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.1.0"
      },
      {
        "model": "watch os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "3.1.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.0.4"
      },
      {
        "model": "watch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.11"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7"
      },
      {
        "model": "directory pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cosmicperl",
        "version": "10.0.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.03"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.11.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9.5"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.11.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.11.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.11.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.0.1"
      },
      {
        "model": "tv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.10"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.1.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.11.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.11.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.0.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.9.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.1"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.3.4"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.2.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.8.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.11"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.5"
      },
      {
        "model": "macos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.12.2"
      },
      {
        "model": "macos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.12.1"
      },
      {
        "model": "macos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.12"
      },
      {
        "model": "macos",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.12.3"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "db": "BID",
        "id": "95729"
      },
      {
        "db": "BID",
        "id": "95731"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2360"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.2.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.12.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.1.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.1.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.16.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2360"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ian Beer of Google Project Zero.",
    "sources": [
      {
        "db": "BID",
        "id": "95731"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2017-2360",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2017-2360",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-01092",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-110563",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-2360",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-2360",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-01092",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201702-274",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110563",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110563"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2360"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. Apple iOS is a set of operating systems developed for mobile devices; tvOS is a set of smart TV operating systems; Apple watchOS is a set of smart watch operating systems. \n\nApple iOS, tvOS and watchOS have arbitrary code execution vulnerabilities. Failed exploit attempts  will likely result in  denial-of-service conditions. \nVersions prior to iOS 10.2.1, watchOS 3.1.3 and tvOS 10.1.1 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-01-23-1 iOS 10.2.1\n\niOS 10.2.1 is now available and addresses the following:\n\nAuto Unlock\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Auto Unlock may unlock when Apple Watch is off the user\u0027s\nwrist\nDescription: A logic issue was addressed through improved state\nmanagement. \nCVE-2017-2352: Ashley Fernandez of raptAware Pty Ltd\n\nContacts\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Processing a maliciously crafted contact card may lead to\nunexpected application termination\nDescription: An input validation issue existed in the parsing of\ncontact cards. This issue was addressed through improved input\nvalidation. \nCVE-2017-2368: Vincent Desmurs (vincedes3)\n\nKernel\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A buffer overflow issue was addressed through improved\nmemory handling. \nCVE-2017-2370: Ian Beer of Google Project Zero\n\nKernel\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed through improved\nmemory management. \nCVE-2017-2360: Ian Beer of Google Project Zero\n\nlibarchive\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Unpacking a maliciously crafted archive may lead to arbitrary\ncode execution\nDescription: A buffer overflow issue was addressed through improved\nmemory handling. \nCVE-2016-8687: Agostino Sarubbo of Gentoo\n\nWebKit\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Processing maliciously crafted web content may exfiltrate\ndata cross-origin\nDescription: A prototype access issue was addressed through improved\nexception handling. \nCVE-2017-2350: Gareth Heyes of Portswigger Web Security\n\nWebKit\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed through\nimproved memory handling. \nCVE-2017-2354: Neymar of Tencent\u0027s Xuanwu Lab (tencent.com) working\nwith Trend Micro\u0027s Zero Day Initiative\nCVE-2017-2362: Ivan Fratric of Google Project Zero\nCVE-2017-2373: Ivan Fratric of Google Project Zero\n\nWebKit\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2017-2355: Team Pangu and lokihardt at PwnFest 2016\n\nWebKit\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed through\nimproved input validation. \nCVE-2017-2356: Team Pangu and lokihardt at PwnFest 2016\nCVE-2017-2366: Kai Kang of Tencent\u0027s Xuanwu Lab (tencent.com)\nCVE-2017-2369: Ivan Fratric of Google Project Zero\n\nWebKit\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Processing maliciously