Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-6983 (GCVE-0-2017-6983)
Vulnerability from cvelistv5 – Published: 2017-05-22 04:54 – Updated: 2024-08-05 15:49
VLAI?
EPSS
Summary
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:49:02.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038484",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038484"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT207797"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT207798"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-08T19:57:01",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "1038484",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038484"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT207797"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT207798"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-6983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038484",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038484"
},
{
"name": "https://support.apple.com/HT207797",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207797"
},
{
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name": "https://support.apple.com/HT207798",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207798"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2017-6983",
"datePublished": "2017-05-22T04:54:00",
"dateReserved": "2017-03-17T00:00:00",
"dateUpdated": "2024-08-05T15:49:02.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.3.1\", \"matchCriteriaId\": \"7C1766D9-DF3D-4EDC-9DDB-7762815B85C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.12.4\", \"matchCriteriaId\": \"7D3C1AE1-D2BB-4964-8B15-E6573216DB2A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \\\"SQLite\\\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.\"}, {\"lang\": \"es\", \"value\": \"Se descubri\\u00f3 un problema en ciertos productos de Apple. iOS anterior a versi\\u00f3n 10.3.2 est\\u00e1 afectado. macOS anterior a versi\\u00f3n 10.12.5 est\\u00e1 afectado. El problema involucra el componente \\\"SQLite\\\". Permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario o causar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de memoria y bloqueo de aplicaci\\u00f3n) por medio de un sitio web dise\\u00f1ado.\"}]",
"id": "CVE-2017-6983",
"lastModified": "2024-11-21T03:30:55.110",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2017-05-22T05:29:02.863",
"references": "[{\"url\": \"http://www.securitytracker.com/id/1038484\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://source.android.com/security/bulletin/2017-09-01\", \"source\": \"product-security@apple.com\"}, {\"url\": \"https://support.apple.com/HT207797\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT207798\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1038484\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://source.android.com/security/bulletin/2017-09-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT207797\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT207798\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-6983\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2017-05-22T05:29:02.863\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \\\"SQLite\\\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en ciertos productos de Apple. iOS anterior a versi\u00f3n 10.3.2 est\u00e1 afectado. macOS anterior a versi\u00f3n 10.12.5 est\u00e1 afectado. El problema involucra el componente \\\"SQLite\\\". Permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de aplicaci\u00f3n) por medio de un sitio web dise\u00f1ado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.3.1\",\"matchCriteriaId\":\"7C1766D9-DF3D-4EDC-9DDB-7762815B85C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.12.4\",\"matchCriteriaId\":\"7D3C1AE1-D2BB-4964-8B15-E6573216DB2A\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1038484\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://source.android.com/security/bulletin/2017-09-01\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/HT207797\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT207798\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1038484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://source.android.com/security/bulletin/2017-09-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT207797\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT207798\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
VAR-201705-3987
Vulnerability from variot - Updated: 2023-12-18 11:02An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of WebSQL. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS and macOS are prone to multiple security vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Apple iOS is an operating system developed for mobile devices; macOS Sierra is a dedicated operating system developed for Mac computers. SQLite is one of the C-language-based open source embedded relational database management components developed by American software developer D.Richard Hipp
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-3987",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "eq",
"trust": 1.4,
"vendor": "apple",
"version": "10.12.4"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.12.4"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.3.2 (ipad first 4 generation or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.3.2 (iphone 5 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.3.2 (ipod touch first 6 generation )"
},
{
"model": "safari",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.4"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.3"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.2"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.1"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "50"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "40"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "30"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "macos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.5"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"db": "BID",
"id": "98472"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"db": "NVD",
"id": "CVE-2017-6983"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.12.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6983"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chaitin Security Research Lab",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-366"
}
],
"trust": 0.7
},
"cve": "CVE-2017-6983",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-6983",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-115186",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6983",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6983",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2017-6983",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-968",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-115186",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-6983",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"db": "VULHUB",
"id": "VHN-115186"
},
{
"db": "VULMON",
"id": "CVE-2017-6983"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"db": "NVD",
"id": "CVE-2017-6983"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of WebSQL. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS and macOS are prone to multiple security vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Apple iOS is an operating system developed for mobile devices; macOS Sierra is a dedicated operating system developed for Mac computers. SQLite is one of the C-language-based open source embedded relational database management components developed by American software developer D.Richard Hipp",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6983"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"db": "BID",
"id": "98472"
},
{
"db": "VULHUB",
"id": "VHN-115186"
},
{
"db": "VULMON",
"id": "CVE-2017-6983"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6983",
"trust": 3.6
},
{
"db": "SECTRACK",
"id": "1038484",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU98089541",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4591",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-366",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201705-968",
"trust": 0.7
},
{
"db": "BID",
"id": "98472",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-115186",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-6983",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"db": "VULHUB",
"id": "VHN-115186"
},
{
"db": "VULMON",
"id": "CVE-2017-6983"
},
{
"db": "BID",
"id": "98472"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"db": "NVD",
"id": "CVE-2017-6983"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
]
},
"id": "VAR-201705-3987",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-115186"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:02:50.035000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT207798",
"trust": 1.5,
"url": "https://support.apple.com/en-us/ht207798"
},
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht201222"
},
{
"title": "HT207797",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht207797"
},
{
"title": "HT207797",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht207797"
},
{
"title": "HT207798",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht207798"
},
{
"title": "Apple iOS and macOS Sierra SQLite Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70444"
},
{
"title": "Apple: macOS Sierra 10.12.5, Security Update 2017-002 El Capitan, and Security Update 2017-002 Yosemite",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=a85d2562c7bfeef27c008c1b42b57ce3"
},
{
"title": "Apple: iOS 10.3.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=02bdc4f27af21fbb8c501e6519ce979a"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014September 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=45d9f825c1db6d21aee6f02c00c607a0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"db": "VULMON",
"id": "CVE-2017-6983"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115186"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"db": "NVD",
"id": "CVE-2017-6983"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.apple.com/ht207797"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht207798"
},
{
"trust": 1.2,
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1038484"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6983"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98089541/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6983"
},
{
"trust": 0.7,
"url": "https://support.apple.com/en-us/ht207798"
},
{
"trust": 0.3,
"url": "https://www.apple.com/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/98472"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht207797"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=53836"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"db": "VULHUB",
"id": "VHN-115186"
},
{
"db": "VULMON",
"id": "CVE-2017-6983"
},
{
"db": "BID",
"id": "98472"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"db": "NVD",
"id": "CVE-2017-6983"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"db": "VULHUB",
"id": "VHN-115186"
},
{
"db": "VULMON",
"id": "CVE-2017-6983"
},
{
"db": "BID",
"id": "98472"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"db": "NVD",
"id": "CVE-2017-6983"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-30T00:00:00",
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"date": "2017-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-115186"
},
{
"date": "2017-05-22T00:00:00",
"db": "VULMON",
"id": "CVE-2017-6983"
},
{
"date": "2017-05-15T00:00:00",
"db": "BID",
"id": "98472"
},
{
"date": "2017-06-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"date": "2017-05-22T05:29:02.863000",
"db": "NVD",
"id": "CVE-2017-6983"
},
{
"date": "2017-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-30T00:00:00",
"db": "ZDI",
"id": "ZDI-17-366"
},
{
"date": "2017-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-115186"
},
{
"date": "2017-09-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-6983"
},
{
"date": "2017-05-15T00:00:00",
"db": "BID",
"id": "98472"
},
{
"date": "2017-06-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003808"
},
{
"date": "2017-09-09T01:29:03.423000",
"db": "NVD",
"id": "CVE-2017-6983"
},
{
"date": "2017-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple iOS and OS X of SQLite Service disruption in components (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003808"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-968"
}
],
"trust": 0.6
}
}
FKIE_CVE-2017-6983
Vulnerability from fkie_nvd - Published: 2017-05-22 05:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1766D9-DF3D-4EDC-9DDB-7762815B85C6",
"versionEndIncluding": "10.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3C1AE1-D2BB-4964-8B15-E6573216DB2A",
"versionEndIncluding": "10.12.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en ciertos productos de Apple. iOS anterior a versi\u00f3n 10.3.2 est\u00e1 afectado. macOS anterior a versi\u00f3n 10.12.5 est\u00e1 afectado. El problema involucra el componente \"SQLite\". Permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de aplicaci\u00f3n) por medio de un sitio web dise\u00f1ado."