crafted web content may exfiltrate\ndata cross-origin\nDescription: Multiple validation issues existed in the handling of\npage loading. This issue was addressed through improved logic. \nCVE-2017-2363: lokihardt of Google Project Zero\nCVE-2017-2364: lokihardt of Google Project Zero\n\nWebKit\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: A malicious website can open popups\nDescription: An issue existed in the handling of blocking popups. \nThis was addressed through improved input validation. \nCVE-2017-2371: lokihardt of Google Project Zero\n\nWebKit\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: Processing maliciously crafted web content may exfiltrate\ndata cross-origin\nDescription: A validation issue existed in variable handling. This\nissue was addressed through improved validation. \nCVE-2017-2365: lokihardt of Google Project Zero\n\nWiFi\nAvailable for:  iPhone 5 and later, iPad 4th generation and later,\niPod touch 6th generation and later\nImpact: An activation-locked device can be manipulated to briefly\npresent the home screen\nDescription: An issue existed with handling user input that caused a\ndevice to present the home screen even when activation locked. This\nwas addressed through improved input validation. \nCVE-2017-2351: Sriram (@Sri_Hxor) of Primefort Pvt. Ltd., Hemanth\nJoseph\n\nAdditional recognition\n\nWebKit hardening\nWe would like to acknowledge Ben Gras, Kaveh Razavi, Erik Bosman,\nHerbert Bos, and Cristiano Giuffrida of the vusec group at\nVrije Universiteit Amsterdam for their assistance. \n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"10.2.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJYgqLhAAoJEIOj74w0bLRGLBMP/2hLYLM6/FsH/npzPbCouZ3a\n7WrIax5GAURyvKmeSHYwbZCyDa+U8RoR83xnm25QxVA0SYiqxYQTLavKkdiwL5dL\nQJHtbltb3BWF0ctkcN4q9dvA13kapdn7zr1Zp3MyvnqlsIuo5acsl8DwgNapxklP\n6NNgLFuUUPDITMRX+CZlndS3ldas9nWBHGUw7FfVQd7+SCj8+u6CBpVm03SPjC4E\n9rObbrDg6Ur7RW8sYz5TvfQ+JfL8ZJQgjCNLE99AV5n+y1SzUaW5+WgklmJzwabm\nP6VFCFI3qMctmiHDFh5Ab9eFCspL1ppl8gCj2+eqxCdi9cVPdiOxGUJXkfzUvLCq\nd68lHHSasRjoVMacMz9ttpR7IAQpM4L9KYgJ/AbwvOFKn5MkxAJYpbU2DDnlg4UY\nZyZ8CqmIfZoEgDFSx4+LcfNeMoB0f0eDClXzCZkLMqyc7ZhRWcDPO7UTXl2l5IN9\n1BoOZJ4AB6unI9/JmTz9x1mkfOMatsz3Mlw2aoqfYqhBYH4IMruIoIx9L7VawxY9\nIZM1fJhEc1PejgZ48X95suaGm3LHzSqXo9gIcJ42SEevqFaoD96I5S+D1eeBOIe7\nyvyQ8APU6W3io9vlfQG7oW+mtHg0uPJY6yLj+79NpvAeVHrFHi1Am+A/4uuEZLjZ\ntoC5axX5Dn1ZXgiVJb2H\n=6bnQ\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2360"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "db": "BID",
        "id": "95729"
      },
      {
        "db": "BID",
        "id": "95731"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110563"
      },
      {
        "db": "PACKETSTORM",
        "id": "140689"
      },
      {
        "db": "PACKETSTORM",
        "id": "140687"
      },
      {
        "db": "PACKETSTORM",
        "id": "140686"
      }
    ],
    "trust": 3.06
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-110563",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110563"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2360",
        "trust": 4.0
      },
      {
        "db": "BID",
        "id": "95729",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "95731",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1037668",
        "trust": 1.7
      },
      {
        "db": "EXPLOIT-DB",
        "id": "41165",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU97915630",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01092",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "140744",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-110563",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "140689",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "140687",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "140686",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110563"
      },
      {
        "db": "BID",
        "id": "95729"
      },
      {
        "db": "BID",
        "id": "95731"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "db": "PACKETSTORM",
        "id": "140689"
      },
      {
        "db": "PACKETSTORM",
        "id": "140687"
      },
      {
        "db": "PACKETSTORM",
        "id": "140686"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2360"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ]
  },
  "id": "VAR-201702-0874",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110563"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:05:01.057000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Apple security updates",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht201222"
      },
      {
        "title": "APPLE-SA-2017-01-23-4 tvOS 10.1.1",
        "trust": 0.8,
        "url": "https://lists.apple.com/archives/security-announce/2017/jan/msg00005.html"
      },
      {
        "title": "APPLE-SA-2017-01-23-3 watchOS 3.1.3",
        "trust": 0.8,
        "url": "https://lists.apple.com/archives/security-announce/2017/jan/msg00004.html"
      },
      {
        "title": "APPLE-SA-2017-01-23-1 iOS 10.2.1",
        "trust": 0.8,
        "url": "https://lists.apple.com/archives/security-announce/2017/jan/msg00002.html"
      },
      {
        "title": "APPLE-SA-2017-01-23-2 macOS 10.12.3",
        "trust": 0.8,
        "url": "https://lists.apple.com/archives/security-announce/2017/jan/msg00003.html"
      },
      {
        "title": "HT207485",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht207485"
      },
      {
        "title": "HT207487",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht207487"
      },
      {
        "title": "HT207482",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht207482"
      },
      {
        "title": "HT207483",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht207483"
      },
      {
        "title": "HT207482",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/ht207482"
      },
      {
        "title": "HT207483",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/ht207483"
      },
      {
        "title": "HT207485",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/ht207485"
      },
      {
        "title": "HT207487",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/ht207487"
      },
      {