}
],
"id": "CVE-2017-6983",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-22T05:29:02.863",
"references": [
{
"source": "product-security@apple.com",
"url": "http://www.securitytracker.com/id/1038484"
},
{
"source": "product-security@apple.com",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT207797"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT207798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT207797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT207798"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2017-AVI-283
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 5 septembre 2017
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 5 septembre 2017\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0795"
},
{
"name": "CVE-2017-9150",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9150"
},
{
"name": "CVE-2017-0771",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0771"
},
{
"name": "CVE-2017-11041",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11041"
},
{
"name": "CVE-2017-10998",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10998"
},
{
"name": "CVE-2017-6983",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6983"
},
{
"name": "CVE-2017-0756",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0756"
},
{
"name": "CVE-2017-0773",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0773"
},
{
"name": "CVE-2017-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0796"
},
{
"name": "CVE-2017-10996",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10996"
},
{
"name": "CVE-2017-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0798"
},
{
"name": "CVE-2017-9676",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9676"
},
{
"name": "CVE-2017-0768",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0768"
},
{
"name": "CVE-2017-8250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8250"
},
{
"name": "CVE-2017-0774",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0774"
},
{
"name": "CVE-2017-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0800"
},
{
"name": "CVE-2017-6346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
},
{
"name": "CVE-2017-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0760"
},
{
"name": "CVE-2017-7065",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7065"
},
{
"name": "CVE-2017-0752",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0752"
},
{
"name": "CVE-2017-0758",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0758"
},
{
"name": "CVE-2017-8247",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8247"
},
{
"name": "CVE-2017-0780",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0780"
},
{
"name": "CVE-2017-0789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0789"
},
{
"name": "CVE-2017-0759",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0759"
},
{
"name": "CVE-2017-0777",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0777"
},
{
"name": "CVE-2017-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0755"
},
{
"name": "CVE-2017-11001",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11001"
},
{
"name": "CVE-2017-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0804"
},
{
"name": "CVE-2017-10999",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10999"
},
{
"name": "CVE-2017-10997",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10997"
},
{
"name": "CVE-2017-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0801"
},
{
"name": "CVE-2017-0784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0784"
},
{
"name": "CVE-2017-9076",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9076"
},
{
"name": "CVE-2017-0766",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0766"
},
{
"name": "CVE-2017-7495",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7495"
},
{
"name": "CVE-2017-8280",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8280"
},
{
"name": "CVE-2017-12146",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12146"
},
{
"name": "CVE-2017-0776",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0776"
},
{
"name": "CVE-2017-8251",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8251"
},
{
"name": "CVE-2017-6214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6214"
},
{
"name": "CVE-2017-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0803"
},
{
"name": "CVE-2017-7616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7616"
},
{
"name": "CVE-2017-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0802"
},
{
"name": "CVE-2017-0761",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0761"
},
{
"name": "CVE-2017-0779",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0779"
},
{
"name": "CVE-2017-0788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0788"
},
{
"name": "CVE-2017-0793",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0793"
},
{
"name": "CVE-2017-7487",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7487"
},
{
"name": "CVE-2017-0792",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0792"
},
{
"name": "CVE-2017-0764",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0764"
},
{
"name": "CVE-2017-0772",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0772"
},
{
"name": "CVE-2017-11000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11000"
},
{
"name": "CVE-2017-0753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0753"
},
{
"name": "CVE-2017-0786",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0786"
},
{
"name": "CVE-2017-0787",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0787"
},
{
"name": "CVE-2017-9720",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9720"
},
{
"name": "CVE-2017-0769",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0769"
},
{
"name": "CVE-2017-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0799"
},
{
"name": "CVE-2017-0794",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0794"
},
{
"name": "CVE-2017-9724",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9724"
},
{
"name": "CVE-2017-5897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5897"
},
{
"name": "CVE-2017-9677",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9677"
},
{
"name": "CVE-2017-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0778"
},
{
"name": "CVE-2017-11002",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11002"
},
{
"name": "CVE-2017-0790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0790"
},
{
"name": "CVE-2017-8281",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8281"
},
{
"name": "CVE-2017-0757",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0757"
},
{
"name": "CVE-2017-11040",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11040"
},
{
"name": "CVE-2017-8890",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8890"
},
{
"name": "CVE-2017-0763",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0763"
},
{
"name": "CVE-2017-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8277"
},
{
"name": "CVE-2017-0765",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0765"
},
{
"name": "CVE-2017-8278",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8278"
},
{
"name": "CVE-2017-9725",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9725"
},
{
"name": "CVE-2017-0791",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0791"
},
{
"name": "CVE-2017-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0797"
},
{
"name": "CVE-2017-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0767"
},
{
"name": "CVE-2017-0775",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0775"
},
{
"name": "CVE-2017-0770",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0770"
},
{
"name": "CVE-2017-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0762"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-283",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-09-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 05 septembre 2017",
"url": "https://source.android.com/security/bulletin/2017-09-01"
}
]
}
CERTFR-2017-AVI-155
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iCloud pour Windows versions antérieures à 6.2.1 | ||
| Apple | N/A | tvOS versions antérieures à 10.2.1 | ||
| Apple | N/A | watchOS versions antérieures à 3.2.2 | ||
| Apple | N/A | El Capitan sans le correctif de sécurité 2017-002 | ||
| Apple | N/A | iOS versions antérieures à 10.3.2 | ||
| Apple | N/A | Yosemite sans le correctif de sécurité 2017-002 | ||
| Apple | Safari | Safari versions antérieures à 10.1.1 | ||
| Apple | N/A | iTunes versions antérieures à 12.6.1 sur Windows | ||
| Apple | macOS | macOS Sierra versions antérieures à 10.12.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 6.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 3.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "El Capitan sans le correctif de s\u00e9curit\u00e9 2017-002",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Yosemite sans le correctif de s\u00e9curit\u00e9 2017-002",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 10.1.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iTunes versions ant\u00e9rieures \u00e0 12.6.1 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions ant\u00e9rieures \u00e0 10.12.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2541"
},
{
"name": "CVE-2017-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2494"
},
{
"name": "CVE-2017-2545",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2545"
},
{
"name": "CVE-2017-2540",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2540"
},
{
"name": "CVE-2017-6989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6989"
},
{
"name": "CVE-2017-6983",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6983"
},
{
"name": "CVE-2017-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2520"
},
{
"name": "CVE-2017-2518",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2518"
},
{
"name": "CVE-2017-2514",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2514"
},
{
"name": "CVE-2017-2528",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2528"
},
{
"name": "CVE-2017-2508",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2508"
},
{
"name": "CVE-2017-2524",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2524"
},
{
"name": "CVE-2017-2496",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2496"
},
{
"name": "CVE-2017-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2535"
},
{
"name": "CVE-2017-6979",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6979"
},
{
"name": "CVE-2017-2548",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2548"
},
{
"name": "CVE-2017-2527",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2527"
},
{
"name": "CVE-2017-2544",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2544"
},
{
"name": "CVE-2017-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2511"
},
{
"name": "CVE-2017-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2519"
},
{
"name": "CVE-2017-6988",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6988"
},
{
"name": "CVE-2017-2516",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2516"
},
{
"name": "CVE-2017-2507",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2507"
},
{
"name": "CVE-2017-2499",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2499"
},
{
"name": "CVE-2017-2510",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2510"
},
{
"name": "CVE-2017-6990",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6990"
},
{
"name": "CVE-2017-2531",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2531"
},
{
"name": "CVE-2017-2534",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2534"
},
{
"name": "CVE-2017-2525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2525"
},
{
"name": "CVE-2017-6986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6986"
},
{
"name": "CVE-2017-2547",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2547"
},
{
"name": "CVE-2017-2538",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2538"
},
{
"name": "CVE-2017-6978",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6978"
},
{
"name": "CVE-2017-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2530"
},
{
"name": "CVE-2017-6991",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6991"
},
{
"name": "CVE-2017-6985",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6985"
},
{
"name": "CVE-2017-2526",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2526"
},
{
"name": "CVE-2017-6984",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6984"