        "title": "Patch for Apple iOS / tvOS / watchOS arbitrary code execution vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/88792"
      },
      {
        "title": "Multiple Apple product Kernel Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67559"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110563"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2360"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/95729"
      },
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/95731"
      },
      {
        "trust": 1.7,
        "url": "https://support.apple.com/ht207482"
      },
      {
        "trust": 1.7,
        "url": "https://support.apple.com/ht207483"
      },
      {
        "trust": 1.7,
        "url": "https://support.apple.com/ht207485"
      },
      {
        "trust": 1.7,
        "url": "https://support.apple.com/ht207487"
      },
      {
        "trust": 1.7,
        "url": "https://www.exploit-db.com/exploits/41165/"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1037668"
      },
      {
        "trust": 1.2,
        "url": "https://www.apple.com/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2360"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu97915630/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-2360"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/ios/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/accessibility/tvos/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/watchos-2/"
      },
      {
        "trust": 0.3,
        "url": "https://support.apple.com/kb/ht201222"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8687"
      },
      {
        "trust": 0.3,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.3,
        "url": "https://gpgtools.org"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2360"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2370"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2362"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2363"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2354"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2350"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2365"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2356"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2369"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2373"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2355"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2371"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9933"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2361"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2358"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2353"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9934"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8670"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2357"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1248"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/itunes/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2352"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2366"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2351"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2368"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110563"
      },
      {
        "db": "BID",
        "id": "95729"
      },
      {
        "db": "BID",
        "id": "95731"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "db": "PACKETSTORM",
        "id": "140689"
      },
      {
        "db": "PACKETSTORM",
        "id": "140687"
      },
      {
        "db": "PACKETSTORM",
        "id": "140686"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2360"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110563"
      },
      {
        "db": "BID",
        "id": "95729"
      },
      {
        "db": "BID",
        "id": "95731"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "db": "PACKETSTORM",
        "id": "140689"
      },
      {
        "db": "PACKETSTORM",
        "id": "140687"
      },
      {
        "db": "PACKETSTORM",
        "id": "140686"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2360"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "date": "2017-02-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110563"
      },
      {
        "date": "2017-01-23T00:00:00",
        "db": "BID",
        "id": "95729"
      },
      {
        "date": "2017-01-23T00:00:00",
        "db": "BID",
        "id": "95731"
      },
      {
        "date": "2017-02-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "date": "2017-01-24T01:01:17",
        "db": "PACKETSTORM",
        "id": "140689"
      },
      {
        "date": "2017-01-24T00:57:11",
        "db": "PACKETSTORM",
        "id": "140687"
      },
      {
        "date": "2017-01-24T00:51:25",
        "db": "PACKETSTORM",
        "id": "140686"
      },
      {
        "date": "2017-02-20T08:59:04.980000",
        "db": "NVD",
        "id": "CVE-2017-2360"
      },
      {
        "date": "2017-01-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-01092"
      },
      {
        "date": "2019-03-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110563"
      },
      {
        "date": "2017-02-02T04:01:00",
        "db": "BID",
        "id": "95729"
      },
      {
        "date": "2019-04-15T17:00:00",
        "db": "BID",
        "id": "95731"
      },
      {
        "date": "2017-02-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      },
      {
        "date": "2019-03-11T12:59:18.853000",
        "db": "NVD",
        "id": "CVE-2017-2360"
      },
      {
        "date": "2019-04-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "95729"
      },
      {
        "db": "BID",
        "id": "95731"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Apple Vulnerability in the kernel component of a product that allows arbitrary code execution in privileged contexts",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-001551"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-274"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-2360 (GCVE-0-2017-2360)

FKIE_CVE-2017-2360

GSD-2017-2360

CNVD-2017-01092

GHSA-32QP-FH8C-XVWW

CERTFR-2017-AVI-028

Solution

CERTFR-2017-AVI-028

Solution

VAR-201702-0874

Tags

Sightings

Nomenclature