},
{
"name": "CVE-2017-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2533"
},
{
"name": "CVE-2017-2543",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2543"
},
{
"name": "CVE-2017-2504",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2504"
},
{
"name": "CVE-2017-6980",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6980"
},
{
"name": "CVE-2017-2515",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2515"
},
{
"name": "CVE-2017-2542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2542"
},
{
"name": "CVE-2017-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2495"
},
{
"name": "CVE-2017-2549",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2549"
},
{
"name": "CVE-2017-2503",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2503"
},
{
"name": "CVE-2017-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2502"
},
{
"name": "CVE-2017-6982",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6982"
},
{
"name": "CVE-2017-2506",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2506"
},
{
"name": "CVE-2017-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2536"
},
{
"name": "CVE-2017-6977",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6977"
},
{
"name": "CVE-2017-2500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2500"
},
{
"name": "CVE-2017-6981",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6981"
},
{
"name": "CVE-2017-6987",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6987"
},
{
"name": "CVE-2017-2546",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2546"
},
{
"name": "CVE-2017-2512",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2512"
},
{
"name": "CVE-2017-2501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2501"
},
{
"name": "CVE-2017-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2513"
},
{
"name": "CVE-2017-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2539"
},
{
"name": "CVE-2017-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2509"
},
{
"name": "CVE-2017-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2521"
},
{
"name": "CVE-2017-2505",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2505"
},
{
"name": "CVE-2017-2498",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2498"
},
{
"name": "CVE-2017-2497",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2497"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-155",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-05-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207801 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207801"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207800 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207800"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207805 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207805"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207798 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207798"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207804 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207804"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207797 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207797"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207803 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207803"
}
]
}
CERTFR-2017-AVI-155
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iCloud pour Windows versions antérieures à 6.2.1 | ||
| Apple | N/A | tvOS versions antérieures à 10.2.1 | ||
| Apple | N/A | watchOS versions antérieures à 3.2.2 | ||
| Apple | N/A | El Capitan sans le correctif de sécurité 2017-002 | ||
| Apple | N/A | iOS versions antérieures à 10.3.2 | ||
| Apple | N/A | Yosemite sans le correctif de sécurité 2017-002 | ||
| Apple | Safari | Safari versions antérieures à 10.1.1 | ||
| Apple | N/A | iTunes versions antérieures à 12.6.1 sur Windows | ||
| Apple | macOS | macOS Sierra versions antérieures à 10.12.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 6.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 3.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "El Capitan sans le correctif de s\u00e9curit\u00e9 2017-002",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Yosemite sans le correctif de s\u00e9curit\u00e9 2017-002",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 10.1.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iTunes versions ant\u00e9rieures \u00e0 12.6.1 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions ant\u00e9rieures \u00e0 10.12.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2541"
},
{
"name": "CVE-2017-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2494"
},
{
"name": "CVE-2017-2545",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2545"
},
{
"name": "CVE-2017-2540",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2540"
},
{
"name": "CVE-2017-6989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6989"
},
{
"name": "CVE-2017-6983",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6983"
},
{
"name": "CVE-2017-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2520"
},
{
"name": "CVE-2017-2518",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2518"
},
{
"name": "CVE-2017-2514",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2514"
},
{
"name": "CVE-2017-2528",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2528"
},
{
"name": "CVE-2017-2508",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2508"
},
{
"name": "CVE-2017-2524",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2524"
},
{
"name": "CVE-2017-2496",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2496"
},
{
"name": "CVE-2017-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2535"
},
{
"name": "CVE-2017-6979",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6979"
},
{
"name": "CVE-2017-2548",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2548"
},
{
"name": "CVE-2017-2527",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2527"
},
{
"name": "CVE-2017-2544",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2544"
},
{
"name": "CVE-2017-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2511"
},
{
"name": "CVE-2017-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2519"
},
{
"name": "CVE-2017-6988",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6988"
},
{
"name": "CVE-2017-2516",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2516"
},
{
"name": "CVE-2017-2507",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2507"
},
{
"name": "CVE-2017-2499",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2499"
},
{
"name": "CVE-2017-2510",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2510"
},
{
"name": "CVE-2017-6990",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6990"
},
{
"name": "CVE-2017-2531",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2531"
},
{
"name": "CVE-2017-2534",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2534"
},
{
"name": "CVE-2017-2525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2525"
},
{
"name": "CVE-2017-6986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6986"
},
{
"name": "CVE-2017-2547",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2547"
},
{
"name": "CVE-2017-2538",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2538"
},
{
"name": "CVE-2017-6978",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6978"
},
{
"name": "CVE-2017-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2530"
},
{
"name": "CVE-2017-6991",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6991"
},
{
"name": "CVE-2017-6985",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6985"
},
{
"name": "CVE-2017-2526",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2526"
},
{
"name": "CVE-2017-6984",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6984"
},
{
"name": "CVE-2017-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2533"
},
{
"name": "CVE-2017-2543",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2543"
},
{
"name": "CVE-2017-2504",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2504"
},
{
"name": "CVE-2017-6980",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6980"
},
{
"name": "CVE-2017-2515",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2515"
},
{
"name": "CVE-2017-2542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2542"
},
{
"name": "CVE-2017-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2495"
},
{
"name": "CVE-2017-2549",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2549"
},
{
"name": "CVE-2017-2503",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2503"
},
{
"name": "CVE-2017-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2502"
},
{
"name": "CVE-2017-6982",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6982"
},
{
"name": "CVE-2017-2506",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2506"
},
{
"name": "CVE-2017-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2536"
},
{
"name": "CVE-2017-6977",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6977"
},
{
"name": "CVE-2017-2500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2500"
},
{
"name": "CVE-2017-6981",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6981"
},
{
"name": "CVE-2017-6987",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6987"
},
{
"name": "CVE-2017-2546",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2546"
},
{
"name": "CVE-2017-2512",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2512"
},
{
"name": "CVE-2017-2501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2501"
},
{
"name": "CVE-2017-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2513"
},
{
"name": "CVE-2017-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2539"
},
{
"name": "CVE-2017-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2509"
},
{
"name": "CVE-2017-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2521"
},
{
"name": "CVE-2017-2505",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2505"
},
{
"name": "CVE-2017-2498",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2498"
},
{
"name": "CVE-2017-2497",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2497"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-155",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-05-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207801 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207801"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207800 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207800"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207805 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207805"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207798 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207798"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207804 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207804"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207797 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207797"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207803 du 15 mai 2017",
"url": "https://support.apple.com/en-us/HT207803"
}
]
}
CERTFR-2017-AVI-283
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 5 septembre 2017
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 5 septembre 2017\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0795"
},
{
"name": "CVE-2017-9150",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9150"
},
{
"name": "CVE-2017-0771",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0771"
},
{
"name": "CVE-2017-11041",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11041"
},
{
"name": "CVE-2017-10998",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10998"
},
{
"name": "CVE-2017-6983",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6983"
},
{
"name": "CVE-2017-0756",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0756"
},
{
"name": "CVE-2017-0773",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0773"
},
{
"name": "CVE-2017-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0796"
},
{
"name": "CVE-2017-10996",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10996"
},
{
"name": "CVE-2017-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0798"
},
{
"name": "CVE-2017-9676",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9676"
},
{
"name": "CVE-2017-0768",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0768"
},
{
"name": "CVE-2017-8250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8250"
},
{
"name": "CVE-2017-0774",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0774"
},
{
"name": "CVE-2017-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0800"
},
{
"name": "CVE-2017-6346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
},
{
"name": "CVE-2017-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0760"
},
{
"name": "CVE-2017-7065",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7065"
},
{
"name": "CVE-2017-0752",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0752"
},
{
"name": "CVE-2017-0758",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0758"
},
{
"name": "CVE-2017-8247",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8247"
},
{
"name": "CVE-2017-0780",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0780"
},
{
"name": "CVE-2017-0789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0789"
},
{
"name": "CVE-2017-0759",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0759"
},
{
"name": "CVE-2017-0777",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0777"
},
{
"name": "CVE-2017-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0755"
},
{
"name": "CVE-2017-11001",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11001"
},
{
"name": "CVE-2017-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0804"
},
{
"name": "CVE-2017-10999",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10999"
},
{
"name": "CVE-2017-10997",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10997"
},
{
"name": "CVE-2017-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0801"
},
{
"name": "CVE-2017-0784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0784"
},
{
"name": "CVE-2017-9076",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9076"
},
{
"name": "CVE-2017-0766",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0766"
},
{
"name": "CVE-2017-7495",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7495"
},
{
"name": "CVE-2017-8280",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8280"
},
{
"name": "CVE-2017-12146",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12146"
},
{
"name": "CVE-2017-0776",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0776"
},
{
"name": "CVE-2017-8251",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8251"
},
{
"name": "CVE-2017-6214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6214"
},
{
"name": "CVE-2017-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0803"
},
{
"name": "CVE-2017-7616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7616"
},
{
"name": "CVE-2017-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0802"
},
{
"name": "CVE-2017-0761",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0761"
},
{
"name": "CVE-2017-0779",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0779"
},
{
"name": "CVE-2017-0788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0788"
},
{
"name": "CVE-2017-0793",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0793"
},
{
"name": "CVE-2017-7487",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7487"
},
{
"name": "CVE-2017-0792",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0792"
},
{
"name": "CVE-2017-0764",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0764"
},
{
"name": "CVE-2017-0772",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0772"
},
{
"name": "CVE-2017-11000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11000"
},
{
"name": "CVE-2017-0753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0753"
},
{
"name": "CVE-2017-0786",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0786"
},
{
"name": "CVE-2017-0787",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0787"
},
{
"name": "CVE-2017-9720",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9720"
},
{
"name": "CVE-2017-0769",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0769"
},
{
"name": "CVE-2017-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0799"
},
{
"name": "CVE-2017-0794",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0794"
},
{
"name": "CVE-2017-9724",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9724"
},
{
"name": "CVE-2017-5897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5897"
},
{
"name": "CVE-2017-9677",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9677"
},
{
"name": "CVE-2017-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0778"
},
{
"name": "CVE-2017-11002",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11002"
},
{
"name": "CVE-2017-0790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0790"
},
{
"name": "CVE-2017-8281",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8281"
},
{
"name": "CVE-2017-0757",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0757"
},
{
"name": "CVE-2017-11040",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11040"
},
{
"name": "CVE-2017-8890",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8890"
},
{
"name": "CVE-2017-0763",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0763"
},
{
"name": "CVE-2017-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8277"
},
{
"name": "CVE-2017-0765",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0765"
},
{
"name": "CVE-2017-8278",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8278"
},
{
"name": "CVE-2017-9725",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9725"
},
{
"name": "CVE-2017-0791",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0791"
},
{
"name": "CVE-2017-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0797"
},
{
"name": "CVE-2017-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0767"
},
{
"name": "CVE-2017-0775",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0775"
},
{
"name": "CVE-2017-0770",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0770"
},
{
"name": "CVE-2017-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0762"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-283",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-09-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 05 septembre 2017",
"url": "https://source.android.com/security/bulletin/2017-09-01"
}
]
}
GHSA-HF78-PCF7-HFG6
Vulnerability from github – Published: 2022-05-17 01:09 – Updated: 2022-05-17 01:09
VLAI?
Details
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Severity ?
8.8 (High)
{
"affected": [],
"aliases": [
"CVE-2017-6983"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-05-22T05:29:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.",
"id": "GHSA-hf78-pcf7-hfg6",
"modified": "2022-05-17T01:09:27Z",
"published": "2022-05-17T01:09:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6983"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT207797"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT207798"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038484"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CNVD-2017-08134
Vulnerability from cnvd - Published: 2017-06-04
VLAI Severity ?
Title
Apple macOS Sierra SQLite SQL查询内存破坏漏洞
Description
Apple macOS是一套运行于苹果Macintosh系列电脑上的操作系统。
Apple macOS Sierra SQLite SQL查询存在内存破坏漏洞,远程攻击者可以利用该漏洞提交特殊的WEB页,诱使用户解析,执行任意代码。
Severity
中
Patch Name
Apple macOS Sierra SQLite SQL查询内存破坏漏洞的补丁
Patch Description
Apple macOS是一套运行于苹果Macintosh系列电脑上的操作系统。
Apple macOS Sierra SQLite SQL查询存在内存破坏漏洞,远程攻击者可以利用该漏洞提交特殊的WEB页,诱使用户解析,执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: https://support.apple.com/en-us/HT207797
Reference
https://support.apple.com/en-us/HT207797
https://nvd.nist.gov/vuln/detail/CVE-2017-6983
Impacted products
| Name | ['Apple IOS <10.3.2', 'Apple macOS <10.12.5'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-6983"
}
},
"description": "Apple macOS\u662f\u4e00\u5957\u8fd0\u884c\u4e8e\u82f9\u679cMacintosh\u7cfb\u5217\u7535\u8111\u4e0a\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple macOS Sierra SQLite SQL\u67e5\u8be2\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684WEB\u9875\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"discovererName": "Chaitin Security Research Lab (@ChaitinTech)",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://support.apple.com/en-us/HT207797",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-08134",
"openTime": "2017-06-04",
"patchDescription": "Apple macOS\u662f\u4e00\u5957\u8fd0\u884c\u4e8e\u82f9\u679cMacintosh\u7cfb\u5217\u7535\u8111\u4e0a\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple macOS Sierra SQLite SQL\u67e5\u8be2\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684WEB\u9875\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apple macOS Sierra SQLite SQL\u67e5\u8be2\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Apple IOS \u003c10.3.2",
"Apple macOS \u003c10.12.5"
]
},
"referenceLink": "https://support.apple.com/en-us/HT207797\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-6983",
"serverity": "\u4e2d",
"submitTime": "2017-05-23",
"title": "Apple macOS Sierra SQLite SQL\u67e5\u8be2\u5185\u5b58\u7834\u574f\u6f0f\u6d1e"
}
GSD-2017-6983
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-6983",
"description": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.",
"id": "GSD-2017-6983"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-6983"
],
"details": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.",
"id": "GSD-2017-6983",
"modified": "2023-12-13T01:21:09.416291Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-6983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038484",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038484"
},
{
"name": "https://support.apple.com/HT207797",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207797"
},
{
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name": "https://support.apple.com/HT207798",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207798"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.12.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-6983"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT207798",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT207798"
},
{
"name": "https://support.apple.com/HT207797",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT207797"
},
{
"name": "1038484",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1038484"
},
{
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"tags": [],
"url": "https://source.android.com/security/bulletin/2017-09-01"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2017-09-09T01:29Z",
"publishedDate": "2017-05-22T05:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…